Natanael ⚠️

@Natanael_L
447 Followers
323 Following
5.5K Posts

Geek.

/u/Natanael_L on reddit, moderating /r/crypto (as in cryptography)
https://bsky.app/profile/natanael.bsky.social

LocationSomewhere in Sweden
InterestsRandom tech stuff
Matrix.org account, for E2EE messages@Natanael_L:matrix.org
Crypto meansCryptography
Natanael ⚠️Mar 11
TutaMar 11

RE: https://mastodon.social/@Tutanota/116130138605094270

Today the EU Parliament said NO. ❌

Voluntary scanning by Outlook, Gmail, LinkedIn, etc. might come to an end on April 6 in the EU. Keep pushing everyone! 👏🥳

Natanael ⚠️Mar 11
Show threadGlyphMar 11
@miss_rodent I am a graduate of the University of Debian-Legal myself (go fightin' sea-lions!), so I realize it is from my tenuous perch on the parapet of a glass house that I am hurling this particular stone, but what a lot of open source programmer / amateur legal analysts get wrong is that the MAIN risk of any copyright issue is the presence of a MOTIVATED COUNTERPARTY WITH A CAUSE OF ACTION, way more than any specific legal risk that you might be able to anticipate
Natanael ⚠️Mar 11

"GrapheneOS doesn’t see Unified Attestation as a solution, but just adds another new gatekeeper, replacing Google controls with a vendor-managed list.

The main argument made is that companies that sell phones should not be deciding which operating systems are allowed to run apps."

https://piunikaweb.com/2026/03/10/grapheneos-calls-on-privacy-focused-app-developers-to-boycott-european-unified-attestation/

GrapheneOS boycotts EU Unified Attestation, asks developers to help

In an official statement on X, GrapheneOS has completely rejected the new Unified Attestation initiative from the EU.

PiunikaWeb
Natanael ⚠️Feb 14
Show threadTaggartFeb 13
UPDATE: They pulled the story, but I had it up and had SingleFile in my browser, so: https://mttaggart.neocities.org/ars-whoopsie
After a routine code rejection, an AI agent published a hit piece on someone by name

One developer is struggling with the social implications of a drive-by AI character attack.

Ars Technica
Natanael ⚠️Feb 14
TaggartFeb 13

What's going on here? The matplotlib maintainer this story is about correctly notes that all the quotes from his post in the article are made up.

UPDATE: Link was pulled; see below.

https://arstechnica.com/ai/2026/02/after-a-routine-code-rejection-an-ai-agent-published-a-hit-piece-on-someone-by-name

Natanael ⚠️Feb 12
Show threadMatt BlazeFeb 12
The fact that CBP shot down party balloons is getting attention because it’s kind of funny and embarrassing, but it shouldn’t overshadow the bigger question of whether these weapons are being safely tested and deployed in areas with commercial traffic.
Natanael ⚠️Feb 12
Show threadMatt BlazeFeb 11

There have so far been at least three different explanations given:

- army told FAA it was testing new anti-drone tech, FAA thought possibly unsafe for civil traffic, issued TFR, army then responded with safety assurance

- actual drone incursions detected, military responded, then gave all clear

- FAA initially misunderstood/was misinformed of location of military antidrone testing, thought it was at Biggs airfield (adjacent to El Paso) when it’s actually at other locations near border.

Natanael ⚠️Feb 12
Matt BlazeFeb 11

FAA just announced a 10 day emergency temporary restricted area for a 10 mile radius around El Paso. No flights are permitted from ground level to 18000 feet, grounding all flights to/from the El Paso airport (KELP).

Designed as “national defense airspace”, with “deadly force authorized if aircraft determined to pose a security threat”.

No reason given.

Update: the TFR appears to have been cancelled, effective immediately.

Natanael ⚠️Jan 8
Matt BlazeJan 8
Susan Landau, @SteveBellovin , and I have a piece up on Lawfare on the UK’s latest ill-advised attempts to prohibit strong encryption. https://www.lawfaremedia.org/article/the-u.k.-s-plan-for-electronic-eavesdropping-poses-cybersecurity-risks
The U.K.’s Plan for Electronic Eavesdropping Poses Cybersecurity Risks

The U.K. government’s latest attempt to access encrypted cloud backups could allow adversarial actors to gain access to sensitive data.

Default
Natanael ⚠️Jan 5
Frédéric JacobsJan 5

🧵 Short Authentication Strings (SAS) in the Age of Generative AI

When ZRTP was released by Phil Zimmermann and team in the mid-2000s, one of it's main innovations was to use SAS in order to verbally authenticate the other party on the call and rule out person-in-the-middle attacks. This worked by reading aloud a SAS value over the voice connection and ensure that it matched the value on the other side.

When we shipped Signal 1.0 with ZRTP, those were the words on the display during calls.

👇