The first ARMOR meeting was a success with 4 great presentations on different aspects of real-world protocol resilience by @vinifortuna.com , Brien Colwell, @distributeddave.bsky.social , and @hellais.bsky.social.
November 6, 2025 at 5:06 PM
The first ARMOR meeting was a success with 4 great presentations on different aspects of real-world protocol resilience by @vinifortuna.com , Brien Colwell, @distributeddave.bsky.social , and @hellais.bsky.social.
Reposted by Nick Sullivan
New guest post from CDT Visiting Fellow & IETF expert @nicksullivan.org: Encrypted Client Hello (ECH) closes the final major privacy gap in HTTPS by encrypting the Server Name Indication (SNI) — a milestone for online privacy. 🌐 Read more:
Encrypted Client Hello: Closing the SNI Metadata Gap
Referencesent-deployment-and-adoption" href="#current-deployment-and-adoption" class="toc-anchor">Current Deployment and Adoptionor">Trial by Firewall-security-systems" href="#adapting-network-security-systems" class="toc-anchor">Adapting Network Security Systemsy-sni-became-the-last-privacy-gap" class="toc-anchor">Why SNI Became the Last Privacy Gapre-metadata-leaks" class="toc-anchor">Background: Where Metadata Leakste, whether governments like it or not. Encrypted Client Hello (ECH) is nearing final IETF standardization [1]. It closes the last remaining metadata leak in HTTPS connections by encrypting the Server Name […]
cdt.org
October 23, 2025 at 3:46 PM
New guest post from CDT Visiting Fellow & IETF expert @nicksullivan.org: Encrypted Client Hello (ECH) closes the final major privacy gap in HTTPS by encrypting the Server Name Indication (SNI) — a milestone for online privacy. 🌐 Read more:
Here are seven things I’m looking forward to in the next month.
Tomorrow, I’ll be guest lecturing with Kyle Hogan at NYU for Sunoo Park’s class on public interest tech. The theme: bikeshedding and how to get things done in internet standards.
Tomorrow, I’ll be guest lecturing with Kyle Hogan at NYU for Sunoo Park’s class on public interest tech. The theme: bikeshedding and how to get things done in internet standards.
October 21, 2025 at 6:44 PM
Here are seven things I’m looking forward to in the next month.
Tomorrow, I’ll be guest lecturing with Kyle Hogan at NYU for Sunoo Park’s class on public interest tech. The theme: bikeshedding and how to get things done in internet standards.
Tomorrow, I’ll be guest lecturing with Kyle Hogan at NYU for Sunoo Park’s class on public interest tech. The theme: bikeshedding and how to get things done in internet standards.
Global network interference and traffic disruption are on the rise. In 2024, governments in 41 countries blocked websites and in 25 countries entire social platforms were restricted (freedomhouse.org/report/freed...).
The Struggle for Trust Online
Around the world, voters have been forced to make major decisions about their future while navigating a censored, distorted, and unreliable information space.
freedomhouse.org
September 30, 2025 at 2:16 PM
Global network interference and traffic disruption are on the rise. In 2024, governments in 41 countries blocked websites and in 25 countries entire social platforms were restricted (freedomhouse.org/report/freed...).
Reposted by Nick Sullivan
Continuing our look at the Enigma track talks is "Fighting Fire with Venom: Adversarial Defense Against Unauthorized Web Crawling," presented by independent technologist Nick Sullivan. 1/3
August 10, 2025 at 10:45 AM
Continuing our look at the Enigma track talks is "Fighting Fire with Venom: Adversarial Defense Against Unauthorized Web Crawling," presented by independent technologist Nick Sullivan. 1/3
Tomorrow on USENIX Security’s Enigma track, I’ll unveil Venom, a new framework to sting back at rogue AI web crawlers with some adversarial mischief. If you’re around Seattle, come say hi or ping me!
www.usenix.org/conference/u...
www.usenix.org/conference/u...
Fighting Fire with Venom: Adversarial Defense Against Unauthorized Web Crawling | USENIX
www.usenix.org
August 13, 2025 at 8:34 PM
Tomorrow on USENIX Security’s Enigma track, I’ll unveil Venom, a new framework to sting back at rogue AI web crawlers with some adversarial mischief. If you’re around Seattle, come say hi or ping me!
www.usenix.org/conference/u...
www.usenix.org/conference/u...
The digital identity space is approaching a dangerous precipice.
newdesigncongress.org/en/note/2025...
newdesigncongress.org/en/note/2025...
The Mask-Off Moment for Digital Identity
Our 18-month investigation reveals how digital identity systems create brittle societies. This foreword traces eight case studies that demonstrate the catastrophic failures of digital identity across ...
newdesigncongress.org
July 21, 2025 at 8:03 PM
The digital identity space is approaching a dangerous precipice.
newdesigncongress.org/en/note/2025...
newdesigncongress.org/en/note/2025...
Reposted by Nick Sullivan
The Call for Contributed Talks is now open for RWC 2026! And the deadline for submissions is now Oct. 10, 2025.
rwc.iacr.org/2026/contrib...
rwc.iacr.org/2026/contrib...
