As a Jew who knows her history very thoroughly, I recognise this ‘proposal’ very well. There is no daylight between this and the Warsaw Ghetto.

https://apnews.com/article/israel-palestinians-hamas-war-gaza-displacement-aid-788199fb4b6fec90aa5f8db68111630d

Yes, It Is Just Like The Nazis
Hey so remember Anne Frank? The Jewish young girl who hid in an attic and was killed by the Nazis? The emblematic person we think of when we think of victims of the Holocaust?

She did not die in a gas chamber or in a death camp. She died in a temporary' detention center for the mass deportations which preceded the death camps.
She was in that camp because a patriotic neighbor ratted her out to the German deportation force. She died, not of a bullet to the back of the head or choking on gas, but of typhus. She contracted typhus because the Nazis couldn't realistically deport people at the rate they wanted to, because before the death camps their infrastructure couldn't handle the sudden influx of ethnic minorities they had decided to imprison, and because they didn't care about the consequences of that so their deportation detention centers were unhygienic and prisoners were underfed and overcrowded.

And she was picked up by the deportation force not because she was an illegal citizen but because, just like the US is doing with asylum seekers, she was part of a formerly recognized class of citizens who were legally redefined to lack citizenship by a new administration.

Anne Frank is exactly like the children who have already died in the United State's detention camps. Exactly. Down to the very last detail. There. Is. Not. A.
Single. Difference.

So unless you want to fucking tell me that Anne goddamn Frank was not a victim of the Holocaust, y'all can shut the fuck up with that "stop making concentration camp comparisons, you're diminishing the suffering of the Holocaust" bullshit.

Its also worth noting that her family TRIED to flee to the US and was denied. She was in that camp partly because the US refused to let her refugee family immigrate.

You would never expose a firewall management interface to the internet.

So don't expose an ICS/OT management interface to the Corporate network or internet.

🧵 Thread: Building information-theoretic security for personal cold storage

After almost losing access to critical crypto wallets during a team transition, I've been thinking about the cold storage problem differently.

Most people store seeds/keys in single locations: hardware wallets, encrypted files, safety deposit boxes. But what happens when that ONE thing fails, gets stolen, or you forget where you put it?

1/8
🔐 The solution we ended up building uses Shamir's Secret Sharing - the same math that Trezor uses internally, but applied to any secret you need to store long-term.

Split your seed phrase into 5 pieces, need any 3 to recover. The beautiful part: 2 pieces reveal ZERO information. Information-theoretic security, not just "computationally hard."

2/8
💡 Real-world threat models this addresses:
🔥 House fire (shares elsewhere survive)
🚪 Inheritance planning (family can pool shares)
🏠 Forgotten hiding spots (only need threshold)
⚔️ Physical coercion (attacker needs multiple locations)
💾 Hardware failure (recover to any new device)

3/8
🛡️ The crypto nerd in me loves that this is provably secure:

- AES-256-GCM for file encryption
- Shamir's algorithm over GF(256)
- Each share is self-contained with recovery tools
- Air-gapped operation (Docker --network=none)
- No proprietary crypto, everything auditable

4/8
🎯 Use cases beyond crypto:

- Password manager master vault exports
- GPG/SSH keys you can't afford to lose
- Encrypted family photos/documents
- Any "nuclear option" secret that needs decades of survival

The key insight: some secrets are too important for single points of failure.

5/8
🔓 Why we open-sourced it:
When your financial security depends on a tool, you can't trust it to any company's business model. Cryptographic tools for long-term storage need to be:

- Transparent (audit the math)
- Immortal (survive any vendor)
- Community-maintained

6/8
💻 Implementation details for the security-minded:

- Runs completely offline
- Cross-platform (Linux/macOS/Windows)
- Each share includes full recovery application
- FIPS 140-2 compatible algorithms
Reproducible builds

GitHub: https://github.com/katvio/fractum

7/8
Question for #infosec community:

I'm wondering How do you handle long-term storage of critical secrets? Especially curious about approaches that survive both digital and physical threats over decades.
What threat models am I missing for personal cold storage scenarios?

#cryptography #backup #security #shamir
8/8

Google’s M-Trends 2025 report is out - data from Mandiant’s incident response engagements. Direct PDF link to avoid the sales pitch wall:

https://services.google.com/fh/files/misc/m-trends-2025-en.pdf

Thread about my main observations:

- Firstly, no mention of generative AI or GenAI again. This is in common with Sophos incident response, ESET, etc etc etc. You’ll see why as we get into the data.

When bacteria was found on an asteroid Ryugu grain in a laboratory in London, the media questioned whether a sample returned from space could ever stay free of contamination from Earth.

However, no contamination has been found in the JAXA curation facilities.

But let's take a look at what that takes... (brace yourselves)

My latest on Cosmos 👉
https://cosmos.isas.jaxa.jp/keeping-out-the-earth-protecting-the-asteroid-ryugu-sample-from-contamination/