Ian Preston
@ianopolous.bsky.social
Mathematician/particle physicist turned privacy researcher. Java Rockstar #Oxford Building a better web - private, self-sovereign identity, p2p, social - with @peergos.org. Public social media undermines democracy. #covidisairborne #maskswork #cleantheair
Pinned
Ian Preston
@ianopolous.bsky.social
· Jun 14
The public web is dying as it fills with AI slop and turns search into trash. A private, human focused web would let those who don't want their creations fed into AI to easily not allow that. Search would be forcibly decentralized because it can only run with your access through your social graph.
Reposted by Ian Preston
"Starmer said that lessons had been learned"
...which is clearly not true. Appropriate mitigations to stop airborne viral spread are still not in place.
The Government will "carefully consider all of the findings and recommendations"
...which is not quite the same as committing to implement them
...which is clearly not true. Appropriate mitigations to stop airborne viral spread are still not in place.
The Government will "carefully consider all of the findings and recommendations"
...which is not quite the same as committing to implement them
Keir Starmer responds to damning Covid Inquiry report as huge failings unearthed
Keir Starmer has said the Government will 'carefully consider' the findings of Baroness Heather Hallett, who said Boris Johnson's dithering cost more than 20,000 lives
www.mirror.co.uk
November 20, 2025 at 5:14 PM
"Starmer said that lessons had been learned"
...which is clearly not true. Appropriate mitigations to stop airborne viral spread are still not in place.
The Government will "carefully consider all of the findings and recommendations"
...which is not quite the same as committing to implement them
...which is clearly not true. Appropriate mitigations to stop airborne viral spread are still not in place.
The Government will "carefully consider all of the findings and recommendations"
...which is not quite the same as committing to implement them
Reposted by Ian Preston
Today on Volts: for years, I've wanted to do a podcast on indoor air quality, and I finally found the perfect guest! Dr. Lagoudas & I discuss indoor air pollutants, the policies and technologies that can control them, and the growing need to frame indoor air quality as a basic human right.
What's the deal with indoor air quality?
From CO2 monitors to better building codes, Dr. Georgia Lagoudas outlines how to clean up the spaces where we spend 90% of our lives.
www.volts.wtf
November 19, 2025 at 6:30 PM
Today on Volts: for years, I've wanted to do a podcast on indoor air quality, and I finally found the perfect guest! Dr. Lagoudas & I discuss indoor air pollutants, the policies and technologies that can control them, and the growing need to frame indoor air quality as a basic human right.
Maybe I'm getting old, but I really dislike apps totally changing their UI. That kind of thing should be opt in, or have some kind of warning before upgrade.
November 20, 2025 at 11:51 AM
Maybe I'm getting old, but I really dislike apps totally changing their UI. That kind of thing should be opt in, or have some kind of warning before upgrade.
This was super fun. It needed a small extension to cryptree (yes we're still improving our core data structure). Now I can load a directory with 25,000 files from a server in the US in 29s, and most of that 29s could be parallelised with a further cryptree tweak and reduce it to ~12s.
Many have requested this feature for years and now it's here - lazy directory loading! This release makes loading directories asynchronous and blazingly fast. One Australian user reported it as 100x faster! We also show the number of items in a folder for its size now.
github.com/Peergos/web-...
github.com/Peergos/web-...
Release Blazingly fast folder loads · Peergos/web-ui
This release makes the ui load directories asynchronously, making them much faster to display. We extend the cryptree format to allow showing the mimetype, creation time and if it is a directory be...
github.com
November 19, 2025 at 2:03 PM
This was super fun. It needed a small extension to cryptree (yes we're still improving our core data structure). Now I can load a directory with 25,000 files from a server in the US in 29s, and most of that 29s could be parallelised with a further cryptree tweak and reduce it to ~12s.
Reposted by Ian Preston
iodéOS and /e/OS are based in France. iodéOS and /e/OS make devices dramatically more vulnerable while misleading users about privacy and security. These fake privacy products serve the interest of authoritarians rather than protecting people. /e/OS receives millions of euros in government funding.
November 19, 2025 at 10:48 AM
iodéOS and /e/OS are based in France. iodéOS and /e/OS make devices dramatically more vulnerable while misleading users about privacy and security. These fake privacy products serve the interest of authoritarians rather than protecting people. /e/OS receives millions of euros in government funding.
Reposted by Ian Preston
Cloudflare is down, in yet another example of why 5 companies should not control the internet.
November 18, 2025 at 11:52 AM
Cloudflare is down, in yet another example of why 5 companies should not control the internet.
