Open Security News week 7-2022

Simple cyber security solutions. Openness and transparency builds trust. There are no silver bullets when it comes to cyber security. Risks will never be zero. Using complex and expensive cyber security solutions are not by definition better.

1 Sha256 algorithm explained

Simple is often the best. This internet page is dedicated to learn you the SHA256 algorithm. The site will help you understand how a sha256 hash is calculated from start to finish. All is done online in your browser and step by step visually.

The source code used for creating this site can be found on


2 Attacks and Fixes on Distributed Key Generation Protocols

Great slides based on research on the complicated subject of Distributed Key Generation (DKG). Generating key material without relying on a trusted entity is often desirable for distributed protocols. Properties for centralized protocols are difficult to guarantee in a multi-party setting.

(link to the slides)

3 Secure Communication with Tls

TLS forms the backbone of secure digital communication. This presentation of the 100% virtual FOSDEM 2022 edition covers the many details about the tls protocol and its use of lower-level cryptographic methods. Slides and presentation by Bruce Momjian.


4 A safer Internet starts with more encryption

Security is crucial to a safer Internet, and the only way towards a safer Internet is to take encryption off the debate table The post A safer Internet starts with more encryption  appeared first on Internet Society.

5 An open-source tool for software security

The unfortunate reality of the software security industry is that it’s much easier to attack a system than it is to safeguard it. Now the startup r2c is seeking to make securing software a more seamless experience with an open-source tool for proofreading code. Hackers only need to find one vulnerability to have success, while software developers need to protect their code against all possible attacks.


6 Open Letter to Biden: Cybersecurity needs copyleft and consumers right to repair

Inspired by the log4j situation, The White House recently met with Big Tech on the issue of security vulnerabilities in FOSS used in the nation’s infrastructure. While SBOMs are a useful small step toward hardening the nation’s software infrastructure, we believe the proper solution is to favor copylefted FOSS.


7 Multidimensional Cybersecurity Framework for Strategic Foresight

Cybersecurity is now at the forefront of most organisational digital transformative agendas. This paper outlines a conceptual cybersecurity framework comprising six domains such as Physical, Cultural, Economic, Social, Political and Cyber. The guiding principles underpinning the framework are outlined, followed by in-depth reflection on the Business, Operational, Technological and Human (BOTH) factors and their implications for strategic foresight for cybersecurity.

(arXiv Link)

8 Cybersecurity Challenges Of IoT-enabled Smart Cities: A Survey

The new era of the Internet of Things (IoT) is changing our urban lives in every way. We must consider a new spectrum of security challenges arising from the new context.

(arXiv Link)

9 Microsoft’s Small Step to Disable Macros Is a Win for Security

Word and Excel files you download from the internet just got a whole lot safer. A historic security milestone?


Our partners:


The Open Security newsletter is an overview of cyber security news with a core focus on openness. Pointing out what went wrong after a cyber security breach is easy. Designing good and simple measurements is hard. So join the open Security Reference Architecture collaboration project to create better solutions together. Or become a partner to support this project. Use our RSS or ATOM feed to follow Open Security News.