In light of recent events, I want to remind everyone that *end-to-end encryption* doesn't prevent you from adding the editor of the Atlantic to your private group chats.
I think the one thing that would improve Fedi is more people being absolutely, shamelessly horny
(But also tagging their posts appropriately; i.e., as NSFW)
Newsweek: "Multiple Teslas set on fire in Germany"
Me, who survived hurricanes in Florida where Teslas spontaneously combusted: "Are you sure they didn't just... do that? They tend to just do that."
It's really stupid when people that LARP at threat modeling insist that you can't trust smartphones while posting their opinions publicly in my mentions.
"Focusing too much on E2EE". Yeah right.
Shaming Isn’t Shielding: The Moral Panics That Cry Wolf
Content Warning: This blog post talks about adult themes and sexuality. If you're under 18, sit this one out. If you've been around the furry fandom for a while, you will notice that discourse tends to have a cyclical nature to it. I've written about this topic before. More than once. And even covered it from a security nerd's perspective…
Reviewing the Cryptography Used by Signal
Last year, I urged furries to stop using Telegram because it doesn't actually provide them with any of the privacy guarantees they think it gives them. Instead of improving Telegram's cryptography to be actually secure, the CEO started spreading misleading bullshit about Signal®. Since then, I've been flooded with people asking me about various other encrypted messaging apps…
WordPress 6.8 is due to switch their password hashing to bcrypt, and their application passwords to BLAKE2b.
**Great news:**
They disarmed the 72 char footgun with bcrypt in the way I recommended (HMAC, rather than just SHA2, to prevent hash shucking, and base64 to prevent NUL truncation).
