Share this page!

matt blaze Profile picture
Twitter logo
22 Oct, 6 tweets, 1 min read
My mentions now consist mostly of people who’ve read several blog posts on the subject taking a great deal of time to explain election security to me. Amazingly, this website is still free.
They also tell me I should be nicer.
I should probably read more activist blogs and Twitter feeds if I want to get serious about understanding voting security.
In any event, I’ll definitely look in to <INSERT YOUR FAVORITE SIMPLE SOLUTION TO THE INCREDIBLY COMPLEX PROBLEM THAT I WORK ON PROFESSIONALLY>. I’ve never heard about that approach before, and it sounds very promising.
Don’t worry, I’m definitely not talking about you.
Why am I tweeting about other things rather than engaging with your lengthy rant, Twitter stranger? I think you can safely conclude that it’s because I’m intimidated by your vast knowledge of my field and your superior intellect.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with matt blaze

matt blaze Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @mattblaze

matt blaze Profile picture
15 Oct
A new paper by my colleagues and I on the security risks of “client-side scanning” architectures.
Some coverage of our paper here (but, as always, we urge you to read the paper itself). nytimes.com/2021/10/14/bus…
Building in scanning for illicit content on client computing devices, however laudable the goal, is a radical architectural concept, introducing significant security risks. And so far, specific proposals for client scanning, while often novel, have been less than encouraging.
Read 4 tweets
matt blaze Profile picture
14 Oct
Don’t encode SSNs of people in the HTML of publicly available webpages. And if you do, don’t call the cops if someone notices and (quite responsibly) warns you.
Also, don’t tweet stuff that makes you look like an idiot.
I tweeted this through a multi-step process, by the way.
Read 8 tweets
matt blaze Profile picture
10 Oct
This case reads like a spy novel, and also illustrates the limits of cryptography. He set up encrypted communication and dead drops with a foreign government (even calling the endpoints “alice” and “bob”), but was actually communicating with the FBI.

justice.gov/opa/press-rele…
My guess for COUNTRY1 is France: has subs, independent enough that someone might approach but friendly enough to rebuff the approach and cooperate with the US, not English speaking.
A couple things jumped out at me. As soon as the FBI got the package from COUNTRY1, they clearly took it VERY seriously. Within just a week they had analyzed the SD card and sent an initial response to the Proton account.
Read 9 tweets
matt blaze Profile picture
5 Oct
1. A proper computer science education includes the study of physical security and locks.

2. An angle grinder was absolutely the right thing to do here. Server cages are cheap.
I just hope they wore safety glasses and other appropriate PPE.
Fortunately, angle grinders aren’t yet networked.
Read 4 tweets
matt blaze Profile picture
4 Oct
Imagine if FB owned AWS (or something with a similar footprint) right now.
“The Internet was designed to survive a nuclear war” has always been a myth, but it’s wronger than ever after decades of quiet centralization.
A really bad takeaway from this would be “look how badly FB was engineered”. They no doubt made some (serious) errors, but they’re about as technically good as anyone is at their scale.
Read 6 tweets
matt blaze Profile picture
3 Oct
Spending a lazy sunday afternoon testing faraday bags for phones. (Preliminary results so far: You don’t always get what you pay for, but you never get what you don’t pay for.)
Motivated by the fact that iPhones officially can’t be powered off, which, even if they implement really good privacy protections, will inspire other manufacturers to try similar things, often less carefully.
Some quick preliminary results, testing at 1, 2, 3, 4 , 5 and 6GHz: The expensive (~USD 40-60) phone-size bags from Mission Darkness (sold on Amazon) and EDEC (online store) work reliably well: >60dB attenuation at 1M distance, IF closed properly.
Read 13 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @mattblaze has new unrolls!

Check out other threads from @mattblaze!

Read all threads by @mattblaze

:(