HackerTrans
TopNewTrendsCommentsPastAskShowJobs

tomgag

no profile record

Submissions

Rise and Fall of Hosting Provider Gandi.net

gagliardoni.net
4 points·by tomgag·letzten Monat·2 comments

Vampires, prisoners, and late-stage capitalism

gagliardoni.net
4 points·by tomgag·vor 2 Monaten·0 comments

Quantum computers will break RSA-2048 by February 2032

gagliardoni.net
3 points·by tomgag·vor 2 Monaten·1 comments

Chinese Propaganda in Open Source AI: Moxie Marlinspike's Confer

gagliardoni.net
11 points·by tomgag·vor 5 Monaten·2 comments

Chinese Propaganda in Infomaniak's Euria, and a Reflection on Open Source AI

gagliardoni.net
2 points·by tomgag·vor 5 Monaten·1 comments

"Unfortunately We Are Unable to Provide Feedback"

gagliardoni.net
3 points·by tomgag·vor 7 Monaten·0 comments

International Crypto Association elections botched by loss of key

iacr.org
8 points·by tomgag·vor 8 Monaten·3 comments

comments

tomgag
·vor 21 Tagen·discuss
Every time I see a post praising ATProto on HN I cannot shake the feeling that this might be the product of a concerted (and VC-backed) marketing effort.

ATProto is "decentr-washing" as far as I'm concerned. Even if you self-host as much as possible, if Bluesky's relay declines to crawl your PDS, or its AppView declines to index/serve your records, then to essentially the entire audience you simply don't exist. did:plc controlled by a Swiss Verein, as if this could be a reason to drop all self-sovereignty worries! Credible exit was actually always working well on ActivityPub already, and if you self-host your instance you probably won't even need it anyway. Regardless, there is FEP-ef61 now, so I genuinely don't understand why to prefer ATProto over ActivityPub, even in the foreseeable future.

Let's not even talk about Nostr, that natively solves all the issues that ATProto seems to care about. Nostr is IMHO a much superior technology, unfortunately plagued by ecosystem/people and Bitcoin-dictated technical choices (BIP-340 keypairs, brrr).
tomgag
·letzten Monat·discuss
Yes, totally agreed, but the problem is that most people tend to simplify this as "let's just bother with PQ encryption, forget about signatures". I know experts can handle the nuance, but execs and most industry folks can't. Or, at least, this is the trend that I have personally observed countless times, maybe I was just unlucky with my data points, but I have seen this in "technical" settings as well (case in point: GnuPG prioritized inclusion of PQ hybrid encryption, to the point of rushing the standard against OpenPGP, the well-known "GnuPG schism", but I'm not aware of concrete plans for PQ signature adoptions there).
tomgag
·letzten Monat·discuss
Refreshing! Not wanting to be the "told you so" guy, I've been saying this for at least 2 years now:

> Post-quantum authentication is no longer a problem the Web PKI ecosystem should defer. Long-lived keys (root certificate authorities, code-signing keys, identity systems) are particularly valuable targets, and new technology takes years to gain broad adoption, so the work has to start early.

This is a problem that I have met so many times talking with people: they parrot the "Harvest-Now-Decrypt-Later is the only urgent problem, signatures can wait" mantra, and this piece of misinformation has spread so much that even AI repeats it (because it has been trained on open data, where the overwhelming sentiment has been following this trend), thereby reinforcing the problem. Ask Claude/ChatGPT/Gemini about the problem, and they will invariably tell you that signatures are less urgent because theyr are not subjective to retroactive compromise.

There are two problems here.

The first one is included by the Letsencrypt announcement: the migration path for signatures/certificates is typically longer and more complex than encryption: long-lived certificates, firmware update keys, secure boot certificates, these are all objects that are painful to migrate.

The second one, even more serious in my opinion, is: "retroactive" in respect to what? "Retroactive" presupposes you can observe the trigger (the arrival of a cryptanalytically-relevant quantum computer), but this is precisely the kind of capability an adversary keeps secret, and a quantum forgery is operationally indistinguishable from, e.g., key exfiltration, a library bug, or a classical break. You may see a forged signature, a drained wallet, a failing certificate, and have no way to attribute it to quantum cryptanalysis. The threat is dark: reactive migration against an unobservable trigger is structurally impossible.