RWC 2026 call for papers
Real World Crypto Symposium
rwc.iacr.org
July 13, 2025 at 3:52 PM
The Call for Contributed Talks is now open for RWC 2026! And the deadline for submissions is now Oct. 10, 2025.
rwc.iacr.org/2026/contrib...
rwc.iacr.org/2026/contrib...
Here are the slides from my recent keynote on post-quantum cryptography and Q-Day.
www.linkedin.com/posts/ntsull...
www.linkedin.com/posts/ntsull...
🏗️ A TALE OF THREE BRIDGES AND THE COMING QUANTUM RECKONING | Nick Sullivan
🏗️ A TALE OF THREE BRIDGES AND THE COMING QUANTUM RECKONING
Two months ago in Berlin I delivered a keynote on post‑quantum cryptography at Visa Risk Reset, an invitation‑only summit for CROs, CISOs, r...
www.linkedin.com
July 7, 2025 at 8:15 PM
Here are the slides from my recent keynote on post-quantum cryptography and Q-Day.
www.linkedin.com/posts/ntsull...
www.linkedin.com/posts/ntsull...
Good read: a detailed and accessible report published on @chinafile by Jessica Batke and Laura Edelson on China's internet censorship system, known as the "Locknet"
locknet.chinafile.com/the-locknet/...
locknet.chinafile.com/the-locknet/...
The Locknet: How China Controls Its Internet and Why It Matters
June 30, 2025 The man gazes earnestly into the camera, the glow from his computer monitor reflecting off his black-rimmed glasses. “This is more than just a cultural moment,” he says with a smile. “It...
locknet.chinafile.com
July 7, 2025 at 5:24 PM
Good read: a detailed and accessible report published on @chinafile by Jessica Batke and Laura Edelson on China's internet censorship system, known as the "Locknet"
locknet.chinafile.com/the-locknet/...
locknet.chinafile.com/the-locknet/...
Fascinating House Judiciary hearing going on live right now: Influence on Americans' Data Through the CLOUD Act. Big focus on the UK and Apple's E2E backup system. www.youtube.com/watch?v=QJgw...
www.youtube.com
June 5, 2025 at 3:11 PM
Fascinating House Judiciary hearing going on live right now: Influence on Americans' Data Through the CLOUD Act. Big focus on the UK and Apple's E2E backup system. www.youtube.com/watch?v=QJgw...
I’m going to hold off on using the term artificial intelligence to describe this current generation of products and just call them what they are: language models. Until they gain mathematical and symbolic reasoning skills, the term “intelligence” is a stretch.
May 30, 2025 at 5:03 PM
I’m going to hold off on using the term artificial intelligence to describe this current generation of products and just call them what they are: language models. Until they gain mathematical and symbolic reasoning skills, the term “intelligence” is a stretch.
Germ is launching support for open-source AT Protocol and the Bluesky platform in their Germ messenger. Everything I want in a messaging app: strong encryption, clean UX, and trust & safety tied to social identity. A big move for private messaging and I can't be prouder to be an advisor.
Yes, you read that right. Germ DM is integrating with #ATProto, bringing you best-in-class E2EE DMs with your Bluesky handle.
Be first to try it in beta, coming sooner than you think.
germnetwork.com/beta-waitlist
Be first to try it in beta, coming sooner than you think.
germnetwork.com/beta-waitlist
Germ-ATProto Beta Waitlist — Germ Network
germnetwork.com
May 23, 2025 at 4:41 PM
Germ is launching support for open-source AT Protocol and the Bluesky platform in their Germ messenger. Everything I want in a messaging app: strong encryption, clean UX, and trust & safety tied to social identity. A big move for private messaging and I can't be prouder to be an advisor.
These last 5 weeks have been a thrill and a half. Now fly me home…
March 28, 2025 at 3:46 PM
These last 5 weeks have been a thrill and a half. Now fly me home…
Reposted by Nick Sullivan
For those following from home (or still in your hotel rooms), here’s the link for the live stream:
youtube.com/live/R1NEfuv...
youtube.com/live/R1NEfuv...
RWC 2025
YouTube video by Real World Crypto
youtube.com
March 26, 2025 at 6:58 AM
For those following from home (or still in your hotel rooms), here’s the link for the live stream:
youtube.com/live/R1NEfuv...
youtube.com/live/R1NEfuv...
Excited to share that we’ve just updated the CFRG Process documentation, clarifying guidelines on document lifecycle, roles, and collaboration within the CFRG. If you’re proposing or managing CFRG work, this is essential reading!
wiki.ietf.org/en/group/cfr...
wiki.ietf.org/en/group/cfr...
Crypto Forum Research Group Process
Overview of CFRG process and best practices
wiki.ietf.org
March 25, 2025 at 1:53 PM
Excited to share that we’ve just updated the CFRG Process documentation, clarifying guidelines on document lifecycle, roles, and collaboration within the CFRG. If you’re proposing or managing CFRG work, this is essential reading!
wiki.ietf.org/en/group/cfr...
wiki.ietf.org/en/group/cfr...