Reposted by Ian Preston
A Government of cowards.
Rather than tackle inequality - they've gone for pensioners, disabled people and now it's people fleeing war and persecution.
They can't get away with this.
Join.greenparty.org.uk
Rather than tackle inequality - they've gone for pensioners, disabled people and now it's people fleeing war and persecution.
They can't get away with this.
Join.greenparty.org.uk
November 17, 2025 at 11:16 PM
A Government of cowards.
Rather than tackle inequality - they've gone for pensioners, disabled people and now it's people fleeing war and persecution.
They can't get away with this.
Join.greenparty.org.uk
Rather than tackle inequality - they've gone for pensioners, disabled people and now it's people fleeing war and persecution.
They can't get away with this.
Join.greenparty.org.uk
Reposted by Ian Preston
privacy activists should start telling people that storing data in unencrypted form in the cloud lets AI read it and train on it, maybe that will finally get people to care
same with non-E2EE messages
same with non-E2EE messages
November 17, 2025 at 9:42 PM
privacy activists should start telling people that storing data in unencrypted form in the cloud lets AI read it and train on it, maybe that will finally get people to care
same with non-E2EE messages
same with non-E2EE messages
Reposted by Ian Preston
Drumrolls, please! I’m thrilled to share the cover for my forthcoming #book from @doubledaybooks.bsky.social
(Penguin Random House), #PROPHECY. This is the best book I’ve written: the boldest, the most innovative, the most personal. I have poured my soul into it like never before. 1/
(Penguin Random House), #PROPHECY. This is the best book I’ve written: the boldest, the most innovative, the most personal. I have poured my soul into it like never before. 1/
November 17, 2025 at 10:35 AM
Drumrolls, please! I’m thrilled to share the cover for my forthcoming #book from @doubledaybooks.bsky.social
(Penguin Random House), #PROPHECY. This is the best book I’ve written: the boldest, the most innovative, the most personal. I have poured my soul into it like never before. 1/
(Penguin Random House), #PROPHECY. This is the best book I’ve written: the boldest, the most innovative, the most personal. I have poured my soul into it like never before. 1/
Reposted by Ian Preston
new blog post bfswa.substack.com/p/6-years-af...
6 years after too much crypto
Test of time passed
bfswa.substack.com
November 17, 2025 at 6:09 AM
new blog post bfswa.substack.com/p/6-years-af...
Reposted by Ian Preston
New reflections from me about the challenge of countering disinformation when the state itself is distributing it
christinapagel.substack.com/p/the-erosio...
christinapagel.substack.com/p/the-erosio...
November 15, 2025 at 2:23 PM
New reflections from me about the challenge of countering disinformation when the state itself is distributing it
christinapagel.substack.com/p/the-erosio...
christinapagel.substack.com/p/the-erosio...
Reposted by Ian Preston
November 14, 2025 at 5:39 PM
Reliable P2P HTTP requests! 1 bug was a subtle native byte buffer memory leak, the other was, well a stupid mistake.
We found two subtle bugs that were making p2p http requests flaky. So here's a release with reliable p2p requests! We now also generate thumbnails for video in android sync. This also strips out the last remaining use of the bitswap client. Upgrade now!
github.com/Peergos/web-...
github.com/Peergos/web-...
Release Reliable P2P HTTP requests · Peergos/web-ui
This release make p2p http requests much more reliable. It also removes all remaining client side usage of bitswap, but still enables receiver-side bitswap (the server side will be removed in a fut...
github.com
November 14, 2025 at 4:11 PM
Reliable P2P HTTP requests! 1 bug was a subtle native byte buffer memory leak, the other was, well a stupid mistake.
Reposted by Ian Preston
Remember:
when they ask
“People who rarely get sick,
what’s your secret?”
they do not want to hear
about the kind of mask you wear,
the activities you refrain from,
or the precautions you take,
they want to know your secret
because they can’t imagine
doing what they know you do.
when they ask
“People who rarely get sick,
what’s your secret?”
they do not want to hear
about the kind of mask you wear,
the activities you refrain from,
or the precautions you take,
they want to know your secret
because they can’t imagine
doing what they know you do.
November 13, 2025 at 6:34 PM
Remember:
when they ask
“People who rarely get sick,
what’s your secret?”
they do not want to hear
about the kind of mask you wear,
the activities you refrain from,
or the precautions you take,
they want to know your secret
because they can’t imagine
doing what they know you do.
when they ask
“People who rarely get sick,
what’s your secret?”
they do not want to hear
about the kind of mask you wear,
the activities you refrain from,
or the precautions you take,
they want to know your secret
because they can’t imagine
doing what they know you do.