This is not to say that Harvest-Now-Decrypt-Later is a less urgent threat, but it's not so asymmetric as people have been believing so far. Glad to see things are changing!
tomgag
·letzten Monat·discuss
Hi, just a personal blog post. The sad story of Gandi.net is a textbook example of enshittification, which I think is interesting to talk about, because of the many expectations that were betrayed, and the deeper reflection linking to vampire capitalism. I also report the user-hostile process that I had to undergo in order to migrate away from them.
tomgag
·vor 3 Monaten·discuss
Sorry to hear about this turn of events, but it was pretty much to be expected given the way the world is turning, and Microsoft being Microsoft.

Switch to Linux if you can, and come give Shufflecake a try ;)

https://shufflecake.net/
tomgag
·vor 4 Monaten·discuss
Can confirm, I use mailbox.org with my own domain and can send from any *@mydomain
tomgag
·vor 5 Monaten·discuss
Author of the whine post here, feedback is very welcome. I am in no way expert on the topic of AI/LLM, and I'm happy to learn new things and correct myself. My point on the "China has won the AI race", while admittedly provocative, is not meant in the technological sense, but in a broader, social + usability sense: I know that there are good open source models by Western companies, I know Heretic and similar abliteration techniques, and yet all the trending models on HF are Qwen and friends, and sovereign and/or private attempts at personal inference like Euria, Confer, etc use these models under the hood. While you might or not be right that "there is no Chinese company that can release a model as good as the American ones" (and BTW, this statement sounds difficult to prove to me), how do you explain the observable, objective facts above? Thanks.
tomgag
·vor 5 Monaten·discuss
Hi, I wanted to share this because at first I found it super ridiculous that a "green, open and ethical Switzerland-hosted AI" spews so obvious CCP propaganda like that, but then I realized the issue runs deeper. I always see a lot of interesting conversations on HN about AI, so I guess a starting question I would like to ask you is: what is, today, the "best" general-purpose open-source model one can self-host on expensive but consumer-grade hardware? Thanks!
tomgag
·vor 6 Monaten·discuss
This ATproto astroturfing is becoming a bit ridiculous.
tomgag
·vor 6 Monaten·discuss
Forgive me this shameless ad :) with the latest performance updates, Shufflecake ( https://shufflecake.net/ ) is blazing fast (so much, in fact, that exceeds performances of LUKS/dm-crypt/VeraCrypt in many scenarios, including SSD use.
tomgag
·vor 6 Monaten·discuss
I see a lot of comments recommending TrueCrypt/VeraCrypt here, which is fine, but did you know there is something even more interesting? ;)

Shufflecake ( https://shufflecake.net/ ) is a "spiritual successor" to TrueCrypt/VeraCrypt but vastly improved: works at the block device level, supports any filesystem of choice, can manage many nested layers of secrecy concurrently in read/write, comes with a formal proof of security, and is blazing fast (so much, in fact, that exceeds performances of LUKS/dm-crypt/VeraCrypt in many scenarios, including SSD use).

Disclaimer: it is still a proof of concept, only runs on Linux, has no security audit yet. But there is a prototype for the "Holy Grail" of plausible deniability on the near future roadmap: a fully hidden Linux OS (boots a different Linux distro or Qubes container set depending on the password inserted at boot). Stay tuned!
tomgag
·vor 7 Monaten·discuss
For fuck's sake, isn't anyone here horrified at how much information on yourself you are willingly funneling into Big Tech with this approach?
tomgag
·vor 7 Monaten·discuss
Oh, I didn't mean to imply that the "cliff" is for certain. What I'm saying is that articles like Gutmann's fail to acknowledge this possibility.

Regarding the coaxial cables, you seem to be an expert, so tell me if I'm wrong, but it seems to me a limitation of current designs (and in particular of superconducting qubits), I don't think there is any fundamental reason why this could not be replaced by a different tech in the future. Plus, the scaling must not need to be infinite, right? Even with current "coaxial cable tech", it "only" needs to scale up to the point of reaching one logical qubit.
tomgag
·vor 7 Monaten·discuss
Given some of the comments in this thread, I would like to link this here:

https://gagliardoni.net/#20250714_ludd_grandpas

An abstract:

> "but then WHAT is a good measure for QC progress?" [...] you should disregard quantum factorization records.

