Jurisdiction Is Nearly Irrelevant to the Security of Encrypted Messaging Apps 文章讨论了加密通讯应用的安全性问题。作者指出，只要加密技术实现得当（如端到端加密、密钥管理和透明度日志），无论数据存储在哪个国家都无关紧要。正确的加密设计能防止服务器获取明文信息，并抵御潜在攻击。相比之下，数据存储位置的重要性被夸大。... 2025-7-9 08:25:19 | 阅读: 28 | 收藏 | Dhole Moments - soatok.blog security

Checklists Are The Thief Of Joy 文章讨论了安全和隐私检查表的滥用问题，并指出这些工具常被用于误导用户。作者认为简单比较不同协议（如Signal与MLS）并不适用，并强调正确评估应基于具体威胁模型和深入分析。最终提醒用户警惕营销驱动的检查表，并建议依赖专家评估而非表面清单。... 2025-7-7 16:29:46 | 阅读: 24 | 收藏 | Dhole Moments - soatok.blog mls checklist checklists encryption security

Furries Need To Learn That Sunlight Is The Best Disinfectant AMC+即将推出一部关于Furry群体的新系列剧集，追踪隐藏其中的性虐待者。社交媒体上对此反应激烈：有人支持透明处理问题，有人担心引发更多误解与攻击。作者反对掩盖问题，强调透明与行动的重要性，并引用LGBTQ历史教训说明不解决问题的危害。... 2025-6-12 09:30:41 | 阅读: 20 | 收藏 | Dhole Moments - soatok.blog talking fandom trailer tweet queer

What Does It Even Mean To Be “Great” Anyway? I normally don’t like writing “Current Events” pieces (and greatly prefer focusing on what SEO... 2025-6-3 00:43:12 | 阅读: 18 | 收藏 | Dhole Moments - soatok.blog america unfree violence truly freedom

Tech Companies Apparently Do Not Understand Why We Dislike AI 文章指出科技公司对AI的热情源于他们对人们反对AI的原因缺乏理解。作者列举了对AI的担忧，包括协调不真实行为、传播错误信息、非自愿色情内容和行业失业问题，并强调隐私风险和法律保护不足。呼吁默认关闭AI功能以尊重用户选择。... 2025-5-4 23:0:10 | 阅读: 21 | 收藏 | Dhole Moments - soatok.blog dislike incentive singularity 4th artificial

Retrospective: Five Years Blogging About Cryptography as a Gay Furry Online The history of this blog might very well be a cautionary tail (sic) about scope creep.Th... 2025-4-17 14:0:0 | 阅读: 23 | 收藏 | Dhole Moments - soatok.blog furry dhole myself security wordpress

The Authenticity Drought 文章探讨了网络文化中的不真实性现象，指出内容创作者为追求利益而放弃真诚，并批评AI滥用加剧了这一问题。作者呼吁人们寻找真实与有意义的社交方式。... 2025-4-4 00:23:26 | 阅读: 23 | 收藏 | Dhole Moments - soatok.blog fear furry furries incentive

The Practical Limitations of End-to-End Encryption 文章讨论了端到端加密（E2EE）的误解与局限性。通过特朗普政府误将记者加入Signal群聊的事件，指出E2EE无法防止人为错误或身份验证问题。E2EE保护消息不被中间人窃听，但不能确保交流对象可信。文章还提到E2EE不适合军事用途，并强调加密应以隐私为核心，反对后门。... 2025-3-25 09:21:32 | 阅读: 37 | 收藏 | Dhole Moments - soatok.blog encryption security e2ee military smartphone

Post-Quantum Cryptography Is About The Keys You Don’t Play 文章指出，后量子密码学中标准组织错误地将使用种子和扩展密钥视为同一算法，可能导致私钥传输错误或被攻击。作者建议统一使用种子作为私钥格式以避免安全风险。... 2025-3-17 19:19:7 | 阅读: 33 | 收藏 | Dhole Moments - soatok.blog expanded semi seeds expects expandedkey

On The Insecurity of Telecom Stacks in the Wake of Salt Typhoon 文章描述了一名研究人员在开源电信软件FreeSWITCH中发现了一个缓冲区溢出漏洞，并尝试负责任地披露该问题。尽管开发团队修复了漏洞并公开了补丁，但未计划在短期内发布新版本，导致大量用户仍面临风险。文章还指出电信行业的安全性普遍较差，缺乏有效的激励机制来改善这一状况。... 2025-3-12 04:53:42 | 阅读: 31 | 收藏 | Dhole Moments - soatok.blog github signalwire software telecom security

Shaming Isn’t Shielding: The Moral Panics That Cry Wolf 文章讨论了网络上针对Furry群体的骚扰行为，通过收集私密聊天记录并发布到Google文档中来制造负面舆论。作者指出这种行为并未真正保护儿童或动物，反而加剧了网络上的敌意，并强调理性思考的重要性。... 2025-2-25 07:21:23 | 阅读: 36 | 收藏 | Dhole Moments - soatok.blog furry furries harassment playbook fandom

Reviewing the Cryptography Used by Signal 作者批评Telegram不安全，并解释Signal和Tor的优势。Signal和Tor免费且开源，安全性高。作者强调审计的重要性，并指出Signal的加密技术经过严格审查。... 2025-2-18 12:7:0 | 阅读: 32 | 收藏 | Dhole Moments - soatok.blog security consultants audits promote timebox

Hell Is Overconfident Developers Writing Encryption Code Overconfident developers that choose to write their own cryptography code have plagued the inf... 2025-2-1 02:25:38 | 阅读: 16 | 收藏 | Dhole Moments - soatok.blog developers security rolling roll novel

Too Many People Don’t Value the Time of Security Researchers It’s really not my place to ever command respect from anyone; and that’s not just because I’m... 2025-1-21 14:30:46 | 阅读: 19 | 收藏 | Dhole Moments - soatok.blog security coordinated truly developer

Session Round 2 Last week, I wrote a blog post succinctly titled, Don’t Use Session. Two interesting things ha... 2025-1-20 08:24:6 | 阅读: 33 | 收藏 | Dhole Moments - soatok.blog seeds security rho ed25519 software

Don’t Use Session (Signal Fork) Last year, I outlined the specific requirements that an app needs to have in order for me to c... 2025-1-15 04:24:3 | 阅读: 55 | 收藏 | Dhole Moments - soatok.blog security ed25519 bytearray

Collatzeral Damage: Bitwise and Proof Foolish Let’s talk about the Collatz Conjecture, which is like mathematicians’ original version of thi... 2025-1-6 05:43:36 | 阅读: 44 | 收藏 | Dhole Moments - soatok.blog collatz conjecture chacha arx

Roasted Christmas Spam from Muhu.ai I wrote what I thought would be the final blog post of 2024 last week, and was looking forward... 2024-12-26 13:23:47 | 阅读: 34 | 收藏 | Dhole Moments - soatok.blog franck muhu electis ze php

The Better Daemons Of Our Profession I’ve spent the better part of 2023 and 2024 trying to imagine the specific changes we technolo... 2024-12-18 21:31:22 | 阅读: 46 | 收藏 | Dhole Moments - soatok.blog blame djb adam narrative karen

Ideas and Execution I’ve been known to blog about ideas that I don’t have the time or energy to build myself–from... 2024-12-9 16:8:51 | 阅读: 41 | 收藏 | Dhole Moments - soatok.blog beacon software threshold ciphertext