Pinned post: I’m mostly posting on BlueSky at

This battle will keep playing out over and over again until they achieve something that their own citizens have made it clear they don’t want.

What’s going to happen here is that crime will happen. And the people who are currently saying “end-to-end encryption is unsafe” will demand exceptions and de-anonymization tools “for real criminals” and it’ll be oh so easy to build.

Oh sure, don’t worry. We have these amazing anonymous credentials, you say. We can make this process totally private, nobody will ever know who you are. Don’t kid yourself for a moment.

Look, I have a lot of problems with age verification. I think it’s a camel’s nose designed to Balkanize the Internet by claiming everything is obscenity. But even in its best case, it is going to end up attaching identity to every website visit. This is a government dream.

Looks like we’re going to get age verification on our phones.

RT @TalBeerySec: 1/ I think I have the answer! (blogpost at the bottom of 🧵).Original Q: How was @WhatsApp able to patch a client-side vuln….

RT @cambridgemike: @matthew_d_green Two of the realms are using HSMs, we will publish the key ceremonies in the not too distant future.

I wrote a bit about X’s new encrypted DMs and the Juicebox protocol.

Details here.

So Trump cancelled the PQC transition? 😂.

An update on the Dr. Xiaofeng Wang situation.

Opened up the document and found this diagram. Am thinking about running.

RT @JHUCompSci: JHU CS’ @matthew_d_green worries that cases like Wang’s could make young engineers from China think twice about studying at….

I have a weird memory that IEEE made standards like 802.11 (or at least the security standards) available for free. But hunting through the trash fire that is the “IEEE GET Program” I can’t find them. Does anyone know where I can find WPA3?.

So my understanding was that Apple Secure Enclaves don’t have a remote device attestation process. But then someone suggested they use something like this to link driver’s licenses to a phone, and I’m trying to figure it out.

It’s weird how people are “opposed to surveillance” only until they get their hands on the surveillance apparatus.

RT @jsrailton: NEW: @Google's @Android 16 to feature optional high security mode. Advanced Protection has a bunch of requested features th….

RT @hyperelliptic: EDRI is raising an alarm over the EC's plan to issue a technlolgy roadmap "lawful access to encrypted data" during Q2 th….

This is fractally embarrassing.