Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Matthew Green is on BlueSky Profile picture
@matthew_d_green
Sep 17, 2021 6 tweets 2 min read Read on X
Scrolly
So this indictment is puzzling. It concerns Michael Sussman, a lawyer who organized the collection of DNS data from hosting providers allegedly for political purposes. Many of the companies are anonymized, can we tell who they are? (Thread) context-cdn.washingtonpost.com/notes/prod/def…
So we begin with “Internet Company-1”, which is a (major?) DNS resolver. Image
The executive in question (Tech Executive-1) claims to have been offered a position as Hillary Clinton’s cyberczar if she won, so maybe that’s a clue? Image
There are two other Internet companies in here. Internet Company-2 collects DNS data (maybe passively) and Internet Company-3 is maybe a threat Intel company owned by company #2. The executive has ownership interest in all three. Image
In case it isn’t obvious from context, this whole thread is about the Trump-Alfa Bank DNS allegations. Some of these quotes sent between researchers are pretty damning. Image
Overall this is an awful-looking story. The Clinton campaign and sympathetic executives at tech companies ran wild through private DNS data (which apparently has no protections at all) to concoct a narrative, and then dragged university researchers in to help confirm it. Image

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Matthew Green is on BlueSky

Matthew Green is on BlueSky Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @matthew_d_green

Matthew Green is on BlueSky Profile picture
Oct 15
The “age verification” and the “human identification” problem are the same problem. It upsets me to be around people who think they’re working on the first, but don’t understand they’re actually working on the second.
To be really clear: it’s pretty obvious that the central (Internet communication) problem of our time is going to be determining whether the stranger you’re talking to (or delivering ads to) is a person or a bot. And every existing tech we have for doing this will fail.
So how do we do this? Presumably by tightly binding physical identity to your device and then proving possession (with some other bells and whistles). Not coincidentally that’s exactly what age verification is. Weird how corporate and gov’t priorities suddenly align, right?
Read 10 tweets
Matthew Green is on BlueSky Profile picture
Aug 5
Trying to plan a seminar on the topic of “how do we maintain privacy in the coming dystopia” and it’s kind of a thing.
Over the past thirty years we’ve done amazing thing technologically when it comes to anonymity and privacy, and to some extent it was “all theoretical” that we’d need it. That’s all behind us.
So here we are in the bad timeline. Social networks want to jam AI into your encrypted messages; governments want to access your private messages; everyone you maybe once hoped to rely on is either planning to sell you out or else trying to find the fastest way to monetize you.
Read 5 tweets
Matthew Green is on BlueSky Profile picture
Jul 29
I cannot tell what’s going on with Google here. washingtonpost.com/politics/2025/…
Specifically, Google when asked by a US senator could easily have denied that the UK was pressuring them, but instead said this. Image
If you call someone in their home and ask them if someone has a gun to their head, and they say “I can’t talk about that” then you call 911 because that’s what common sense tells you to do.
Read 6 tweets
Matthew Green is on BlueSky Profile picture
Apr 24
It is insane how scary the threat models of encrypted messaging apps providers are.
You have these apps with billions of users. Some of those users are doing huge financial transactions. Some are politicians. Some are coordinating literal national security operations. And all these messages go through a few vulnerable servers.
I think older people (that includes me I guess) think that messaging apps are like AOL Instant Messenger, not used for anything important. It’s completely insane how much of our society now runs on them, and what a total disaster it would be if a couple of major apps were broken.
Read 11 tweets
Matthew Green is on BlueSky Profile picture
Mar 27
Ok, look people: Signal as a *protocol* is excellent. As a service it’s excellent. But as an application running on your phone, it’s… an application running on your consumer-grade phone. The targeted attacks people use on those devices are well known. Image
There is malware that targets and compromises phones. There has been malware that targets the Signal application. It’s an app that processes many different media types, and that means there’s almost certainly a vulnerability to be exploited at any given moment in time.
If you don’t know what this means, it means that you shouldn’t expect Signal to defend against nation-state malware. (But you also shouldn’t really expect any of the other stuff here, like Chrome, to defend you in that circumstance either.)
Read 5 tweets
Matthew Green is on BlueSky Profile picture
Mar 25
You should use Signal. Seriously. There are other encrypted messaging apps out there, but I don’t have as much faith in their longevity. In particular I have major concerns about the sustainability of for-profit apps in our new “AI” world.
I have too many reasons to worry about this but that’s not really the point. The thing I’m worried about is that, as the only encrypted messenger people seem to *really* trust, Signal is going to end up being a target for too many people.
Signal was designed to be a consumer-grade messaging app. It’s really, really good for that purpose. And obviously “excellent consumer grade” has a lot of intersection with military-grade cryptography just because that’s how the world works. But it is being asked to do a lot!
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(