On March 23, 2026, the Hong Kong government changed the implementing rules relating to the National Security Law. It is now a criminal offense to refuse to give the Hong Kong police the passwords or decryption assistance to access all personal electronic devices including cellphones and laptops. This legal change applies to everyone, including U.S. citizens, in Hong Kong, arriving or just transiting Hong Kong International Airport. In addition, the Hong Kong government also has more authority to take and keep any personal devices, as evidence, that they claim are linked to national security offenses.

A core part of the energy transition and of the solutions to meeting energy needs, nuclear energy is a strategic resource that is often a subject of debate. This section aims to respond to the main questions and misconceptions by presenting nuclear energy as clearly as possible. The goal is for everyone to form their own opinion.

The capacity of nuclear energy to ensure our energy independence and to guarantee the production of low-carbon electricity is invaluable for tackling the climate emergency.

1. A Low-carbon energy – Yes, it emits the least greenhouse gases!
2. Constant and controllable energy
3. Competitive energy – Least expensive!!
4. Energy that is essential to the electricity mix
5. Energy that is vital for tomorrow’s world
6. Energy that is sparing in its demand for raw materials – It saves natural resources!
7. Energy that preserves health – It does NOT emit fine particles, nitrogen dioxide, sulfur dioxide, nitrates or phosphates into the atmosphere!
   The plume escaping the reactors? Water vapor. That’s it.

Nuclear power is the most reliable and cleanest form of energy. //

Belgium has accepted reality and embraced nuclear power 20 years after passing phase-out legislation.

The Belgian government intends to acquire all of the “nuclear operations in the country” from the French energy group Engie.

“By doing so, the Belgian Government is taking responsibility for Belgium’s long-term energy future, with the objective of building a financially and economically viable activity that supports security of supply, climate objectives, industrial resilience and socio-economic prosperity,” Engie and the Belgian government said in a joint statement.

The vulnerability and exploit code that exploits it were released Wednesday evening by researchers from security firm Theori, five weeks after privately disclosing it to the Linux kernel security team. The team patched the vulnerability in versions 7.0, 6.19.12, 6.18.12, 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254) but few of the Linux distributions had incorporated those fixes at the time the exploit was released.

A single script hacks all distros

The critical flaw, tracked as CVE-2026-31431 and the name CopyFail, is a local privilege escalation, a vulnerability class that allows unprivileged users to elevate themselves to administrators. CopyFail is particularly severe because it can be exploited with a single piece of exploit code—released in Wednesday’s disclosure—that works across all vulnerable distributions with no modification. With that, an attacker can, among other things, hack multi-tenant systems, break out of containers based on Kubernetes or other frameworks, and create malicious pull requests that pipe the exploit code through CI/CD work flows.

“‘Local privilege escalation’ sounds dry, so let me unpack it,” researcher Jorijn Schrijvershof wrote Thursday. “It means: an attacker who already has some way to run code on the machine, even as the most boring unprivileged user, can promote themselves to root. From there they can read every file, install backdoors, watch every process, and pivot to other systems.”

Belgium is reversing its decades long phasing-out course, seeking more energy independence by reviving its nuclear plants.

The Belgian government signed on Thursday a Letter of Intent to acquire Electrabel's (ENGIE) entire nuclear operations in the country.

Such a move would reverse the phase-out of nuclear energy legislation adopted in the early 2000s amid safety concerns.

Belgian Prime Minister Bart De Wever stated that the country is aiming to reduce its reliance on fossil fuels and gain greater autonomy in managing its own energy supplies.

Scanner

Between 1939 and 1945, Allied planes dropped 3.4 million tons of bombs on Axis powers.

This document takes a look at MeshCentral Router, a Windows application that performs TCP and UDP port mapping from a local machine to any remote computer through a MeshCentral servers. This document should allow the user to Internet relay traffic through NAT routers and firewalls.

FreeBSD can play not only one but three firewalls. Networking is complicated by itself and firewalls can be complex too. So when they mix together your brain may collapse. Pick up one and then learn how the networks function and later how to manipulate the firewall.  One of those three firewalls in FreeBSD is IPFW. The minimal configuration for IPFW is the one written on this article. Don’t think of this firewall as a dumb, too simple firewall solution. Mac OS X, for example, uses it and puts a nice interface in the System Settings so any noob can use it. Although nowadays it’s using another firewall PFCTL I guess it’s from the OpenBSD, it has had IPFW for many years as the default firewall. And quite frankly it has served many users pretty well.

We will edit the main os configuration file with nano.

As always under FreeBSD the /etc/rc.conf file is the one in charge to activate OS level features as well as some other important software. Type this command to set the firewall configuration into the right file:

sudo nano /etc/rc.conf

Now edit the rules so they look as follows.

firewall_enable="YES"
firewall_quiet="YES"
firewall_type="workstation"
firewall_myservices="22 80 443 10000"
firewall_allowservices="any"
firewall_logdeny="YES"

Now you must start up the service in order for the firewall to start working. Type the following order at the terminal prompt.

sudo service ipfw onestart

The numbers appearing in the line firewall_myservices=”22 80…” are the ports the firewall leaves open. The rest of the ports to your server or workstation will remain closed.

