RT @jonsyu@birdsite.link
15. You will realize that the source of the majority of problems for your blockchain project is that it is built on a blockchain.


Does the US have a group of deniable non-USG-affiliated hackers it can sic on other countries?


To clarify: there are tons of libraries that support AES, various curve operations etc. But we urge people not to implement GCM or reconstruct NIST SP 800-56A from scratch. I’m asking for libraries with good, modern APIs that don’t rule out FIPS.


RT @rachelmetz@birdsite.link
My latest: a deep dive into PimEyes, a mysterious facial-recognition website that may be even scarier than Clearview AI, since anyone with internet access can use it. edition.cnn.com/2021/05/04/tec


RT @sdw@birdsite.link
Signal made Instagram ads that shows users how much Facebook knew about them.

Facebook banned them.

“Being transparent about how ads use data is enough to get banned; in Facebook’s world, the only acceptable usage is to hide what you’re doing.”



RT @gannimo@birdsite.link
Folks, the registration for @wootsecurity is open at hopin.com/events/ieeesp2021 and only $50 (regular) or $35 (student). Also, we have free registrations for up and coming hackers. Apply before 05/13 at:docs.google.com/forms/d/e/1FAI


If you’re writing new code and need a good crypto library, where FIPS is (an eventual) requirement: which libraries can you use? Are the libsodium algorithms all now FIPS-compliant?


A: We need a currency that is free of wicked governments.

B: How will we know if it’s delivering value?

A: The market will tell us!

B: What about externalities?

A: It’s the government’s job to ensure those are priced in!


The cypherpunk ethos, as I understood it, was: we will take power from governments because they are not moral actors.

This carried an implied moral obligation. If we bypass governments, moral decisions will be *on us*. You can’t look to Washington or Beijing for help or blame.


RT @AaronToponce@birdsite.link
I've been served legal threats by @what3words. Both via email and post.

I am complying with all their demands. This is not a battle worth fighting.

Just let it be known however, they are evil.


I figured out how to connect to the local college mainframe and eventually wrote a chat program that was a lot like Twitter. It was a terrible piece of garbage and everyone hated it (there were much better programs on the system written not in BASIC) but it was my first love. twitter.com/RayRedacted/status


RT @RayRedacted@birdsite.link
Question: What is your hacker "origin story"?
QT or reply with your first hack(s).

Here is mine:


RT @VTeagueAus@birdsite.link
Unfortunately they didn't want to give me their private key


I don’t know if we’re expected to take this seriously or not, but trying to: is the contention that the 2,281 bugs introduced by developers are all as useful as a few malicious patches?


RT @TheBaltimoreSon@birdsite.link
I call this photo “Banana peel inside two masks on top of parking meter, Baltimore”


Also: WTF. Someone developed a tool to try to find bugs and submitted patches, and you’re calling it “experimenting on non-consenting humans”? That’s a lot over the top.



birdsite.link is one server in the network