home

stuff i repost

links, articles, and videos i find interesting — in no particular order of importance.

rss feed
2026
tmctmt.com apr 16, 2026
HTTP desync in Discord's media proxy: Spying on a whole platform

Using a HTTP desync attack to see what media.discordapp.net attachments are being viewed, in real time, across the entire platform.

read →
linuxiac.com apr 9, 2026
France Launches Government Linux Desktop Plan as Windows Exit Begins

France is transitioning government desktops to Linux, with each ministry required to formalize its implementation plan by autumn 2026.

read →
red.anthropic.com apr 7, 2026
Assessing Claude Mythos Preview’s cybersecurity capabilities

From the anthropic read team.

read →
blog.thereallo.dev mar 28, 2026
I Decompiled the White House's New App

The official White House Android app has a cookie/paywall bypass injector, tracks your GPS every 4.5 minutes, and loads JavaScript from some guy's GitHub Pages.

read →
reddit.com mar 26, 2026
Regarding the Morphe DMCA

ReVanced has been stealing code from Morphe without credit. Open source is generally free for others to use, but open source does not mean "can use without restrictions". There still are requirements to use open source code, and ReVanced is not following them.

read →
youtube.com mar 20, 2026 ▶ video
▶ video
watch on youtube →
github.com mar 13, 2026
Meta Lobbying and Other Findings

A documented collection of Meta's lobbying activity and policy influence — the kind of thing that doesn't make headlines but shapes the rules everyone has to live by.

read →
patrick-breyer.de mar 11, 2026
Historic Chat Control Vote: MEPs Block Mass Scanning of Private Chats

The EU Parliament voted to reject untargeted surveillance of all private messages. A significant win for encrypted communication, though the fight is far from over.

read →
pcgamer.com feb 27, 2026
California Law Requires Age Verification on All Operating Systems — Including Linux

A new California law mandates some form of age verification at account setup for all operating systems. The implications for open-source software and user privacy are significant.

read →
vmfunc.re feb 16, 2026
Persona

A thoughtful post on identity, online personas, and the gap between who we present ourselves to be and who we actually are.

read →
age-verifier.kibty.town feb 12, 2026
How Age Verification Systems Actually Work (and Fail)

A technical breakdown of what "age verification" really means in practice — and why every proposed implementation either doesn't work or creates a surveillance infrastructure far worse than the problem it claims to solve.

read →
2025
gist.github.com dec 15, 2025
Hacking 35 Million+ Snaps — Follow-up Findings

The follow-up to the original bug report: further research uncovering the scale and implications of the Snapchat vulnerability.

read →
arxiv.org oct 31, 2025
Exploiting Silent Delivery Receipts to Monitor Users on Mobile Instant Messengers

fingerprinting TTP via WhatsApp and Signal to find out when someone is active, at work, at home, etc

read →
mobileidworld.com apr 23, 2025
EU Develops Independent Payment System to Reduce Reliance on Global Providers

The EU is building its own payment infrastructure to reduce dependence on US-based processors — part of a broader push for digital sovereignty.

read →
gist.github.com jan 21, 2025
I'm 15 and I Think I Found a Bug Affecting 10 Million+ Apps

A teenager discovers a significant security flaw in a widely-used service through methodical, independent research — a good reminder that age isn't a barrier to serious security work.

read →
2023
tilburglawreview.com feb 17, 2023
Curtailing the Cookie Monster through Data Protection by Default

The EU law that has led to the rise of cookie banner popups is flawed. It's time for a fix.

read →