Posts by filippo@abyssdomain.expert
(DIR) Post #AzGsrY3YatuepWoFNY by filippo@abyssdomain.expert
2025-10-16T15:11:05Z
0 likes, 0 repeats
It's been 14 months since the ML-KEM spec was published.age still isn't PQ because it's waiting for trivial details of the HPKE hybrids to stabilize, but they are blocked on the CFRG.The TLS, SSHM, and LAMPS (X.509) IETF working groups are moving ahead without CFRG. I just posted a plea for HPKE to do the same.https://mailarchive.ietf.org/arch/msg/hpke/i7-rvYTHQVSndfI3Vis8Dli8uv4/
(DIR) Post #AzV8zX2wYFinUhn3cO by filippo@abyssdomain.expert
2025-10-23T12:34:24Z
0 likes, 0 repeats
Serious take: the solution to Safe Browsing false positives like the Immich one is passkeys.Phishing regularly upends people's lives. The Safe Browsing cat-and-mouse with all its opaque false positives will be necessary until we roll out phishing-resistant auth.
(DIR) Post #AzoNxM69ZYkfPE6Xdw by filippo@abyssdomain.expert
2025-11-01T18:26:06Z
0 likes, 0 repeats
I had a bug in my new ML-DSA implementation that caused Verify to reject all signatures. I gave up debugging it (for the day) after half an hour. On a whim, I threw Claude Code at it. Surprisingly (to me!) it one-shotted it in five minutes.A small case study of extremely useful AI tasks which are not generating a bunch of code that then requires review.https://words.filippo.io/claude-debugging/?source=Mastodon
(DIR) Post #B06Xuao7HXdWIGqSjA by filippo@abyssdomain.expert
2025-11-08T00:21:52Z
0 likes, 0 repeats
Just killed the most annoying bug. I was doingSELECT v FROM t WHERE k = ?and thenUPDATE t SET v = ? WHERE k = ? AND v = ?and the UPDATE was not applying?Turns out I was storing nil → NULL, and then reading []byte(stmt.GetText("v")) → []byte("").NULL and the empty BLOB don't compare equal.https://github.com/FiloSottile/sunlight/pull/52/commits/96fb74be886a471f9f7a2121fd5d64ff708ff2d2
(DIR) Post #B06XuigG0e6SiDEIaW by filippo@abyssdomain.expert
2025-11-08T00:21:52Z
0 likes, 0 repeats
I confused myself further by debugging with the CLI, and then turning NULLs into empty TEXTs instead of empty BLOBs.'' and X'' and NULL show the same in the SQLite CLI (by default, see .nullvalue) but they don't compare equal!I love SQLite, but weakly typed columns (by default, see https://www.sqlite.org/stricttables.html) with strongly typed equality is criminal.
(DIR) Post #B0OsOS67shcu8g2W80 by filippo@abyssdomain.expert
2025-11-19T10:14:07Z
3 likes, 3 repeats
So tempted to write a troll thread on how this incident shows Rust has bad error handling and wouldn’t have happened in Go, where we actually handle errors 🫣🫢😜https://blog.cloudflare.com/18-november-2025-outage/#memory-preallocation
(DIR) Post #B0aERDDtXB7PMu0sqG by filippo@abyssdomain.expert
2025-11-24T21:27:14Z
0 likes, 0 repeats
This Bernstein crap drives me up the wall because IT MAKES NO SENSE.Why would the NSA be picking weak crypto to protect US NatSec?!They have mathematicians and clusters in China, too!Dual_EC_DRBG was a NOBUS backdoor. There is NOWHERE to hide a NOBUS backdoor in ML-KEM. Look at the code, there is nothing even remotely public key shaped.
(DIR) Post #B0ahtjHIqTRpZ2YdMW by filippo@abyssdomain.expert
2025-11-24T22:17:27Z
0 likes, 0 repeats
@kasperd I am also more comfortable with hybrids for now, but Bernstein is openly arguing that the NSA is pushing pure PQ as a way to undermine encryption.
(DIR) Post #B0ahtlyyn3Zbx50Xia by filippo@abyssdomain.expert
2025-11-24T22:44:55Z
0 likes, 0 repeats
@oec @kasperdThe IETF is literally publishing multiple hybrid KEM documents, and is publishing hybrids for TLS with RECOMMENDED=Y while pure ML-KEM is being published RECOMMENDED=N.What are you even talking about.
