fsebugoutzone.org:9999

       Post B2aOEkGH99aeTETNom by soatok@furry.engineer
 (DIR) More posts by soatok@furry.engineer
 (DIR) Post #B2aOEHEr3MDqSQaL4q by soatok@furry.engineer
       2026-01-23T15:24:36Z
       
       0 likes, 0 repeats
       
       harmless design decision + obvious thing to do by default + sensible trade-off that minimizes support burden for dev teams + obvious thing to do = CVSS 10
       
 (DIR) Post #B2aOEIw8juRNixqQBU by soatok@furry.engineer
       2026-01-23T15:26:39Z
       
       0 likes, 0 repeats
       
       common programming habit + LGTM + unit tests pass + static analysis is good + (optional) the fucking thing compiles = oops I got your private key
       
 (DIR) Post #B2aOEKXklY7chuRyS0 by soatok@furry.engineer
       2026-01-23T15:27:48Z
       
       0 likes, 0 repeats
       
       The security nerds haven&#39;t commented yet because this pattern-matches to way too many vulns to know which one I&#39;m talking about yet
       
 (DIR) Post #B2aOELqDwMUUjU6Esa by soatok@furry.engineer
       2026-01-23T15:32:33Z
       
       0 likes, 0 repeats
       
       A while ago, @SwiftOnSecurity started writing Decent Security, about personal computers and mobile device security.Appsec (writing secure software) is less friendly because everything you learned about programming becomes suspect.Why can&#39;t I just combine user data into this SQL query string if I&#39;m careful enough? I know about Bobby Tables. I&#39;ll sanitize my inputs!!!Bam, SQL injection because integers can be used to reference column names in some injected queries.
       
 (DIR) Post #B2aOEMyPjOdWFAwIHg by soatok@furry.engineer
       2026-01-23T15:40:58Z
       
       1 likes, 1 repeats
       
       There&#39;s been a lot of &quot;excitement&quot; from business types about using LLMs to find vulnerabilities in source code. Naturally, the goal is to cheapen labor and extract more value for themselves. But I do suspect they&#39;re going to fall on their own sword with this one.Not every vulnerability is obvious. Something can look fine and be the Achilles&#39; heel that wrecks your shit. Something can look incredibly dangerous but end up being a NOP.If people think their stochastic parrot can do a better job than humans, point them at OpenSSL or libgcrypt, and then have someone with relevant experience interrogate the &quot;findings&quot; before you waste the developers&#39; time. I can guarantee almost everything they complain about will be a false positive with even the shallowest scrutiny.
       
 (DIR) Post #B2aOEOQSKcf4kR4CdE by soatok@furry.engineer
       2026-01-23T15:46:24Z
       
       0 likes, 0 repeats
       
       There&#39;s another dimension to this.Attackers don&#39;t always choose the same targets that you think are highest value. Why attack your hardened authentication gateway when the marketing team has an unpatched WordPress 3.1 blog sitting right there talking to your production MySQL database?
       
 (DIR) Post #B2aOEPtCtDFnHtWg5I by soatok@furry.engineer
       2026-01-23T15:47:30Z
       
       0 likes, 0 repeats
       
       Every time you talk seriously about security-in-practice you will find yourself circling around this point:https://infosec.exchange/@dymaxion/109344795644687902
       
 (DIR) Post #B2aOER0KkCY4kHrspc by soatok@furry.engineer
       2026-01-23T15:50:37Z
       
       0 likes, 0 repeats
       
       On the topic of &quot;political problems&quot;, sometimes you have attack vectors that nobody in the C-Suite considers an attack vector, like the FBI demanding the BitLocker disk encryption keys for Windows users.https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/Cryptographers have been complaining about this for decades. @matthew_d_green coined the term &quot;Mud Puddle Test&quot; to talk about it.https://blog.cryptographyengineering.com/2012/04/05/icloud-who-holds-key/
       
 (DIR) Post #B2aOESUVDWH7M8zUUi by soatok@furry.engineer
       2026-01-23T15:54:11Z
       
       0 likes, 0 repeats
       
       While working on https://publickey.directory, two really annoying problems cropped up.What if someone demands their data be stricken from the transparency log, as is their right under the EU&#39;s GDPR?What if someone legitimately loses access to all their secret keys (catastrophic hardware failure) and wants their instance admin to be able to restore their ability to use E2EE?When I say &quot;annoying problems&quot;, I do NOT mean the people that would experience them are annoying.I mean they are annoying because they are fundamentally incompatible with the simplest possible solution.
       
 (DIR) Post #B2aOETngLhD9PuyK1o by teajaygrey@snac.bsd.cafe
       2026-01-23T19:17:26Z
       
