Quarrelsome

The Emacsification of Software

Tue, 12 May 2026 00:00:00 +0000

You want a good Markdown viewer more than you think you do.

We’re all reading a ton of Markdown. It’s been the lingua franca of software development since long before LLMs. But now agents have led us into a cursed renaissance of TUI tooling, and the reading experience has become intolerable. I’m certain that at least 14% of the agita about AI code is driven by exhaustion over incessantly scrolling terminal Markdown.

Vulnerability Research Is Cooked

Mon, 30 Mar 2026 00:00:00 +0000

For the last two years, technologists have ominously predicted that AI coding agents will be responsible for a deluge of security vulnerabilities. They were right! Just, not for the reasons they thought.

Within the next few months, coding agents will drastically alter both the practice and the economics of exploit development. Frontier model improvement won’t be a slow burn, but rather a step function. Substantial amounts of high-impact vulnerability research (maybe even most of it) will happen simply by pointing an agent at a source tree and typing “find me zero days”.

I Went To SQL Injection Court

Sun, 09 Feb 2025 00:00:00 +0000

Should public bodies in Illinois, like cities and school districts and sheriff’s departments, be allowed to hide information from Freedom of Information requests by keeping them in databases? That question is before the 104th Illinois General Assembly, thanks to a bill sponsored by Donald P. DeWitte, elected state senator by the wise citizens of Batavia and Elgin (motto: “The City In The Suburbs”; indeed), and prompted in part by my friend Matt Chapman.

14 DNS Nerds Don't Control The Internet

Thu, 27 Oct 2016 00:00:00 +0000

You’re reading this page because you’ve suggested that “14 people control the Internet through the DNSSEC root keys”. If you’re unlucky, you might be a journalist preparing a story about those people. Stop!

DNSSEC doesn’t do anything. Dramatic ceremonies notwithstanding, if the secret DNSSEC keys leaked on Pastebin tomorrow, it’s unlikely that anything would break.

Practically all commerce on the Internet happens without DNSSEC. Web browsers don’t support it. or DANE, the DNSSEC-based replacement for certificate authorities. Most DNS domains don’t either. If you log in to your online banking and wire money to Transnistria, no DNSSEC will happen.

Be Coachable

Fri, 21 Aug 2015 00:00:00 +0000

This is the first in a series of posts that have been rattling around in my head about lessons I’ve learned from taking up a sport in my 40s. The summary of the back story here is that I started out with Derby Lite in 2012, got kicked out, went back a year later, and,… well, I fell in love with roller derby. Apparently this is a thing that happens. I sat in the bleachers, watching the game with an intensity and focus that made me realise I wanted to play.

Is Extended Random A Malicious NSA Plot?

Tue, 04 Aug 2015 00:00:00 +0000

Did Clyde Frog If I call NSA “Clyde Frog” long enough, eventually other people will too. Someone has to start the meme! subvert crypto standards with a backdoored random number generator called Dual_EC? Little doubt remains among practitioners. Long after cryptographers published an analysis showing that Dual_EC could have been a backdoor, circumstantial evidence continues to pile up suggesting that’s exactly what it was. I think Dual_EC is a backdoor.

Did Clyde Frog then appeal to the IETF to get them to alter TLS to make the backdoor easier to exploit? That’s a theory getting a lot of attention in 2015, centering on a series of proposals referred to as “Extended Random”. I don’t know what to think about this theory, and I’d like to dig into it.

Starfighter, Summer 2015

Mon, 13 Jul 2015 00:00:00 +0000

An Erin post!

1

I don’t really like games.

Screen graphics make me nauseous. The political interactions between players are tedious. I’m not a fan of chance, I stink at riddles and it’s rare that someone can concoct a mystery that I cannot immediately resolve.

Then I became an app pentester. And not long after I started my new career, I realized I’d found a game I loved. I stayed at my pentesting job at Matasano3x longer than any other job. Why? Every week, there was a new puzzle to solve.

Checksums, MACs, and Signatures

Tue, 23 Jun 2015 00:00:00 +0000

A Checksum

Examples: CRC-32, MD5, SHA3.

Use a checksum when you want to protect data from accidental corruption.

