Categories
Badness Furry Fandom Social Media

Furry Amino Sucks at Art Attribution

Over the weekend, I decided to make an account on Furry Amino. My reasoning at the time was, “A lot of furries lurk there, I should see what it’s about.” That was a bad move that I’d like to discourage others from making. What’s Furry Amino? Furry Amino is a furry-centric community on the Amino […]

Categories
Badness Politics Society Technology

Blue Alerts: Security Theater and Copaganda

Last week, Floridians were startled by an emergency alert sent to all of our cell phones. Typically when this sort of alert happens, it’s an Amber Alert, which means a child was abducted. In Florida, we sometimes also receive Silver Alerts, which indicates that an Alzheimer’s or dementia patient has gone missing. (Florida has a […]

Categories
Furry Fandom Technology

A Furry’s Guide to Telegram

A question I often get–especially from cryptography experts: What is it with furries and Telegram? No, they’re almost certainly not talking about that. Most furries use Telegram to keep in touch with other members of our community. This leads many to wonder, “Why Telegram of all platforms?” The answer is simple: Stickers. Telegram was the […]

Categories
Badness Cryptography Meta Society

On the Word “Nonce” in Cryptography and the UK

Earlier today, I made a Twitter shitpost that confused a lot of folks from the UK. Now, anyone can be forgiven for not knowing what AES-GCM-SIV is, or for being confused by the grammar of the meme. But the source of confusion was the word “nonce”. Let’s talk about what the word “nonce” means in […]

Categories
Cryptography Software Security Technology

Dead Ends in Cryptanalysis #2: Timing Side-Channels

Previously on Dead Ends in Cryptanalysis, we talked about length-extension attacks and precisely why modern hash functions like SHA-3 and BLAKE2 aren’t susceptible. The art and science of side-channel cryptanalysis is one of the subjects I’m deeply fascinated by, and it’s something you’ll hear me yap about a lot on this blog in the future. […]

Categories
Furry Fandom Society

Why Furries Make Excellent Hackers

Briefly explaining the Infursec prevalence within InfoSec

Categories
Badness Social Media Technology

A Balanced Response to Allen Gwinn

Responding to “Our cybersecurity ‘industry best practices’ keep allowing breaches”

Categories
Badness Society

Avoiding the Frigid Hellscape of Online Marketing

An Internet Marketer Offered Me $100 to Betray Myself and My Community

Categories
Furry Fandom

World Dhole Day 2021

Join us on May 28 for World Dhole Day in support of the Dhole Conservation Fund.

Categories
Society

Why I Chose to Be Vaccinated Against COVID-19

#WhyIGotVaxxed

Categories
Society

Against Hierarchies

One of the funniest concepts for a YouTube channel has to be TierZoo, which treats the animal kingdom as an MMORPG and animal species as different classes within this hypothetical game, and then proceeds to analyze it the same way gamers analyze the “meta” for a given season of a game. Tier lists are just […]

Categories
Cryptocurrency Furry Fandom Politics Society

A Furry’s Guide to Cryptocurrency

Normally when you see an article that talks about cryptocurrency come across your timeline, you can safely sort it squarely into two camps: For and Against. If you’re like me, you might even make a game out of trying to classify it into one bucket or the other from the first paragraph–sort of like how […]

Categories
Furry Fandom Society

The Furry / Sexuality Blog Post

Sexuality and the Furry Fandom.

Categories
Furry Fandom Meta

No, It’s Not Just You That’s Having a Hard Time Lately

I’m not going to mince words on this one. No, it’s not just you. No, it’s not your fault. No, nobody knows what to do about it. Recently, a lot of furry artists and content creators have expressed a sentiment of frustration and listlessness with their own work. (Both privately and publicly.) This is usually […]

Categories
Cryptography

Understanding Extended-Nonce Constructions

How and why XSalsa20/XChaCha were designed, and why they’re secure.

Categories
Badness Society

No Gates, No Keepers

The technology industry is hurt at every level by toxic gatekeeping.

Categories
Cryptography Software Security

Cryptography Interface Design is a Security Concern

Cryptographers and cryptography engineers love to talk about the latest attacks and how to mitigate them. LadderLeak breaks ECDSA with less than 1 bit of nonce leakage? Raccoon attack brings the Hidden Number attack to finite field Diffie-Hellman in TLS? And while this sort of research is important and fun, most software developers have much […]

Categories
Badness Cryptography Software Security Technology Vulnerability

On The Toxicity of Zed A. Shaw

Boycott Zed Shaw’s writing. (With bonus zero-days in his work.)

Categories
Cryptography

Crackpot Cryptography and Security Theater

Tales from the Crypt[ography].

