Rant: Keccak, or the case for software-first ciphers
This is a short rant on SHA3/Keccak which I have some non-security-related issues with
Malicious homeserver can trick Element/Schildichat into revealing links in E2EE Rooms
The Desktop and Web versions of the popular Matrix client Element, as well as its fork Schildichat, support link previews. These can also be activated inside of end-to-end encrypted chats.
The problem arises from its implementation: The setting is stored insecurely on the homeserver and URLs are sent to the homeserver for link preview generation.
This article is the a full disclosure on this issue.
Missing Salamanders: Matrix Media can be decrypted to multiple valid plaintexts using different keys
End to end encryption in chat protocols is a complex topics with lots of pitfalls.
One such pitfall is failing to verify that a ciphertext is meant to be decrypted with a specific key, or that a ciphertext is meant to decrypt to a specific plaintext, especially when an attacker can specify the key.
This post is about how Matrix does not perform authenticated encryption at all for media sent in end-to-end encrypted chats.
Setting up Final Fantasy 14: Online on NixOS
Final Fantasy 14 is an MMORPG that is fully playable on Linux with only minor bugs and that I have been playing for a while now. This post will describe my personal setup of it.
Parts of this will also apply to non-NixOS systems
CSS Tip: Hamburger Menus without Javascript
Expanding or slideover style menus are a popular way to create menus in newer websites, since they are friendly to touchscreen users (unlike menus that activate on hover).
I will show you how I have implemented the settings menu on this website.
Pokémon Gen 1 Living Pokédex Journey: Boulder Badge
As mentioned in the previous blog post, I am creating a Living Dex in Pokémon Yellow. Currently I possess a total of 40 Pokémon from previous games, but this number is of course going to increase starting now.
Pokémon Gen 1 Living Pokédex Journey Introduction
I have wanted to build a living Pokédex in the Pokémon games for quite a while and decided that this summer would be as good time as any to start catching them all. After noticing accidental save corruption (some Pokémon disappeared from the box) in the emulator I was using previously, I decided to restart Pokémon Yellow and write down my experiences down the line.
Managing Passwords without storing them
This article explores an alternative to regular password managers that attempts to store as little information about passwords as possible.