Reposted by Ian Preston
More of this please…
www.abc.net.au/news/2025-11...
www.abc.net.au/news/2025-11...
Australia's first treaty with Aboriginal people becomes law in Victoria
Victoria's first treaty with Aboriginal people has been signed by members of the Aboriginal community, the premier and state governor.
www.abc.net.au
November 12, 2025 at 10:34 PM
More of this please…
www.abc.net.au/news/2025-11...
www.abc.net.au/news/2025-11...
Reposted by Ian Preston
Maybe, maybe, there is a counterfactual involving a UK with no BBC that performs worse politically. But there is no doubt at all that there are counterfactuals involving a UK without the BBC that performs better.
The 'how much worse will things be without the BBC' folks never answer this.
The 'how much worse will things be without the BBC' folks never answer this.
In the last decade, the BBC has legitimised climate change denialism, paved the way for Brexit, defended the coup that was prorogation, over-platformed Farage's Far Right projects, and is neutral on our abandonment of human rights norms.
What is this 'good' it supposedly does?
What is this 'good' it supposedly does?
November 11, 2025 at 11:32 AM
Maybe, maybe, there is a counterfactual involving a UK with no BBC that performs worse politically. But there is no doubt at all that there are counterfactuals involving a UK without the BBC that performs better.
The 'how much worse will things be without the BBC' folks never answer this.
The 'how much worse will things be without the BBC' folks never answer this.
This us why we started with fine-grained access control and exfiltration proof apps in @peergos.org Combined with E2E encryption this is very safe, and you can get surprisingly far with that plus a permissioned client side api.
The same thing happens in the fediverse too, for instance, a recent security vulnerability I fixed in Mastodon was that the streaming server allowed access to public statuses even though the access token didn't allow API access to them.
We regularly see read scope being asked for from apps too.
We regularly see read scope being asked for from apps too.
November 8, 2025 at 8:22 PM
This us why we started with fine-grained access control and exfiltration proof apps in @peergos.org Combined with E2E encryption this is very safe, and you can get surprisingly far with that plus a permissioned client side api.
Reposted by Ian Preston
🎉 iroh v0.95 - New Relay, New Errors, Improved Connection API
- relay on the NA west coast
- replaced snafu with n0-error, a new error crate
- infallible remote_id and alpn methods
- Overhauled 0-RTT API
iroh-blobs can now compile to WASM with an in-mem store!
www.iroh.computer/blog/iroh-0-...
- relay on the NA west coast
- replaced snafu with n0-error, a new error crate
- infallible remote_id and alpn methods
- Overhauled 0-RTT API
iroh-blobs can now compile to WASM with an in-mem store!
www.iroh.computer/blog/iroh-0-...
iroh 0.95.0 - A New Relay, Error Handling, and Connection API Improvements
Release of iroh v0.95
www.iroh.computer
November 7, 2025 at 3:50 PM
🎉 iroh v0.95 - New Relay, New Errors, Improved Connection API
- relay on the NA west coast
- replaced snafu with n0-error, a new error crate
- infallible remote_id and alpn methods
- Overhauled 0-RTT API
iroh-blobs can now compile to WASM with an in-mem store!
www.iroh.computer/blog/iroh-0-...
- relay on the NA west coast
- replaced snafu with n0-error, a new error crate
- infallible remote_id and alpn methods
- Overhauled 0-RTT API
iroh-blobs can now compile to WASM with an in-mem store!
www.iroh.computer/blog/iroh-0-...
Our 16th release this year - double the number of releases we had last year, which itself was a record. We are also on track for tripling our paying customers this year too. Come join the future of the web! Private, self-authenticated, self-sovereign. Control your data, control your destiny!
We've got a new release out folks! This features a universal deb build compatible with all versions of Debian, Ubuntu, Mint etc. Lots of server side improvements, we switch from bitswap to p2p http requests to retrieve blocks. Some sync fixes, and UX improvements. github.com/Peergos/web-...
Release Adios bitswap · Peergos/web-ui
This release stops using bitswap to retrieve blocks, instead using p2p http requests. We still serve blocks over bitswap for now. We also have a universal debian build. This means we don't need sep...
github.com
November 6, 2025 at 9:09 AM
Our 16th release this year - double the number of releases we had last year, which itself was a record. We are also on track for tripling our paying customers this year too. Come join the future of the web! Private, self-authenticated, self-sovereign. Control your data, control your destiny!