Categories
Social Media Technology

Twitter’s Birdwatch is Fundamentally Flawed

The fatal flaw of Birdwatch’s current design and how it can be fixed.

Categories
Society

No, You’re Not a “Sigma Male”

“Sigma Male” is just the latest trend in pick-up artist/involuntary celibate/anti-feminist grifting.

Categories
Cryptography Software Security

Please Stop Encrypting with RSA Directly

RSA is for encrypting symmetric keys, not entire messages. Pass it on.

Categories
Furry Fandom

Welcome to the Furry Fandom

Welcome to the furry fandom, please enjoy your stay! ^w^

Categories
Cryptography

Block Cipher Structures: Ranked

An opinionated curation of different classes of block ciphers, ranked by an opinionated furry.

Categories
Badness Online Privacy Technology Vulnerability

Masks Off for TheDonald.win

The server for thedonald.win is hosted at 167.114.145.140. Read on to learn how I discovered this.

Categories
Meta

The Story So Fur

A recap of Dhole Moments in the year 2020.

Categories
Cryptography

Cryptographic Wear-Out for Symmetric Encryption

As we look upon the sunset of a remarkably tiresome year, I thought it would be appropriate to talk about cryptographic wear-out. What is cryptographic wear-out? It’s the threshold when you’ve used the same key to encrypt so much data that you should probably switch to a new key before you encrypt any more. Otherwise, […]

Categories
Cybercrime Social Media

Putting Scammers on Scan on Twitter

Earlier tonight, someone decided to change their Twitter handle and display name to impersonate a furry and solicit money to the scammer’s PayPal account. This is the same kind of lazy technique that script kiddies use to phish people for passwords, but more targeted. The goal is to dupe someone into sending the scammer money […]

Categories
Featured Furries

Opinionated Guides by Vega Deftwing

Vega of Opinionated Guides (OpGuides for short) recently asked to interview me for their website hosted on Github Pages. You can read the interview here if that strikes your fancy. Opinionated Guides is a quite excellent learning resource for various topics ranging from engineering to art, music, and philosophy. One thing I really like about […]

Categories
Cryptography Software Security

The Subtle Hazards of Real-World Cryptography

Imagine you’re a software developer, and you need to authenticate users based on a username and password. If you’re well-read on the industry standard best practices, you’ll probably elect to use something like bcrypt, scrypt, Argon2id, or PBKDF2. (If you thought to use something else, you’re almost certainly doing it wrong.) Let’s say, due to […]

Categories
Cryptography Online Privacy

Going Bark: A Furry’s Guide to End-to-End Encryption

Governments are back on their anti-encryption bullshit again. Between the U.S. Senate’s “EARN IT” Act, the E.U.’s slew of anti-encryption proposals, and Australia’s new anti-encryption law, it’s become clear that the authoritarians in office view online privacy as a threat to their existence. Normally, when the governments increase their anti-privacy sabre-rattling, technologists start talking more […]

Categories
Social Media

Deplatforming Hate and Harassment

How to more effectively report abuse to social media companies like Twitter.

Categories
Furry Fandom Meta Politics Society

You’re Not Alone; It Gets Better

We’ve more-or-less all been coping with the pandemic since early March. During this time, I’ve seen a lot of people stressed and depressed to their breaking points, usually while also blaming themselves for not being able to bottle their feelings up and believing no one else is at their limit. And that’s simply not true. […]

Categories
Cryptography Online Privacy Technology

A Brief Introduction to Deniability

Earlier this week, security researcher Ryan Castellucci published a blog post with a somewhat provocative title: DKIM: Show Your Privates. After reading the ensuing discussions on Hacker News and Reddit about their DKIM post, it seems clear that the importance of deniability in online communications seems to have been broadly overlooked. Security Goals, Summarized When […]

Categories
Cryptography

Bizarre Design Choices in Zoom’s End-to-End Encryption

Zoom recently announced that they were going to make end-to-end encryption available to all of their users–not just customers. This is a good move, especially for people living in countries with inept leadership that failed to address the COVID-19 pandemic and therefore need to conduct their work and schooling remotely through software like Zoom. I […]

Categories
Cryptography Furry Fandom Meta

Solving For “Why?”

Why blog about cryptography as a furry?

Categories
Furry Fandom Society

Nearly Everyone Underestimates the Importance of Good Friendships

If living through the COVID-19 pandemic has taught us anything–and it surely hasn’t–it would be the importance of friendship and community to our physical and emotional well-being. For more on the subject of People Who Ought to Know Better Not Learning the Obvious Lessons from Misfortune, one needs look no further than social media. Popularity […]

Categories
Furry Fandom

Commission Prices for Furries and Artists

A frequent source of confusion in the furry fandom is about commission pricing for furry art. This confusion is often driven by (usually younger) furries demanding free or severely cheap art from artists, and the aftermath of such exchanges. There’s a reason @SpicyFurryTakes posts so frequently. In the interest of not adding to the confusion, […]

Categories
Furry Fandom Politics

Politics? In My Fandom?