If you haven't been tracking, RCS texting is rolling out end-to-end encryption using MLS. This is a huge triumph of the IETF and the collaborative approach to creating internet-grade protocols championed there.
arstechnica.com/gadgets/2025...
arstechnica.com/gadgets/2025...
RCS texting updates will bring end-to-end encryption to green bubble chats
Lack of encryption was one SMS shortcoming that RCS was created to solve.
arstechnica.com
March 16, 2025 at 5:46 AM
If you haven't been tracking, RCS texting is rolling out end-to-end encryption using MLS. This is a huge triumph of the IETF and the collaborative approach to creating internet-grade protocols championed there.
arstechnica.com/gadgets/2025...
arstechnica.com/gadgets/2025...
There’s going to be an impedance mismatch when people treat an organization as if it’s supposed to just do what they want instead of understanding what it’s actually chartered to do and why. In this case thinking the CFRG is a standards publication venue and not an advisory group for the IETF.
good to hear man, it’s reassuring to know that all the delays were my fault and not anything related to the process!
looking forward to seeing fast and smooth adoption of all the new standards the cfrg is able to form now that that problem has been solved
looking forward to seeing fast and smooth adoption of all the new standards the cfrg is able to form now that that problem has been solved
March 3, 2025 at 3:25 PM
There’s going to be an impedance mismatch when people treat an organization as if it’s supposed to just do what they want instead of understanding what it’s actually chartered to do and why. In this case thinking the CFRG is a standards publication venue and not an advisory group for the IETF.
This is tomorrow. If you’re going, let me know! surf.mozilla.org/events/2025/...
Mozilla Security Research Summit, San Diego 2025
Mozilla Security Research Summit San Diego 2025
surf.mozilla.org
March 1, 2025 at 5:24 AM
This is tomorrow. If you’re going, let me know! surf.mozilla.org/events/2025/...
URnetwork, a new privacy-focused VPN I’ve been helping with just launched on ProductHunt! Check it out, it’s slick.
www.producthunt.com/posts/urnetw...
www.producthunt.com/posts/urnetw...
URnetwork - Say goodbye to your VPN and hello to a P2P powered web | Product Hunt
We’re rebuilding the internet so that you can say goodbye to your VPN and never again make the tradeoff between the content you want and privacy. Introducing URnetwork, a decentralized network powered...
www.producthunt.com
February 27, 2025 at 4:10 AM
URnetwork, a new privacy-focused VPN I’ve been helping with just launched on ProductHunt! Check it out, it’s slick.
www.producthunt.com/posts/urnetw...
www.producthunt.com/posts/urnetw...
I’m attending RightsCon in Taipei next week. Want to talk encryption, censorship and privacy? Let me know.
February 21, 2025 at 5:12 PM
I’m attending RightsCon in Taipei next week. Want to talk encryption, censorship and privacy? Let me know.
The tentative program for Real World Crypto 2025 is live!
rwc.iacr.org/2025/program...
A huge thanks to my co-chair @malb.bsky.social and all the amazing program committee members for helping put this together. I'm looking forward to seeing everyone in Sofia!
#realworldcrypto
rwc.iacr.org/2025/program...
A huge thanks to my co-chair @malb.bsky.social and all the amazing program committee members for helping put this together. I'm looking forward to seeing everyone in Sofia!
#realworldcrypto
RWC 2025 program
Real World Crypto Symposium
rwc.iacr.org
February 19, 2025 at 12:25 PM
The tentative program for Real World Crypto 2025 is live!
rwc.iacr.org/2025/program...
A huge thanks to my co-chair @malb.bsky.social and all the amazing program committee members for helping put this together. I'm looking forward to seeing everyone in Sofia!
#realworldcrypto
rwc.iacr.org/2025/program...
A huge thanks to my co-chair @malb.bsky.social and all the amazing program committee members for helping put this together. I'm looking forward to seeing everyone in Sofia!
#realworldcrypto
Reposted by Nick Sullivan
The list of accepted talk at @rwc.iacr.org is now available: rwc.iacr.org/2025/accepte... Early registration ends 26 February. CC: programme co-chair @nicksullivan.org
RWC 2025 accepted papers
Real World Crypto Symposium
rwc.iacr.org
February 2, 2025 at 12:14 PM
The list of accepted talk at @rwc.iacr.org is now available: rwc.iacr.org/2025/accepte... Early registration ends 26 February. CC: programme co-chair @nicksullivan.org
Everyone knows your location: tracking myself down through in-app ads - tim.sh
timsh.org/tracking-mys...
timsh.org/tracking-mys...
Everyone knows your location
How I tracked myself down using leaked location data in the in-app ads, and what I found along the way.
timsh.org
February 3, 2025 at 4:46 PM
Everyone knows your location: tracking myself down through in-app ads - tim.sh
timsh.org/tracking-mys...
timsh.org/tracking-mys...