What the possible fuck bugs.chromium.org/p/apvi/issues/… I mean obviously OEM platform certs getting compromised is very bad, but this is an extremely WTF way to find out about it!

Opening of Ronin. De Niro walks behind the cafe, cases the joint, hides his gun behind some milk crates. Why? Nobody’s patting him down. It’s a cafe! Why not just go in strapped? This first car chase is great, Stellan Skarsgard riding along in the passenger compartment of an iPhone 4 directing the whole thing.

S’mores? Seriously? British friends: do you really not have graham crackers?

DNSSEC on the orange site front page, so there’s my morning. I wrote a long thing there, if you want to go track it down. About 8 years ago I collected all my arguments against DNSSEC (DNSSEC is bad) into a single blog post, “Against DNSSEC”. It’s on HN this morning, but you can just read it here: sockpuppet.org/blog/2015/01/1…

If I asked 100 people to tell me what this app does, “bank” would come in last, after “social network”, “dating site”, “new phone”, and every other kind of app ever made. But, nope: the answer is “bank”. This is like that episode of The Office where Ryan adds a social network to Dunder Mifflin Infinity. You’re chatting with your friends, you’re talking about the latest music, about the election; all of it is happening in their virtual bank.

They actually bake in Mexico! It’s a whole thing! Chicago is full of panaderías! I thought they couldn’t get worse in the showstopper challenge but then someone busted out the “sweet corn” because it’s “Mexican”.

Holy shit, this “Mexican Week” episode would be an excellent one to have an American expat baker on for. Prue talking about how Mexico is so vibrant and full of color and then you hear front across the tent someone yelling “what the fuck are you saying”

Matrix is not the first group chat system to have this basic flaw, which is apparently non-obvious: if you can’t securely control group membership, the cryptography doesn’t much matter. Nobody ever gets multi-device group messaging right. Here’s an example of it going spectacularly wrong:

A few months ago we did a preview release of Fly Machines, our API for quickly starting/stopping VMs. Here’s a neat application of it: quickly booting an in-cloud instance of VS Code and deploying from it. fly.io/blog/remote-id… We build Machines because we’re growing out of Nomad (which is excellent; think Flask to K8s’s Django). For our own infra, we wanted finer-grained control over VMs than Nomad wanted to give us.

But you build something like this and get to play with it and other uses pop out.

A pretty foundational, far-reaching belief I have about end-to-end encryption is that building systems that have complicated, expensive, impractical-seeming loopholes mostly serves the surveillance state, whose real objective is expanding their budget, not reading your DMs. In other words: by making it harder for state-level adversaries to read your DMs, you can be doing them a favor; they’re not spending their own money to build the incredibly wasteful and complicated intercept systems that’ll spring up in response to almost-good-enough E2E.

Welp. It’s the crypto bug of the year. Mark it down for April. Java 15-18 ECDSA doesn’t sanity check that the random x coordinate and signature proof are nonzero; a (0,0) signature validates any message. Breaks JWT, SAML, &c. neilmadden.blog/2022/04/19/psy… These are my very most favorite crypto bugs and are endemic to asymmetric primitives (similar things happen in SRP and DH).

An orange comment suggests that the infamous “” (the premium software companies charge to link up your single sign-on) is a “dark pattern”. I strongly object. Words mean things.sso.tax The SSO tax exists because it’s a super-effective market seg signal. Overwhelmingly, the companies that need SSO are the least price-sensitive customer cohort. This is 101: charge price-insensitive customers more, so you can charge price-sensitive customers less.

Sort of telling that SSO keeps coming up as a potential killer web3 app; it’s maybe the least promising use of blockchains you could come up with. There are two major use cases for SSO: retail/end-user sign-on to random apps around the Internet, and corporate SSO. SIWA and Google are excellent fits for both, and blockchain for neither.

Ha! This DNSSEC Internet Draft thanks me by name. datatracker.ietf.org/doc/html/draft… This is the funniest fucking thing.

A many-splendored infrasec disaster. Count all the ways DNSSEC sabotaged this infra team.

https://twitter.com/koenrh/status/1465274920691249159

DNSSEC quietly changes the behavior of resolvers even before we get to signature checking — they stop honoring CNAMEs at zone apexes. Even before you push the DS record that “links” your zone to the USG’s PKI. Of course! Who would think otherwise.

This, as they say, is “a take”. I don’t even know what to say.

Today is the deadline for questions to be added to the 2021 Oak Park village ballot and one of our anti-defund trustees just slipped a resolution to add “Should Oak Park defund its police department” to the ballot. If that question hits the ballot it will almost certainly fail _dramatically_, so the pro-defund trustees basically have to vote against it. It’s probably too late for them to introduce a competing resolution with friendlier wording, too.

Why does the Go standard library think an rcode of REFUSED is a temporary error of “server misbehaving”? I just REFUSED you. (The Go stdlib appears to reconnect a _bunch_ of times on REFUSED, is why we noticed; switching REFUSED to NXDOMAIN fixes that problem.)

This is extremely cool. The basic idea: WireGuard is just a network protocol, like any other, and you can drive it from unprivileged userland code… which means you can drive all of TCP/IP from unprivileged userland code, through WireGuard.

https://twitter.com/mrkurt/status/1349772632133087235

Why would you ever want to do that? Well, we expose services on Fly.io over WireGuard (and, for security, over no other interfaces) but not all of our users are going to install OS WireGuard.

This is super smart, and it took me less than 4 minutes to do the same thing for Oak Park, the suburb in which I live.

https://twitter.com/MikeBuresh/status/1347722433025998851

Illinois makes it super easy to send FOIA requests to any municipality (just look up their FOIA officer’s email); it’s free, and they get just 5 days to respond (10 with a written extension) before you can sue and have them pay your legal costs if you win.

This paper is very cool: behavior oracles in interactive systems that reveal successful decryption can, with a bunch of different AEADs incl. GCM and Chapoly, discern which specific key was used in something resembling log k queries. eprint.iacr.org/2020/1491.pdf It’s based in part on the idea of “non-committing AEADs”, which are, roughly, AEADs where the specific key used to encrypt isn’t encoded into the output. For something like GCM, this means it’s straightforward to generate K_1, K_2, and C which decrypts under K_1 and K_2.