Reposted by Ian Preston
"We’ve reached out to Google to inquire about why a custom ROM created by volunteers [@grapheneos.org] is more resistant to industrial phone hacking than the official Pixel OS. We’ll update this article if Google has anything to say." arstechnica.com/gadgets/2025...
Leaker reveals which Pixels are vulnerable to Cellebrite phone hacking
Cellebrite can apparently extract data from most Pixel phones, unless they’re running GrapheneOS.
arstechnica.com
October 31, 2025 at 12:14 AM
"We’ve reached out to Google to inquire about why a custom ROM created by volunteers [@grapheneos.org] is more resistant to industrial phone hacking than the official Pixel OS. We’ll update this article if Google has anything to say." arstechnica.com/gadgets/2025...
Reposted by Ian Preston
We've signed. It's long past time when N95s should be the norm not the exception.
Patients & staff deserve to be protected & safe.
Patients & staff deserve to be protected & safe.
Doctors & scientists urge WHO: N95s—not surgical masks—must be the standard in healthcare.
Add your name before Oct 31 👇
tinyurl.com/RespiratorsN...
#RespiratorsNotSurgicals #ProtectHCWs
Add your name before Oct 31 👇
tinyurl.com/RespiratorsN...
#RespiratorsNotSurgicals #ProtectHCWs
A Call for the Universal Use of Respirators in Healthcare - Add Your Name
In an effort to advance global public health through turbulent times, a group of experts from around the globe in medicine, public health, law, industrial hygiene, and other disciplines, met at the Un...
tinyurl.com
October 29, 2025 at 2:37 PM
We've signed. It's long past time when N95s should be the norm not the exception.
Patients & staff deserve to be protected & safe.
Patients & staff deserve to be protected & safe.
Reposted by Ian Preston
We made MLS more decentralized! We are excited to share DMLS that brings fork resilience to the MLS protocol, solving a key challenge in distributed systems while maintaining Forward Secrecy.
This work was made possible by @equalitie.bsky.social, who funded it as part of the Breakout program.
This work was made possible by @equalitie.bsky.social, who funded it as part of the Breakout program.
Making MLS more decentralized
It’s no secret that we at Phoenix R&D are big fans of the Messaging Layer Security (MLS) protocol, having helped it to come into existence. It’s a versatile group key agreement and messaging protocol ...
blog.phnx.im
October 29, 2025 at 9:36 AM
We made MLS more decentralized! We are excited to share DMLS that brings fork resilience to the MLS protocol, solving a key challenge in distributed systems while maintaining Forward Secrecy.
This work was made possible by @equalitie.bsky.social, who funded it as part of the Breakout program.
This work was made possible by @equalitie.bsky.social, who funded it as part of the Breakout program.
Doesn't Signal use this?
Trusted Execution Environments are the gift that just keep on giving [for attackers]....
TDX Attack: tee.fail
SGX Attack: arstechnica.com/security/202...
As the second article says "The chipmakers say physical attacks aren’t in the threat model. Many users didn’t get the memo".
TDX Attack: tee.fail
SGX Attack: arstechnica.com/security/202...
As the second article says "The chipmakers say physical attacks aren’t in the threat model. Many users didn’t get the memo".
TEE.fail: Breaking Trusted Execution Environments via DDR5 Memory Bus Interposition
Breaking Trusted Execution Environments via DDR5 Memory Bus Interposition
tee.fail
October 29, 2025 at 9:50 AM
Doesn't Signal use this?
Reposted by Ian Preston
October 28, 2025 at 5:29 PM
Reposted by Ian Preston
I'm a happy paying user of @signal.org but I'm disappointed by @meredithmeredith.bsky.social thread about the AWS outage.
Signal chose a centralized design to be more nimble (watch to media.ccc.de/v/36c3-11086...), but that comes with drawbacks.
Signal chose a centralized design to be more nimble (watch to media.ccc.de/v/36c3-11086...), but that comes with drawbacks.
The ecosystem is moving
Considerations for distributed and decentralized technologies from the perspective of a product that many would like to see decentralize....
media.ccc.de
October 27, 2025 at 3:46 PM
I'm a happy paying user of @signal.org but I'm disappointed by @meredithmeredith.bsky.social thread about the AWS outage.
Signal chose a centralized design to be more nimble (watch to media.ccc.de/v/36c3-11086...), but that comes with drawbacks.
Signal chose a centralized design to be more nimble (watch to media.ccc.de/v/36c3-11086...), but that comes with drawbacks.