Security Cryptography Whatever @SCWpod
@durumcrustulum, @tqbf, @davidcadrian. “Freewheelin’ dynamic”. securitycryptographywhatever.com Joined August 2021-
Tweets320
-
Followers2K
-
Following3
-
Likes366
@tqbf It is. This bug is also fun: github.com/advisories/GHS… Did you know that South Korea invented their own block cipher and managed to get it to wolfSSL? Their cipher implementation of GCM mode is horribly broken. Kim Jung Un would love this!
THIS IS GOING JUST GREAT.
You can check out co-lead of this report Nicholas Carlini detailing his approach to finding vulns with models like Mythos in our latest episode
You can read a detailed technical report on the software vulnerabilities and exploits discovered by Claude Mythos Preview here: red.anthropic.com/2026/mythos-pr…
If you visibly know what you're talking about, mic-dropping SIDH in conversations about MLKEM mostly signals that you have contempt for your audience, who you count on not to understand the distinction between isogenies and lattices.
It would help a lot if people would stop name-dropping SIDH any time anybody talks about how well we understand MLKEM (the Euro-sourced NIST contest winner, which we understand *quite* well).
This sounds obvious but I can't count how many people I've seen show up to say PQC is untrustworthy because SIDH was broken with a laptop. SIDH being broken says nothing about how safe/unsafe PQC is generally.
PQC isn't like a design philosophy, like Feistel vs. SPNs or FFDH vs. ECDH. It's a property some constructions have that others don't, about perceived/believed resistance to QC.
A thing you see over and over again in HN-type discussions of post-quantum cryptography is the implication that "post-quantum" is a kind of cryptography. No. PQC is a functional attribute of many different kinds of cryptography.
Fun time to be working in information/software security. The field is going out with a bang! First AI, then an imminent CRQC. We need, like, a big SCADA event to hit the trifecta.
Frankly, I'm appalled by the prospect of LLMs taking offensive security research jobs from honest, hard-working fuzzers
@ZTarantov @tqbf Thomas did you know we talked to Nicholas on the pod?
@tqbf @davidcrawshaw fixed, also found a bug in someone's link preview impl
Yeah, so, I'm going to have more to say about this later, but, for now... yeah. securitycryptographywhatever.com/2026/03/25/ai-…
@SCWpod chat is the vulnpocalypse real?
NEW EPISODE! In retrospect, if adderall'd up college kids can find vulnerabilities, it not that surprising today's foundation models can to. We talk to Nicholas Carlini about the Vulnpocalypse. youtube.com/watch?v=_IDbFL…
It was @tqbf!
podcasts.apple.com/us/podcast/sec… Host (is it @tqbf) laughter at 28:19 cures cancer. I joke CS is a karmic wheel but how did anyone now think imposing OSSL_PARAM at loss of C type checking was a good idea? “It was not called PyRuby, it was called Topaz.” Nextstep shoutout on point too.
obviously you have to do a string compare to load a nonce key in openssl 3
Thomas H. Ptacek @tqbf
35K Followers 618 Following Don't look at me sideways. Don't even look me straight on. bsky:@sockpuppet.org
Deirdre Connolly¹ @durumcrustulum
6K Followers 3K Following • 🜗 🝒 🝲 crypto as in 'cryptography' 🝳 🝡 🜖 • ¹ isogenist, co-host @SCWpod, @durumcrustulum.com on 🦋
Lúcás Meier @cronokirby
10K Followers 1K Following Cryptographer @commonwarexyz Opinions do not yadda yadda. Did an MSc (Computer Science) @EPFL. Avid, not fast runner. https://t.co/yOuGtLnGMF on bsky.
sofía celi @claucece
9K Followers 5K Following Proud LatinAmerican • "Legendary quantum lady/cryptographer" • Researcher @brave • she/they • hrpc co-chair @inretafo anti-fraud @w3c @otr_im @LondonU
apenwarr @apenwarr
16K Followers 2K Following wvdial, bup, sshuttle, netselect, popularity-contest, redo, gfblip, GFiber, and now @Tailscale doing WireGuard mesh. Top search result for "epic treatise."
David Wong @cryptodavidw
18K Followers 3K Following security @zksecurityXYZ & advisor @archetypeVC, author of Real-World Cryptography, prev: architect @Mina, sec lead Libra (@Facebook), crypto @NCCGroup
Ryan Hurst @rmhrisk
6K Followers 3K Following Dropout. Father. I build things. Security, Cryptography, Engineering, Entrepreneurship. @peculiarventure + xMSFT + xGOOG ++. also on https://t.co/FaDXJfnZBm & Bluesky
April King 🌀 @CubicleApril
19K Followers 338 Following Staff Security Engineer @ Dropbox, previously Mozilla, Twitter. mastodon @ [email protected]. Union Park District Council board member.
Steve Weis @sweis
11K Followers 3K Following Software engineer at @anthropicai interested in cryptography, security, privacy, and machine learning.
Colm MacCárthaigh @colmmacc
37K Followers 2K Following VP / Distinguished Engineer at Amazon Web Services. Also: Open Source and Apache, Cryptography, Irish Music, mediocre Photography.
Nigel Smart @SmartCryptology
6K Followers 421 Following Interested in cryptography and computing on encrypted data in particular Citizen of Nowhere @[email protected] @smartcryptology.bsky.social
Diego F. Aranha 🕷�... @dfaranha
15K Followers 1K Following Associate Professor at @csaudk. Find me at bsky, where I am much more active.
