Hacker News: honzaik

New comment by honzaik in "LinkedIn Is Illegally Searching Your Computer"

honzaik — Thu, 02 Apr 2026 14:57:45 +0000

I am aware that google will take looong time to act. that is why I mentioned that it is LinkedIn (Microsoft) or its contracted fingerprinting/"monitoring" partner who may have more direct ways to report this if they actually investigate malicious extensions.

but that doesn't really matter. for the sake of the argument assume the extensions are not malicious (as evidenced e.g. by the PQC one with ?16 users?) does that change the situation?

New comment by honzaik in "LinkedIn is searching your browser extensions"

honzaik — Thu, 02 Apr 2026 14:22:13 +0000

well if they have evidence why they dont report it? why are these extensions on the store? im sure linkedin has enough motion to report it directly to google

also, having a PQC enabled extension doesnt seem like a good "large user base capture" tactic.

the source code is as usual obfuscated react but that doesnt mean its malicious...

EDIT: i debuged the extension quickly and it doesnt seem to do anything malicious. it only sends https://pqc-extension.vercel.app/?hostname=[domain] request to this backend to which it has permissions. it doesnt seem to exfiltrate anything else. it might get triggered later but it has very limited permissions anyway so it doesnt seem to be a malicious extension. (but im no expert)

New comment by honzaik in "LinkedIn is searching your browser extensions"

honzaik — Thu, 02 Apr 2026 14:16:26 +0000

it apparently scans for something like "PQC Checker", an extension for checking if TLS connection is PQC-enabled? how is that a spam extension (and thats just a random one i saw)

New comment by honzaik in "Quantum computing bombshells that are not April Fools"

honzaik — Thu, 02 Apr 2026 08:13:38 +0000

1) yes, everything is affected, but everything else is being migrated to PQC as we speak

2) "256-bit encryption" has different meanings in different contexts. "256-bit security" generally refers to cryptosystem for which an attack takes roughly 2^256 operations. this is true for AES-256 (symmetric encryption) assuming classical adversaries. this is not true for elliptic curve-based algorithms even though the standard curves are "256-bit curves", but that refers to the size of the group and consequently to the size of the private key. the best general attacks use Pollard's rho algorithm which takes roughly 2^128 operations, i.e., 256-bit curves have 128-bit security.

in the context of quantum attackers, AES-256 is still fine although theoretically QCs halve the security; however its not that big of a deal in practice and ultimately AES-128 is still fine, because doing 2^64 "quantum operations" is presumed to be difficult to do in practice due to parallelization issues etc.

the elliptic curve signatures (used in Bitcoin) are attacked using Shor's algorithm where the big deal is that it is asymptotically polynomial (about O(n^3)) meaning that factoring a 256-bit number is only 256^3/4^3 = 262144x more difficult compared to factoring 15. this is a big difference from "standard" exponential complexity where the difficulty increases exponentially by factors of 2^n. (+ lets ignore that elliptic curve signatures dont rely on factoring but the problem is essentially the same because Shor does both because those are hidden subgroup problems)

the analysis is more complex but most of it is essentially in that paper and explains it nicely.

New comment by honzaik in "US asked Ukraine for help fighting Iranian drones, Zelensky says"

honzaik — Fri, 06 Mar 2026 09:50:20 +0000

the NYT is reporting this was the US https://www.nytimes.com/2026/03/05/world/middleeast/iran-sch... i recommend employing more critical thinking in the future and less propaganda spreading

New comment by honzaik in "OpenAI needs to raise $207B by 2030 so it can continue to lose money"

honzaik — Wed, 26 Nov 2025 09:45:41 +0000

this comment feels so eerie as I am currently reading Zuboff's "The Age of Surveillance Capitalism," which itself is interesting to read now since its written before the huge AI leap.

Also, it reminded me of the following quote, mentioned in the book, from Langdon Winner

The changes and disruptions that an evolving technology repeatedly caused in modern life were accepted as given or inevitable simply because no one bothered to ask whether there were other possibilities.

New comment by honzaik in "Quantum Computation Lecture Notes (2022)"

honzaik — Thu, 12 Jun 2025 21:23:29 +0000

this may give you an idea about his current outlook https://www.youtube.com/watch?v=DQFyQgA_GE4

New comment by honzaik in "Why cryptography is not based on NP-complete problems"

honzaik — Thu, 13 Feb 2025 09:22:11 +0000

afaik the "right kind of code" does a lot of heavy lifting for practical implementations, such as Classical McEliece.

correct me if I am wrong as I havent spent much time looking into it, but the security analysis essentially says "we assume the Goppa code is indistinguishable from a random code so the best attack is to do generic decoding for a random code (NP-hard problem)". but there is no reduction to some NP-hard problem that Goppa code (the specific code used in Classical McEliece) is indistinguishable.

the assumption is reasonable as nobody has been able to find a distinguisher for decades. also, if a distinguisher exists, it also doesn't translate into a direct attack against the system, it just means you cannot rule out "structural attacks" and jump to NP-hard problem.