(DIR) Post #B1Zj48B9L5VokkVu88 by filippo@abyssdomain.expert
2025-12-24T12:01:52Z
1 likes, 0 repeats
Really big age release coming tomorrow! 🎅🏻- native post-quantum keys- built-in recipients for hw plugins - age-inspect tool- plugin framework- batchpass plugin- many improved error messageshttps://age-encryption.org
(DIR) Post #B1aU1U38GPPvYp0Fs0 by filippo@abyssdomain.expert
2025-12-24T15:32:38Z
1 likes, 0 repeats
I just booked a last-minute trip to Hamburg for #39C3 ✨Looking forward to seeing folks there. If we are mutuals and you're going too, text me![Edit: found a ticket!]
(DIR) Post #B1gekoTjJwgQRQSOa8 by filippo@abyssdomain.expert
2025-12-27T16:31:33Z
1 likes, 0 repeats
At the https://gpg.fail talk and omg #39c3You can just put a \0 in the Hash: header and then newlines and inject text in a cleartext message.Won’t even blame PGP here. C is unsafe at any speed.gpg has not fixed it yet.
(DIR) Post #B1si0B3gHb8iZgoGTA by filippo@abyssdomain.expert
2026-01-02T17:16:41Z
0 likes, 0 repeats
I just completely vibecoded with exe.dev and Opus 4.5 a backoffice for our FIPS 140 validation, with a separate view for the lab (where they can also upload test vectors), public links for clients, guided scripts for testing, and APIs to upload test results to S3.I have not looked at the code once. It works great.I am... processing this.
(DIR) Post #B1si0CBA7Gia3BJklk by filippo@abyssdomain.expert
2026-01-02T17:16:41Z
0 likes, 0 repeats
I care deeply about the open source ecosystem, so I feel the argument that disposable personalized software is by definition not shared or reused.However, let's be honest here: I would not have built this without LLMs, and no one was going to open source a FIPS 140 backoffice manager.This only displaced a spreadsheet, a local script, a Google Drive folder, a bunch of emails, and error-prone manual processes.
(DIR) Post #B1zDCGMgdrVk2Eha0e by filippo@abyssdomain.expert
2026-01-05T20:26:14Z
1 likes, 1 repeats
PSA: go.sum is not a lockfile.You never need to look at go.sum.go.mod has everything you need.https://words.filippo.io/gosum/?source=Mastodon
(DIR) Post #B2Eaik5XYaoyrCqwyG by filippo@abyssdomain.expert
2025-10-27T13:07:40Z
0 likes, 0 repeats
Extremely happy to see https://sourcespotter.com, a Go Checksum Database monitor and Go toolchain reproducer by @agwa.These use the transparency logs we built into the Go supply chain to keep the Google-operated services honest.You can check your local view of the sumdb matches Source Spotter's with this command:curl --data-binary "@$(go env GOPATH)/pkg/sumdb/sum.golang.org/latest" https://gossip.api.sourcespotter.com/sum.golang.org
(DIR) Post #B2EaikeHTQbuax6h7Y by filippo@abyssdomain.expert
2025-10-27T13:07:41Z
0 likes, 0 repeats
Also, Go can be bootstrapped on multiple operating systems and architectures, from multiple C compilers, all the way to perfectly reproducible toolchain tarballs, and Source Spotter is automatically checking!
(DIR) Post #B2gMpTsxg5VekkGLZI by filippo@abyssdomain.expert
2026-01-26T14:04:52Z
0 likes, 1 repeats
RE: https://wetdry.world/@16af93/115961732893013803Because not using AI tools for what they excel at will produce less secure code.For example, they are great at debugging (https://words.filippo.io/claude-debugging/), they can find real issues in code review, they know more math than me or most of my colleagues, and they can write static analyzers I would have never had the time to write myself.
(DIR) Post #B3Ns4ZUQZjGYr1juq0 by filippo@abyssdomain.expert
2026-02-16T16:04:40Z
1 likes, 0 repeats
(DIR) Post #B3XiT6mvMthz7H3Hiy by filippo@abyssdomain.expert
2026-02-20T19:56:26Z
0 likes, 0 repeats
Dependabot security alerts have terrible signal-to-noise ratio, especially for Go vulnerabilities. That hurts security!Just turn it off and set up a pair of scheduled GitHub Actions, one running govulncheck, and the other running CI against the latest version of your dependencies.Less work, less risk, better results!https://words.filippo.io/dependabot/?source=Mastodon