Dan Lorenc @lorenc_dan
11K Followers 2K Following OSS Supply Chain Security. Founder/CEO/Primary Ariba Admin at https://t.co/sGmuUU9JbG Sigstore: https://t.co/dWKlyYu6kv
Prof B Buchanan OBE F... @billatnapier
12K Followers 5K Following Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.
David Adrian @dadrian
3K Followers 453 Following Adding value @googlechrome security. Host @scwpod, cofounder of @censysio, cryptography, startups. “Ruthlessly practical". DJB says I’m an NSA plant. Go blue!
Andrew Miller @socrates1024
23K Followers 5K Following interim manager @ teleport computer 🛡️ dstack integrations 🏫 https://t.co/LZtbefGx8o
Godzilla @GodzillaKnows
7 Followers 165 Following Decoding music gear, DAWs, plugins & the software behind it all; so you spend smart, not loud. Occasional space + Godzilla facts. 🚀 🔥 ⚡️
Robrit Harry @harryrobs22
0 Followers 6K Following
Noone @lurkerer
16 Followers 398 Following
@codejake @codejake
591 Followers 802 Following Triplets dad, programmer, infosec enthusiast, OSINT, trail runner, BJJ, USAF avionics veteran, optimist 🌞, 32°
Sina @dynamicfuzzing
574 Followers 3K Following Nice to meet you. security lead @FUN — Opinions and words herein are mine alone and not my employer’s.
asilva @asilva18157
1 Followers 250 Following
Tom Gosling @tomgosling
129 Followers 2K Following
Uwu @Uwu79033065Uwu
229 Followers 7K Following
Ryan Lopopolo @_lopopolo
6K Followers 1K Following Building the future of work at @OpenAI. As a codex influencer,
Dave Archer @DaveArcher37468
7 Followers 43 Following CTO, Niobium Microsystems | Principal Scientist, Galois, Inc.
Mark Tran @mqt
357 Followers 4K Following
Tomasz @Tomasz833415
153 Followers 3K Following
Ujjwal (Ulysses) Sehr... @ujjwaltz
10 Followers 2K Following An ü-adic soliton travelling along the undulating curls of space-time-matter ab initio immemorabilli ad infinitum
M Ξ L 291 @M3ncrypt
1 Followers 431 Following
Clarice @mel695904
0 Followers 27 Following
Paras Chetal @paraschetal
339 Followers 3K Following
s8n @robotics8n
370 Followers 210 Following Web2, Web3 & AI security research for fun and profit. Building @corpusbloxcom
Yashraj Singh Tomar @YashrajSin79355
0 Followers 36 Following
Robyn @rndhouse
30 Followers 616 Following Working on: https://t.co/qljOoZ2waV - supply-chain attack risk reducer https://t.co/oFn2NUMwoI - agent-native source annotation. WebLayer (and more...)
renorobert @renorobertr
2K Followers 987 Following
leon @leonfr
0 Followers 1K Following
TrenchinhoXbt @trenchinhoxbt
236 Followers 5K Following
Delta, Dirac @DeltaClimbs
10K Followers 1K Following Post-Schizo Nietzsche enthusiast. Strange attractor to weirdly cracked. Bleeding edge defense owns hardware frontier, but hardware is built sociocybernetically.
Beaudin Storniolo @S3901xom
8 Followers 547 Following
David LC @dlcwork
36 Followers 481 Following I enjoy programming in Go, system architecture, videogames, football (soccer), RC cars/boats/planes (not drones !), Lego Technic
David Crawshaw @davidcrawshaw
12K Followers 1K Following ceo https://t.co/rCiZyr11L3, co-founder and ex-cto @Tailscale. forever a programmer
David Nepožitek @david_nepozitek
46 Followers 253 Following Cloud, Web, Observability, Security Software Engineer @ https://t.co/COjXBD2yKJ
Abdalla Ibrahim @abdalla_ib
482 Followers 1K Following Cryptography Engineer | Post-Quantum & Quantum-Resistant Algorithms | CISO at Egyptian forensic medicine Authority | Founder of https://t.co/vtEVH3xrRS
Sergio 💻🐺 @Dev_SergiO14
255 Followers 2K Following
Bruno Telstar @bruno_telstar
183 Followers 683 Following
Alex Vandal @Vandal_Alex1995
0 Followers 17 Following Just coding and traveling. Encryption is a human right. 🌍✈️
E @DataBufferA
9 Followers 425 Following
Foomatic @pacman66021284
17 Followers 5K Following
Hristo Hristov @_hhristov
191 Followers 802 Following My focus on the following categories in which I specialize: open source software, hardware, servers, cybersecurity and communications. I enjoy all technology!
方讫 @UnderlingOfNPU
36 Followers 2K Following
Thomas H. Ptacek @tqbf
35K Followers 618 Following Don't look at me sideways. Don't even look me straight on. bsky:@sockpuppet.org
Deirdre Connolly¹ @durumcrustulum
6K Followers 3K Following • 🜗 🝒 🝲 crypto as in 'cryptography' 🝳 🝡 🜖 • ¹ isogenist, co-host @SCWpod, @durumcrustulum.com on 🦋
David Adrian @dadrian
3K Followers 453 Following Adding value @googlechrome security. Host @scwpod, cofounder of @censysio, cryptography, startups. “Ruthlessly practical". DJB says I’m an NSA plant. Go blue!Trends for United States
You might like