I dislike politics in general. That doesn’t mean I don’t write about it when it’s relevant, but I’m always less happy with any of my writing that touches on these subjects. I usually feel obligated to condemn these pieces to Draft status in perpetuity. It’d be great if we lived in a world where I […]

Categories
Technology

Vanity, Vendors, and Vulnerabilities

Tonight on InfoSec Twitter, this gem was making the rounds: Hello cybersecurity and election security people,I sometimes embed your tweets in the Cybersecurity 202 newsletter. Some of you have a habit of swearing right in the middle of an otherwise deeply insightful tweet that I’d like to use. Please consider not doing this. Best,Joe Identity […]

Categories
Cryptography Software Security

Dead Ends in Cryptanalysis #1: Length Extension Attacks

This is the first entry in a (potentially infinite) series of dead end roads in the field of cryptanalysis. Cryptography engineering is one of many specialties within the wider field of security engineering. Security engineering is a discipline that chiefly concerns itself with studying how systems fail in order to build better systems–ones that are […]

Categories
Furry Fandom Humor

Two Weebs and a Furry Walk into a Bar

Serious question: Why doesn’t the Furry Fandom have more comedians? I don’t mean racist loudmouth assholes who wouldn’t know a good joke if it cup-checked them every day after their second cup of coffee for a week straight (i.e. the racist birdbrain). I also don’t mean external comedians making lazy jokes at the expense of […]

Categories
Badness Furry Fandom

Extinguishing a Flaming Pile of Bad Takes on My Doorstep

There’s an old adage on the Internet: “Don’t feed the trolls.” The reasoning for such an argument is kind of a proof by induction if you squint hard enough at its structure: If you don’t feed the trolls, they’ll have to look elsewhere to get the engagement they crave. If you iterate the advice and […]

Categories
Badness Software Security Vulnerability

EduTech Spyware is Still Spyware: Proctorio Edition

Spyware written for educational institutions to flex their muscles of control over students and their families when learning from their home computer is still, categorically, spyware. Depending on your persuasion, the previous sentence sounds like either needless pedantry, or it reads like tautology. But we need to be clear on our terms. Educational spyware is […]

Categories
Cryptography

Designing New Cryptography for Non-Standard Threat Models

Since the IETF’s CFRG decided to recommend OPAQUE as a next-generation Password Authenticated Key Exchange, there has been a lot of buzz in the cryptography community about committing authenticated encryption (known to the more academically inclined as Random Key Robustness), because OPAQUE requires an RKR-secure AE scheme. Random Key Robustness is a property that some […]

Categories
Cryptography Software Security

Soatok’s Guide to Side-Channel Attacks

If you’re ever tasked with implementing a cryptography feature–whether a high-level protocol or a low-level primitive–you will have to take special care to ensure you’re not leaking secret information through side-channels. The descriptions of algorithms you learn in a classroom or textbook are not sufficient for real-world use. (Yes, that means your toy RSA implementation […]

Categories
Furry Fandom

Amazing Furry Animators on YouTube

Being a furry is like: Every once in a while, you’ll stumble across an enormous contingent of the furry fandom that you were entirely unaware of for years. Sure, you’d expect artists to be furry, but when you’ve run down the checklist of possible hobbies or professions to the point that furry doctors, furry lawyers, […]

Categories
Politics Society

A Few Missing Lessons from American Education

As American students are preparing to return to the classroom during a pandemic–in flagrant disregard of everything ranging from our scientific understanding to matters of good taste–we keep hearing from politicians how essential education is. Of course, if they actually believed the words coming out of their mouth, you’d expect them to be a little […]

Categories
Furry Fandom

All About Dholes and Dhole Fursonas

Some of you may be surprised to learn that my fursona is not a fox, nor a wolf; nor is it a fictitious fox-wolf hybrid popular within the furry fandom (which is usually called a “folf”). No, my fursona is a dhole, which is a real species of endangered wild dogs from Southeast Asia. The […]

Categories
Cryptography

A Brief Opinionated Overview of NIST’s Post-Quantum Cryptography Round 3 Candidates

Earlier this week, NIST announced Round 3 of the Post-Quantum Cryptography project and published their rationale for selecting from the Round 2 candidates. NIST did something clever this time, and Round 3 was separated into two groups: Finalists and Alternative Candidates. Finalists are algorithms that NIST (and the majority of the cryptographers involved in NIST’s […]