If you want a VPN you can trust, deploy your own with AlgoVPN: https://github.com/trailofbits/algo

We're a bit non-committal about who this affects in the blog, but phew man, there are a lot of agent systems that will fall victim to this general class of attack.

Hi! I'm the author of this PR and the maintainer for Algo. Claude Code has been a tremendous help dealing with a project of this scope and size. This PR to eliminate storing lots of sensitive data on the host was an interest of mine for a while, but Claude Code let me finally make progress on it. I tried to strike a balance between security and privacy (you need logs to investigate issues!). Let me know what you think. Thanks!

Hi all, CEO of Trail of Bits here. PajaMAS includes all our guidance for building multi-agent systems securely, including core design principles, a multi-agent security checklist, and framework selection criteria. Hope it helps!

This is cool, and I'm glad to see someone doing this, but I also feel obligated to mention that you can also just quickly deploy your own VPN server that only you have access to with AlgoVPN: https://github.com/trailofbits/algo

In case anyone is looking for them, here are the exploits for these EOL devices. I avoided allowing Trail of Bits to release exploits for 13 years, but I decided it was finally time for a policy change. We'll be dropping a lot more as time goes on now.

Here's the exploit for the Netgear WGR614v9: https://github.com/trailofbits/exploits/tree/main/junkyard-2...

Here's the exploit for the BitDefender Box 1: https://github.com/trailofbits/exploits/tree/main/junkyard-2...

There's a lot of included detail so you can learn how to write your own and really understand every decision we made in writing them.

Please stop putting salespeople in charge of highly technical product companies like Sonos. I'm so glad that Tom Conrad is an engineer by training. I hope he can turn this mess around.

The key technical change that broke Sonos was abandoning their reliable UPnP (Universal Plug and Play) system for device discovery in favor of mDNS, while also shifting from direct device communication to a cloud-based API approach. This new architecture made all network traffic encrypted and routed through Sonos cloud servers (even for local operations), adding significant overhead and latency, especially for older Sonos devices with limited processing power. They also switched from native platform-specific UX frameworks to a JavaScript-based interface while moving music service interactions through their cloud instead of direct SMAPI calls, resulting in slower performance and reduced functionality.

For a more extended discussion, see this excellent LinkedIn post from Andy Pennell, a principal engineer at Microsoft with a deep technical understanding of Sonos systems. He created one of the most successful third-party Sonos apps for Windows Phone and worked directly with Sonos on their official Windows Phone 8 app.

https://www.linkedin.com/pulse/what-happened-sonos-app-techn...

Strong recommend on using meow.com. You can get interest on your primary checking account, and easy access to high yield treasury management services.

I’ve been following the Evolve Bank fallout on the FinTech Weekly newsletter, and the whole situation scares me about Mercury. I used to bank with them, but the sanctions by the Federal Reserve and the continued disclosures about lacking KYC and money laundering controls has me worried there are other problems.

For fun things you can do with a good working jailbreak, check out this integrity validator that checks if your phone is free of malware by exploiting it: https://github.com/trailofbits/ios-integrity-validator