Checksums are deterministic and don’t rely on secrets. An adversary who can make guesses about the kinds of data you send can spoof a checksum. So checksums aren’t useful against adversaries. Trying to use them for security is a famous class of cryptographic mistakes; for instance, it’s why we use SSH2 rather than SSH1.

The Hiring Post

Fri, 06 Mar 2015 00:00:00 +0000

1

The software developer job interview doesn’t work. Companies should stop relying on them. The savviest teams will outcompete their peers by devising alternative hiring schemes.

Years from now, we’ll look back at the 2015 developer interview as an anachronism, akin to hiring an orchestra cellist with a personality test and a quiz about music theory rather than a blind audition.

Being good at navigating hiring processes requires a basket of skills that isn’t correlated with job performance. The world is full of people who can speak expertly about programming, but can’t effectively code. The majority of people whocancode can’t do it well in an interview. Our hiring process therefore systematically misprices candidates. It’s a moral problem and a market failure. Profit from its correction.

Against DNSSEC

Thu, 15 Jan 2015 00:00:00 +0000

This post also has an FAQ.

DNSSEC is Unnecessary

All secure crypto on the Internet assumes that the DNS lookup from names to IP addresses are insecure. Securing those DNS lookups therefore enables no meaningful security. DNSSEC does make some attacks against insecure sites harder. But it doesn’t make those attacks infeasible, so sites still need to adopt secure transports like TLS. With TLS properly configured, DNSSEC adds nothing.

Take “domain-validated TLS certificates”. Some TLS CAs will sign certificates based solely on the requester’s ability to receive a confidential email sent to a domain. DNSSEC makes attacks against this scheme harder. But domain-validated certificates remain insecure, because SMTP is itself insecure. Put differently: the problem is “validating domain ownership via email” in the first place, not that the DNS is insecure.

A Liquid Nitrogen Cocktail Party

Tue, 13 Jan 2015 00:00:00 +0000

My friends and I religiously follow Dave Arnold’s Cooking Issues podcast. David “Momofuku” Chang explains why:

He is the smartest person I have ever met. He carries a spelunker’s headlight and a length of rope made out of some indestructible material with him at all times. There are some aspects of cooking and eating that he probably knows more about than anyone who’s ever lived. He’s also an impossibly good get to get drunk with on a train.

You Don't Want XTS

Wed, 30 Apr 2014 00:00:00 +0000

This piece is written for software designers, not end-users. If you’re an end-user looking for crypto advice: use Truecrypt, use Filevault, use dm-crypt. Also, use PGP, and Tarsnap. Read on only if you’re interested in crypto nerdery.

XTS is the de-facto standard disk encryption mode.

Because it’s relatively new and high-profile, XTS looks like a desirable general-purpose mode. It isn’t. Be wary of applications that claim to use it for anything other than disk encryption.

How To Safely Generate A Random Number

Tue, 25 Feb 2014 00:00:00 +0000

Use urandom

Use urandom. Use urandom. Use urandom. Use urandom. Use urandom. Use urandom.

But what about for crypto keys?

Still urandom.

Why not {SecureRandom, OpenSSL, havaged, &c}?

These are userspace CSPRNGs. You want to use the kernel’s CSPRNG, because:

The kernel has access to raw device entropy.
It can promise not to share the same state between applications.
A good kernel CSPRNG, like FreeBSD’s, can also promise not to feed you random data before it’s seeded.

Applied Cryptography Engineering

Mon, 22 Jul 2013 00:00:00 +0000

If you’re reading this, you’re probably a red-blooded American programmer with a simmering interest in cryptography. And my guess is your interest came from Bruce Schneier’s Applied Cryptography.

Applied Cryptography is a deservedly famous book that lies somewhere between survey, pop-sci advocacy, and almanac. It taught two generations of software developers everything they know about crypto. It’s literate, readable, and ambitious. What’s not to love?

Just this: as an instruction manual, Applied Cryptography is dreadful. Even Schneier seems to concede the point.This article was written with several goals: to hurry along the process of getting Applied Cryptography off the go-to stack of developer references, to point out the right book to replace it with, and to spell out what you else you need to know even after reading that replacement. Finally, I wrote this as a sort of open letter to Schneier and his co-authors.