Dark mode: ON

Infosec Decoded Season 5 #37: Zig

With Doug Spindler and sambowne@infosec.exchange

Recorded Tue, May 13, 2025

Politics

Trump administration mulling end to habeas corpus, legal right to challenge one’s detention

Suspending habeas corpus would be an extremely aggressive move that would dramatically escalate the Trump administration’s efforts to attack the rule of law in American courts as it tries to deport people without giving them a chance to challenge the basis of their removals.

Need cyber talent? Look to prisons, suggests new NASCIO report

The report points to a program administered by the National Cyber Security Training Academy called Second Chances that offers non-violent, low-level offenders who’ve been vetted by a panel to select from six cybersecurity courses aimed at landing them jobs like network field engineer, penetration tester or cybercrime investigator.

Trump envoy relied on Kremlin interpreter in meetings with Putin to end war in Ukraine

Using the Kremlin’s interpreter was “a very bad idea” that put Witkoff “at a real disadvantage,” Michael McFaul, a former U.S. ambassador to Russia, told NBC News.

Almost Half of Tesla Owners Say Their Cars Have Been Damaged Intentionally

Moderna’s Super-Vaccine for Flu and Covid Works—Now Politics Could Sink It

A new trial suggests a combination vaccine may offer equal or better protection against both flu and covid-19 compared to current vaccines.

New pope chose his name based on AI’s threats to “human dignity”

Germ-theory skeptic RFK Jr. goes swimming in sewage-tainted water

US popularity collapses worldwide in wake of Trump’s return

Infosec

Top 5 Fastest Programming Languages: Rust, C++, Swift, Java, and 90 more compared!

Zig is the fastest by far. Here's the breakdown, showing how many times per second they could perform a prime-number finding task:

  1. Zig 10205
  2. Rust 5857
  3. C 1600
  4. C++ 1564
  5. Java 1457

The 'Black Mirror' of dating apps takes California colleges by storm

Ditto, like the “Black Mirror” episode, claims to use AI to run 1,000 possible dates, each with a different match, to generate the most optimal pairing. After that, it finds a time when both parties are available and picks a location. It even comes up with a few starter conversation topics based on why it paired the two people together.

Theranos Fraudster’s Boyfriend Fundraising for New Blood-Testing Company

Holmes is even advising the start-up from the Texas prison where she is serving out an 11-year prison sentence for fraud, sources told NPR. Materials from Evans’ pitch say that the company has invented a prototype of a device that can test blood, saliva, or urine for disease biomarkers in a matter of seconds.

US man finds genius way to charge his Tesla that can be used anywhere, doesn't need a charging port

An American has added solar panels to his Tesla electric car. The system provides 30 miles of charge every eight hours.

A German experiment proved that simple concrete spheres make fantastic batteries. Now, California plans to submerge a 9-meter diameter sphere in the ocean and is already planning versions of 30 meters.

BM Boys: the Nigerian sextortion network hiding in plain sight on TikTok

The men are all based in Nigeria, and their get-rich-quick scheme is blackmailing other social media users – usually based in the United States and other western countries – by posing as potential female romantic interests and tricking their victims into sending nude photos.

You think ransomware is bad now? Wait until it infects CPUs

Rapid7 threat hunter wrote a PoC. No, he's not releasing it. He wrote proof-of-concept code for ransomware that hides in the computer's processor. There are some indications that criminals are moving toward this end goal, from the UEFI bootkits that go back to 2018 and are now sold on cyber-crime forums to allow miscreants to bypass Secure Boot and embed malware into the firmware, surviving operating system reboots. More recently, the 2022 Conti leaks indicated that the ransomware gang's developers were working on firmware ransomware.

ASUS DriverHub flaw let malicious sites run commands with admin rights

DriverHub is ASUS's official driver management tool that is automatically installed on the first system boot when utilizing certain ASUS motherboards. Once installed, the tool remains active and running in the background via a local service on port 53000, continually checking for important driver updates. This allows DriverHub to download and run .exe files from ".asus.com" URLs without user confirmation.

Grok’s AI answers are so good—even Elon Musk fans are upset

Klarna Hiring Back Human Help After Going All-In on AI