This Bernstein crap drives me up the wall because IT MAKES NO SENSE. Why would the NSA be picking weak crypto to protect US NatSec?! They have mathematicians and clusters in China, too! Dual_EC_DRBG was a NOBUS backdoor. There is NOWHERE to hide a NOBUS backdoor in ML-KEM.

Wonderful news! The kind of thing a lot of software folks across the world have been working to make possible. So stoked the Chrome folks are pushing us forward

It's time to make HTTPS the web's default, and reap the full security benefit from years worth of HTTPS adoption! security.googleblog.com/2025/10/http...

One year from now, Chrome will enable "Always Use Secure Connections" and warn users before plaintext HTTP by default.

Iowa-Rutgers hitting the over? Trump ruined the B1G West.

New post! Stop trying to solve revocation, we already have the answer. dadrian.io/blog/posts/r...

Kirk Herbstreit is going to be the first person to make a Golden Retriever unlikable.

The bigger issue? Microsoft’s root program still trusts this CA, leaving Edge and Windows users exposed in ways Chrome, Firefox, and Safari users aren’t. The pattern is familiar: long-lived trust, weak oversight, systemic risk. It’s time for Microsoft to step up and fund proper root governance. 👇

If you look closely, you can see UNC’s quarterback is not Tom Brady

This game has me feeling like I'm watching Iowa play Iowa.

Sent this to a girl in California and pretty sure she thinks it’s in another language

Come for the PGP dunks, stay for the broader discussion of why encrypted email doesn’t make sense

The first part of this interview with my ex-colleague Alex is a great listen if you're a software engineer (or otherwise technical) and are interested in what we were working on as technologists at the Federal Trade Commission.

NEW EPISODE! An OpenPGP.js bug gave us an excuse to tear encrypted email via PGP to shreds. William Woodruff joined us to explain the vuln & indulge our gnashing of teeth on why email was never meant to be encrypted: securitycryptographywhatever.com/2025/08/22/s... www.youtube.com/watch?v=IoL3...

NEW EPISODE! We chat with friend of the pod and special guest Alex Gaynor, former deputy chief technologist at the FTC and all around good Security Person™. Join for nerdery about WebAuthn, stay for accidentally melting down GitHub APIs around November 2020! youtu.be/gBoGvyvsSi4

And then there’s David.

figma balls

New episode! Come to SCWPodCon, sponsored by Teleport! www.youtube.com/watch?v=tbnh...

🫡 go blue www.michigandaily.com/opinion/edit... #a2council

pew pew pew www.youtube.com/watch?v=vtt8...

Just posted a deep dive on how Chrome integrates with Advanced Protection Mode on Android. security.googleblog.com/2025/07/adva...

Wrote some words about memory safety and JITs. Basically, there are things we want out of hardware, but it's not MTE and it still involves migrating to memory safe languages dadrian.io/blog/posts/m...

We’re not yet sure exactly what quantum computing can do yet, and that’s exactly why we need to think about post-quantum cryptography now, @durumcrustulum.com tells EFF’s Cindy Cohn and @thejasonkelley.com on the new episode of “How to Fix the Internet."

Guide for #a2council to just do things— Step 1: Ask @sstrudeau.bsky.social and @akgood.bsky.social what rules to get rid of. Step 2. Get rid of those rules.

If #a2council would have just done things, instead of wasting time with an expensive and useless comprehensive land use plan, then John U. Bacon wouldn’t be able to post boomer misinformation about it.

Still have one more slot for a sponsor for our annual Vegas event, poke @dadrian.io if you have money.

There is literally a machine that does your laundry.

More like Santa Ono! Disaster! What a bad idea!

Sophie Schmieg + ayahuasca = keymaterial.net/2025/05/23/t...

Behold my favorite weird Chrome security bug of 2025 so far! A jaw-dropping URL / omnibox spoof via ligatures, specifically the googlelogo ligature. issues.chromium.org/issues/39178...

the signatures must flow.

If you have a legitimate reason to get a publicly-trusted HTTPS certificate for a .arpa domain, speak now or forever hold your peace.

if you like Google Advanced Protection Program and run Android, get excited for Android 16: security.googleblog.com/2025/05/adva...

A Chicago Pope implies the existence of an MLA Pope and APA Pope

Ungovernable because none of your software works and you can't get anything done.

Why is the latest version of uBlock Origin Lite asking permission to access all websites now? I love uBO Lite precisely because it doesn't make me trust an extension developer with all my browser security... (Let's not re-debate MV3 unnecessarily please. Will block.)

Alright day one #CharitibundiBowl donation to @newap-georgia.bsky.social is $82 in honor of former Michigan WR #82 Amara Darboh, a refugee of the Sierra Leone Civil War. This country is better off with him in it. @edsbs.bsky.social @hollyanderson.bsky.social

Going to see A Minecraft Film to help me decide between my yearn for the mines and working in the iPhone assembly factories under the Trump tariffs.

Ah yes the jobs where they had to put up suicide nets at the factory because workers were so miserable, bringing this to America is a good thing

UConn leading by: 5 after 1 10 after 2 20 after 3 ... Bueckle Up for the 4th!

Only one response to these tariffs

It’s okay, we’re a football school

Ann Arbor was meant to grow. We just didn’t follow through. In the 1970s, city planners envisioned 150K residents in a compact, connected city. Instead, we built zoning walls around downtown and called it progress. Part 4 of my “Density is Fun” series. #a2council thewychefamily.com/density-is-f...

Eventually, Rust will achieve perfect safety and security, once all CPU cycles are spent on the compiler, and none are spent actually running the compiled binary.

i helped slightly! 😅 #realworldcrypto

Call the shot, make the shot from the Chrome Root Program. security.googleblog.com/2025/03/new-...

Step 1: Make stupid land use decisions. Step 2: Complain things suck. Step 3: Make more stupid land use decisions. Step 4: Things suck more. Step 5: Make more stupid land use decisions. Step 6: Suck increases. Step 7: Make more stupid land use decisions.

For a live summary in bite-size pieces, follow our unofficial scribe, Deirdre Connolly. #realworldcrypto