Skip to main content


Showing posts from 2024

Ukraine's nuclear regulator confirms Chernobyl's post-invasion radiation spikes had an 'abnormal origin'.

First off I would like to provide some context for those readers who are not familiar with this topic. In 2023 I presented at BlackHat USA ' Seeing Through the Invisible: Radiation Spikes Detected in Chernobyl During the Russian Invasion Show Possible Evidence of Fabrication '. Kim Zetter also wrote an investigative  piece . The research materials are publicly available. As I casually discovered a few days ago, around the date I received  the acceptance notification from BlackHat, the paper ' Preliminary assessment of the radiological consequences of the hostile military occupation of the Chornobyl Exclusion Zone ' was submitted to the 'Journal of Radiological Protection'. This paper would be eventually approved and then published in September. So it seems that both investigations were being performed in parallel, but unfortunately we never crossed our paths. There is also a significant detail: this investigation doesn't come from a random guy like me, but

Finding vulnerabilities in Swiss Post's e-voting system: part 3

Exactly two years ago I brought my blog back to life, after many years of hiatus, with " Finding vulnerabilities in Swiss Post’s future e-voting system - Part 1 ". That was the first of a series of blog posts covering that system. During these two years I've been periodically assessing the security posture of this e-voting solution, as part of their Bug Bounty program , which I personally recommend.   Since the first time I reviewed their codebase a lot of things have changed, for good, as many areas have been dramatically improved. To be honest, from a security perspective the codebase back then was kind of a mess.   When the first Swiss Post e-voting platform was published, back in 2019, it faced some public scrutiny, mostly from the academic community.  As a result, some significant issues were uncovered , so eventually Swiss Post decided to suspend the deployment of the system. That first version had been developed by Scytl , Spanish company specialized in electroni