Pradyumna Shome
@pradyumna.bsky.social
Security researcher, board gamer, long-distance runner, EDM enthusiast, boba guy, and dancing goat. Spending my tempo rubato admiring pointillism.
pradyumnashome.com
pradyumnashome.com
Is that Elsa? It’s funny, she taught PL in OCaml for years at UIUC!
November 29, 2024 at 9:15 AM
Is that Elsa? It’s funny, she taught PL in OCaml for years at UIUC!
+1
To add to your list: dependable, conscientious, diligent, tactful, interpersonal, warm, and helpful. Nothing is a solo endeavor!
To add to your list: dependable, conscientious, diligent, tactful, interpersonal, warm, and helpful. Nothing is a solo endeavor!
November 27, 2024 at 11:09 PM
+1
To add to your list: dependable, conscientious, diligent, tactful, interpersonal, warm, and helpful. Nothing is a solo endeavor!
To add to your list: dependable, conscientious, diligent, tactful, interpersonal, warm, and helpful. Nothing is a solo endeavor!
An orthogonal problem is coercion-- how do you prove someone took an action uncoerced (authenticated or not)? This is one of the (currently unsatisfied) requirements for secure electronic voting, and for systems that protect against intimate partner abuse. usenix.org/conference/u...
The Tools and Tactics Used in Intimate Partner Surveillance: An Analysis of Online Infidelity Forums | USENIXusenix_logo_notag_white
usenix.org
November 27, 2024 at 11:02 PM
An orthogonal problem is coercion-- how do you prove someone took an action uncoerced (authenticated or not)? This is one of the (currently unsatisfied) requirements for secure electronic voting, and for systems that protect against intimate partner abuse. usenix.org/conference/u...
I could say the same about decentralized key management. Secret keeping by humans seems intractable in the general case, except for this one scheme I'm aware of -- "Neuroscience meets cryptography: Crypto primitives secure against rubber hose attacks"
usenix.org/conference/u...
usenix.org/conference/u...
Neuroscience Meets Cryptography: Designing Crypto Primitives Secure Against Rubber Hose Attacks | USENIX
usenix.org
November 27, 2024 at 11:02 PM
I could say the same about decentralized key management. Secret keeping by humans seems intractable in the general case, except for this one scheme I'm aware of -- "Neuroscience meets cryptography: Crypto primitives secure against rubber hose attacks"
usenix.org/conference/u...
usenix.org/conference/u...
Device passwords are still user-generated, need to be easy to remember, and suffer from all the same problems that password managers were built to solve.
Cryptography relies on secrets, so I don't see us getting rid of them one way or another🙃-- but what about the UX?
Cryptography relies on secrets, so I don't see us getting rid of them one way or another🙃-- but what about the UX?
November 27, 2024 at 11:02 PM
Device passwords are still user-generated, need to be easy to remember, and suffer from all the same problems that password managers were built to solve.
Cryptography relies on secrets, so I don't see us getting rid of them one way or another🙃-- but what about the UX?
Cryptography relies on secrets, so I don't see us getting rid of them one way or another🙃-- but what about the UX?
It seems like we're going forward in one direction -- we've lowered the risk of account compromise (e.g. credential stuffing / data breach / phishing are less impactful and less probable). We haven't done away with passwords overall though.
November 27, 2024 at 11:02 PM
It seems like we're going forward in one direction -- we've lowered the risk of account compromise (e.g. credential stuffing / data breach / phishing are less impactful and less probable). We haven't done away with passwords overall though.