Insecure medical implant company Medtronic finally plugs one of its worst vulnerabilities

Medtronic (previously) is a notoriously insecure medical implant manufacturer whose devices have been repeatedly shown to be grossly insecure -- their pacemakers can be hacked before leaving the factory! Read the rest

Hack-attacks with stolen certs tell you the future of FBI vs Apple

Since 2014, Suckfly, a hacker group apparently based in Chengdu, China, has used at least 9 signing certs to make their malware indistinguishable from official updates from the vendor. Read the rest

Using distributed code-signatures to make it much harder to order secret backdoors

Cothority is a new software project that uses "multi-party cryptographic signatures" to make it infinitely harder for governments to order companies to ship secret, targeted backdoors to their products as innocuous-looking software updates. Read the rest