@FiloSottile elsewhere / Cryptogopher / Go crypto maintainer / Professional Open Source maintainer / RC F'13, F2'17
https://mkcert.dev / https://age-encryption.org / https://filippo.io/newsletter
🕳️ “Gaze not into the abyss, lest you become recognized as an abyss domain expert, and they expect you keep gazing into the damn thing.” —@nickm
| Location | Rome 🇮🇹 |
| Pronouns | he/him |
| Website | https://filippo.io |
| https://twitter.com/FiloSottile |
In which I survey CSRF countermeasures and existing Go libraries and propose we add CrossOriginForgeryHandler to net/http to solve this once and for all.
Turns out there is no need for tokens or keys in 2025! Browsers just send a This-Is-CSRF header now. (Sort of.)
So glad to get all this stuff out of my head and onto an issue. It's been rattling in there for a month.
Time to go stare at a tree 🌳
Today in “computers are very fast,” going through the hashes of all versions of all Go modules ever (36 868 514, from the Checksum Database) takes a few minutes on a laptop at home, or 45 seconds with a warm (<10GB) cache.
https://github.com/FiloSottile/torchwood/blob/main/cmd/sumdb-warmup/main.go
Running a full-network Bluesky relay costs less ($19) than my beefy but ~single user Mastodon hosted instance ($24).
People underestimate how much data optimized software can move through efficient protocols on modern non-cloud hardware.
This is an update to a Summer 2024 blog post. At the time, atproto relays required a cache of the full network on local disk to validate data structures. With the Sync v1.1 updates, relays don't need all that disk I/O. What impact does that have on hosting setup and operating costs? Turns out the d...
The relay is the supposedly centralized part of Bluesky because “too big” to run! $19/month!
The bsky.app AppView is bigger but every Mastodon instance is an AppView (and PDS), and if you were ok with Mastodon-style partial views of the network, AppViews would be cheap too.
My most cancellable open-source opinion is that the difference between the SSPL and the AGPL is mostly academic.
I get disliking the SSPL over a permissive license or even the GPL! I don’t get drawing the line at the AGPL.
send post, turn phone off
Here's something counterintuitive to non-practitioners: curve P-521 is often less secure in practice than curve P-256.
The latter is more popular, and so better tested. The risk of implementation bugs dwarfs the risk of partial cryptanalysis of ECC, so picking P-521 optimizes for the wrong thing.
Rebased an old community contribution from 2021 that adds Armv8.2 SHA-3 instruction support. (Debugged by another community member!)
-50% on crypto/sha3 and -13% on crypto/mlkem on Apple M2!
But apparently it's slower than pure Go on AWS Graviton 3!?
Alright, I think I have a durable, atomic implementation of WriteFile.
Got lots of good testing recs. I think the strategy is going to be LazyFS or ALICE or Gosim or dm-log-writes in CI to test the application, and manual power cuts in production to test hw and fs.
I am writing an application that really cares about durability of created files (a Certificate Transparency log), and... oof.
I fsync the file. I fsync the directory. Ok.
But... how do I test it? Even targeting a specific filesystem, I have to make VMs and try to race killing them?