The opened ones are the basic to run a web server. Port number 22 is used for remote connections through SSH (secure shell). The number 80 is used by the HTTP protocol and since we are setting up a web server this is mandatory. Something similar happens with the port number 443 but this is the one for the https, which is the http protocol surrounded by an TLS encryption so no one can read the content in it.

Fail2ban is a complementary tool to your firewall. It works by scanning log files and bans IPs which present suspicious activity such as failed logins. It is compatible with many UNIX-like systems and is a security tool to have in your arsenal. It can filter not only ssh logins, but other services too, for example CMS web sites as WordPress or Drupal, repositories such as your own GitLab, and even your Postfix (or other) mail server.

Intrusion prevention framework that bans malicious IPs.

Overview

Fail2ban is an intrusion prevention system written in Python that protects Linux and Unix web servers from brute-force attacks by monitoring log files and banning IP addresses that show suspicious activity. Originally developed by Cyril Jaquier in 2004, fail2ban works by parsing log files through regular expressions, identifying patterns that indicate malicious behavior like repeated failed login attempts, and automatically creating firewall rules to block offending IP addresses for specified time periods.

If the modern Settings UI is broken (sometimes seen after feature updates), the classic Date and Time dialog still works.

• Press Win + R, type timedate.cpl and press Enter.

When the Settings UI is unavailable, Windows provides command‑line tools to set or inspect time zone entries.
Key commands:

• Check current time zone: tzutil /g
• List available time zones: tzutil /l
• Set a time zone: tzutil /s "Time Zone Name" (the Windows time zone string, e.g., "Pacific Standard Time").

what does the service actually do?

Duck DNS is a free service which will point a DNS (sub domains of duckdns.org) to an IP of your choice

age is a simple, modern and secure file encryption tool, format, and Go library.

It features small explicit keys, post-quantum support, no config options, and UNIX-style composability.

Record and share your terminal sessions, the simple way.
Forget screen recording apps and blurry video.
Experience a lightweight, text-based approach to terminal recording.

asciinema [as-kee-nuh-muh] is a free and open source solution for recording terminal sessions and sharing them on the web.

Get things from one computer to another, safely.

This package provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. The two endpoints are identified by using identical "wormhole codes": in general, the sending machine generates and displays the code, which must then be typed into the receiving machine.

The codes are short and human-pronounceable, using a phonetically-distinct wordlist. The receiving side offers tab-completion on the codewords, so usually only a few characters must be typed. Wormhole codes are single-use and do not need to be memorized.

For complete documentation, please see https://magic-wormhole.readthedocs.io or the docs/ subdirectory.

Cryptography engineers have been tearing their hair out over PGP’s deficiencies for (literally) decades. When other kinds of engineers get wind of this, they’re shocked. PGP is bad? Why do people keep telling me to use PGP? The answer is that they shouldn’t be telling you that, because PGP is bad and needs to go away.

There are, as you’re about to see, lots of problems with PGP. Fortunately, if you’re not morbidly curious, there’s a simple meta-problem with it: it was designed in the 1990s, before serious modern cryptography. No competent crypto engineer would design a system that looked like PGP today, nor tolerate most of its defects in any other design. Serious cryptographers have largely given up on PGP and don’t spend much time publishing on it anymore (with a notable exception). Well-understood problems in PGP have gone unaddressed for over a decade because of this.

Two quick notes: first, we wrote this for engineers, not lawyers and activists. Second: “PGP” can mean a bunch of things, from the OpenPGP standard to its reference implementation in GnuPG. We use the term “PGP” to cover all of these things. //

If we’ve learned 3 important things about cryptography design in the last 20 years, at least 2 of them are that negotiation and compatibility are evil. The flaws in cryptosystems tend to appear in the joinery, not the lumber, and expansive crypto compatibility increases the amount of joinery. Modern protocols like TLS 1.3 are jettisoning backwards compatibility with things like RSA, not adding it. New systems support just a single suite of primitives, and a simple version number. If one of those primitives fails, you bump the version and chuck the old protocol all at once.

If we’re unlucky, and people are still using PGP 20 years from now, PGP will be the only reason any code anywhere includes CAST5. We can’t say this more clearly or often enough: you can have backwards compatibility with the 1990s or you can have sound cryptography; you can’t have both. //

This isn’t going to get fixed. To make actually secure email, you’d have to tunnel another protocol over email (you’d still be conceding traffic analysis attacks). At that point, why bother pretending?

Encrypting email is asking for a calamity. Recommending email encryption to at-risk users is malpractice. Anyone who tells you it’s secure to communicate over PGP-encrypted email is putting their weird preferences ahead of your safety.

Get started with Bitwarden through bite-sized courses. Whether you're deploying Bitwarden to your entire organization, setting it up for your family, or just getting started as an individual, these courses have you covered.

Vaultwarden is a lightweight, open-source reimplementation of the Bitwarden server written in Rust. It is fully compatible with all official Bitwarden clients (browser extensions, desktop apps, iOS, Android) and runs on hardware as modest as a Raspberry Pi using under 50 MB of RAM. This guide covers everything: what Vaultwarden is and how it compares to Bitwarden and 1Password, Docker installation, why HTTPS is mandatory and how to solve it without a domain using Localtonet, the correct way to generate the ADMIN_TOKEN with Argon2, how to disable open registration, connecting Bitwarden clients, a complete backup strategy, Fail2Ban brute-force protection, and a dedicated Raspberry Pi section.