       0 likes, 0 repeats
       
       While working as IT Admin for iSEC Partners (coincidentally, while dymaxion was also a coworker, though tbh I don&#39;t see eye to eye on the &quot;all technical problems of sufficient scope or impact are actually political problems first&quot; some insanely impactful off by one errors I don&#39;t think were political at all, just: errors in need of rectifying, them becoming politicized is overstating it. Admittedly, I agree with the sentiment, just not the reality), I had something similar to #2 occur with one of my users. It should be noted: this user had an MS in Computer Security.Standard operating procedure was to use FDE (e.g. BitLocker on Windows, OS X at the time didn&#39;t have FileVault 2 [as an aside: I was in the hotel room when h1kari created a 10x speed up to @rpw@chaos.social &amp; ioerror&#39;s VileFault attack against the original FileVault via FPGA during 23c3 e.g. https://media.ccc.de/v/23C3-1642-en-unlocking_filevault#t=2222 [timestamp isn&#39;t quite precise, sort of around the 37 minute mark is when h1kari&#39;s stuff starts or here&#39;s a similar presentation on such research from Shmoocon 2007: https://youtu.be/3XSp8-jA29s?t=1017 which is a bit closer to the relevant research] and whatever FDE we did use was a total pain any time Apple shipped an OS update, and our Linux and BSD users were left in greener pastures with less annoying solutions, but I digress) and escrow keys to a USB stick which was handed off to IT and kept locked up in case it may be needed for recovery, rather than escrowing keys online. It still boggles my mind that BitLocker (and these days, Apple&#39;s FileVault 2) have key escrow &quot;to the &#39;cloud&#39;&quot; or Active Directory as options, given how to me at least, that only increases an attack surface.Said user approached me asking for their recovery key, as they encountered some situation where BitLocker was throwing errors and laptop was unbootable [this happens insanely often, or at least did]. &quot;No problem, here you go&quot; (hands escrowed USB key to user, thinking my job is done.)Them (after going away for a while and coming back to my desk): &quot;Umm: it&#39;s not working.&quot;Me: &quot;Oh no! (scrambles to see if I have another key for said individual) Well, I don&#39;t have any other keys for you. I&#39;m not sure what else to say?&quot;I then got to hear a story of how said user was at a client site, and had encountered some issue, and ended up decrypting their drive, then re-encrypting it, but I guess they had overwritten the USB drive when they re-escrowed their key locally and never got around to re-escrowing their new BitLocker key to IT.In retrospect, this was probably an opportunity for me to purchase software from ElcomSoft and expense it on the corporate credit card and cross fingers and hope maybe we could crack it. Or otherwise image the drive and see if we couldn&#39;t come up with some other novel technique and present our findings at some future conference.But the user kind of needed things faster than any of that, and alas, should have known better than to expect IT to be able to pull a rabbit out of my hat when they failed to follow the standard operating procedure and never got around to re-escrowing their new keys to IT. ;(&quot;Crypto shredding&quot; as you phrase it is becoming more prevalent, particularly in an era where more and more vendors are soldering NAND flash to motherboards (dear Apple, you greedy jerks: stop doing this! Thankfully dosdude1 and others have workarounds, but it is so wasteful. I can understand needing to specify RAM at time of purchase due to &quot;unified memory&quot; performance improvements, but the SSDs are on a completely different bus and making them hardwired is a cost cutting move, nothing else. Thankfully some newer Apple hardware [e.g. Mac Studios and Mac Minis] stopped being as stupid I guess.) In theory, it is certainly better than using Gutmann methods for securely wiping drives (and Gutmann&#39;s method hasn&#39;t been accurate in a very long time anyway) but I, and others, have my doubts and at least at iSEC Partners, physically shredding old drives was also standard operating procedure.There are, OFC, other perilous things you&#39;ve written about Session (twice!) and its removal of PFS (Perfect Forward Secrecy) was damning enough, but they also have some sort of &quot;recovery key&quot; implying that users&#39; (presumably, encrypted I guess) message history is stored forever in the &quot;cloud&quot;. What could possibly go wrong? 🙄
       
 (DIR) Post #B2aOEXpbMV7hv1tuZk by soatok@furry.engineer
       2026-01-23T15:59:28Z
       
       0 likes, 0 repeats
       
       For the first issue, I wrote https://soatok.blog/2024/11/21/key-transparency-and-the-right-to-be-forgotten/ in 2024.It made the spec more complicated, but  operators being able to run a command line script instead of dealing with lawyers is a win.For the second issue, which was documented in https://utcc.utoronto.ca/~cks/space/blog/tech/AccountRecoveryHardPKIProblem before I devised a solution, BurnDown + Fireproof were introduced to support a balanced approach.Power users (esp. the kinds of people governments would target, such as journalists, activists, and whistleblowers) can become immune to BurnDown. But if they lose their keys, they&#39;re SOL.Everyone else can recover access by having their instance admin issue a BurnDown and starting over with a fresh keypair.Passing the Mud Puddle Test was important to me, but being usable by real people who aren&#39;t 100% perfectly disciplined all the time is even more important.
       
 (DIR) Post #B2aOEenNTAVHW9uja4 by soatok@furry.engineer
       2026-01-23T16:12:01Z
       
       0 likes, 0 repeats
       
       With respect to the @dymaxion toot I quote frequently:There are myriad political problems surrounding the development and adoption of cryptography tooling.Is this the right balance for everyone? Probably not. I anticipate someone will write an E2EE client someday that forces users to be Fireproof with PKDs (and refuses to chat with anyone that isn&#39;t), even to their own detriment, and some folks on Hacker News will cargo-cult that as the only secure client to use for E2EE on Fedi. And then I will have a headache to deal with.I also anticipate some governments considering using GDPR-like takedown demands to cover up their own crimes against their citizens. (Mitigating that might require operators having the sensibility to back up the keys they&#39;re shredding in their online service and have their lawyers hold onto it.)But at the end of the day, what I&#39;m building are merely tools, not panaceas.
       
 (DIR) Post #B2aOEkGH99aeTETNom by soatok@furry.engineer
       2026-01-23T16:18:21Z
       
       0 likes, 0 repeats
       
       Anyway, I&#39;m going to log off fedi and get back to group therapy for abused programming languages work.If this pops off while I&#39;m afk:Hi, I&#39;m Soatok, a gay furry cryptography nerd. I blog at https://soatok.blog and once led a charge to fund a library because the local mayor is a bigot and wanted to illegally withhold their funding.