> The thing is: For cryptanalytic quantum algorithms (Shor, Grover, etc) you need logical/noiseless qubits, because otherwise your computation is constrained [...] With these constraints, you can only factorize numbers like 15, even if your QC becomes 1000x "better" under every other objective metric. So, we are in a situation where even if QC gets steadily better over time, you won't see any of these improvements if you only look at the "factorization record" metric: nothing will happen, until you hit a cliff (e.g., logical qubits become available) and then suddenly scaling up factorization power becomes easier. It's a typical example of non-linear progress in technology (a bit like what happened with LLMs in the last few years) and the risk is that everyone will be caught by surprise. Unfortunately, this paradigm is very different from the traditional, "old-style" cryptanalysis handbook, where people used to size keys according to how fast CPU power had been progressing in the last X years. It's a rooted mindset which is very difficult to change, especially among older-generation cryptography/cybersecurity experts. A better measure of progress (valid for cryptanalysis, which is, anyway, a very minor aspect of why QC are interesting IMHO) would be: how far are we from fully error-corrected and interconnected qubits? [...] in the last 10 or more years, all objective indicators in progress that point to that cliff have been steadily improving
tomgag
·vor 8 Monaten·discuss
Watch out, possibly similar to this patent: https://patentimages.storage.googleapis.com/e4/9b/4e/883a9df...

(disclaimer: I am co-inventor at a previous employer, I don't get royalties for it, just reporting)
tomgag
·vor 8 Monaten·discuss
The results of the 2025 elections for the president and board members at the International Association for Cryptologic Research (IACR) have been botched because the results of the super-secure cryptographic e-voting system cannot be retrieved due to the "accidental loss" of a decryption key.

https://iacr.org/news/item/27138

While human mistakes happen, this incident comes under very troubling circumstances.

Why does an e-voting system of an association like IACR not support t-out-of-n threshold decryption?

Why is a system where a single party can collude to invalidate the vote considered acceptable?

Wouldn't be wiser to freeze to the date of November 20th the eligibility status for voting instead of "calling to arms" IACR members who had previously decided to opt out from Helios emails?

Does the identity of some of the candidates to Director represent a problem for IACR?
tomgag
·vor 10 Monaten·discuss
> I don't think the debate between them is super useful because their architectures are very different.

Sure, that's true, but I, personally, care mostly about one question: Who holds the keys to the kingdom? In this respect, I think the AT Protocol fails spectacularly, mainly due to the lack of a credible strategy to implement really self-custodian identities.

> You also mentioned an issue with the bluesky relay, but others already exist so it's not techincally tied to Bluesky. Heck, I think the fact multiple can exist at the same, while degrades the social aspect, still makes it decentralized.

Yes, but this is also true for Nostr, Diaspora, Mastodon, etc. The difference being, last time I checked (and of course things might have changed in the meantime) with AT Protocol it was only possible to self-host part of the infrastructure (and hosting the relay is insanely demanding).

> As for the identity management issue, they announced just last week that it's getting branched to an independent entity: https://docs.bsky.app/blog/plc-directory-org

This is another example of gaslighting from Bluesky that just makes me angry. How in the holiest of Hells does an "Identity directory controlled by a Swiss Association" make the whole thing better?

Sorry, not buying it. I don't have a horse in the race, but won't fall for the marketing.
tomgag
·vor 10 Monaten·discuss
Beautiful. Plays super smoothly on Firefox with NoScript, uBlock Origin and many other privacy extensions. But it lacks a player tutorial IMHO.
tomgag
·vor 10 Monaten·discuss
Personal opinion: Bluesky is "fedi-washing". Better Mastodon or Nostr.

https://gagliardoni.net/#20250818_battle_of_socials
tomgag
·vor 10 Monaten·discuss
Personal opinion: Bluesky is "fedi-washing". Better Mastodon or Nostr.

https://gagliardoni.net/#20250818_battle_of_socials