New comment by honzaik in "U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, First-Ever Report"

honzaik — Thu, 06 Feb 2025 17:15:48 +0000

OK, hoarding discovered zero-days might not be the best strategy, BUT if we actually create a backdoor and don't tell anyone about it, then this should be safer right? right? /s

https://www.wired.com/2015/12/researchers-solve-the-juniper-...

https://en.wikipedia.org/wiki/Dual_EC_DRBG

https://en.wikipedia.org/wiki/Juniper_Networks#ScreenOS_Back...

New comment by honzaik in "Understanding Memory Management, Part 1: C"

honzaik — Fri, 24 Jan 2025 09:35:23 +0000

i am no C programmer, but doesnt the first pseudocode make no sense (and others after since they reuse it)?

  address = X
  length = *X
  address = address + 1
  while length > 0 {
    address = address + 1
    print *address
  }

1) length is never updated so while is infinite loop (if length is not 0)

2) the first character is never output since at address 0 (assuming X=0 at the start) is the value length but then the pointer is incremented twice so the first print *address prints the character at address 2?

if I am mistaken I'd be happy if someone explained why it makes sense

New comment by honzaik in "Benchmarking RSA Key Generation"

honzaik — Fri, 03 Jan 2025 16:09:07 +0000

well, it depends on the size of the quantum computer. of course you can make large enough RSA keys (depends whats your security margin/assumptions) but the problem is that the size/computational increase is exponential whereas the solving speed scales polynomially.

https://eprint.iacr.org/2017/351

New comment by honzaik in "Benchmarking RSA Key Generation"

honzaik — Fri, 03 Jan 2025 16:01:51 +0000

it might be this https://facthacks.cr.yp.to/fermat.html

if N=p*q and p-q < sqrt(p) then its easy to factor

New comment by honzaik in "Hezbollah pager explosions kill several people in Lebanon"

honzaik — Tue, 17 Sep 2024 15:58:43 +0000

It may be a combination of making the battery overheat which would trigger the planted explosives from a supply chain attack. Of course, I am no hardware engineer/bomb expert to know if that is possible.

New comment by honzaik in "CrowdStrike will be liable for damages in France, based on the OVH precedent"

honzaik — Thu, 25 Jul 2024 10:40:01 +0000

time to issue 50€ gift cards!

New comment by honzaik in "Visual explanation of SAML authentication (2020)"

honzaik — Wed, 24 Jul 2024 16:15:38 +0000

Well that depends on the binding right? In case you use the "artifact binding" then theres also direct communication between SP and IdP. I havent seen it in the wild and I am also no professional, but I saw it in the 2.0 standard, e.g., see https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-...

New comment by honzaik in "Deep Dive into XZ Utils Backdoor [video]"

honzaik — Tue, 30 Apr 2024 07:50:09 +0000

I watched the TC interview with Durov (Telegram) and apart from it being a big Telegram ad what struck me is that he told a story about his employee being approached by "an intelligence agency" and asked to reveal information about what open-source libraries they use.

It is kind of strange since their apps are supposed to be open source, maybe he meant the backend? Nonetheless, it seems this has been their modus operandi for a long time.

New comment by honzaik in "TwitchAdSolutions – Blocking Twitch Ads"

honzaik — Mon, 15 Apr 2024 14:50:40 +0000

These solutions are not perfect and typically stop working after a certain time because they patch it/unintentionally break it.

The only reliable solution I found is to VPN to some non-western country where they typically don't have advertisers. Of course, this brings a load of other issues :`).

New comment by honzaik in "XZ backdoor story – Initial analysis"

honzaik — Sat, 13 Apr 2024 11:20:19 +0000

I mean it highly depends on the CPU so I only posted it to show the relative slowdown compared to ECDSA. I ran this on my free tier Google Cloud server so it is not some super CPU.

However yes, even on this, not so powerful CPU, it doesnt take 500ms so I dont think it explains it.

New comment by honzaik in "XZ backdoor story – Initial analysis"

honzaik — Sat, 13 Apr 2024 10:12:12 +0000

Another interesting thing regarding the ECC is they use Ed448, compared to something conventional like ECDSA with P-256 or Ed25519, which is way slower (30x-ish slower verification):

(OpenSSL benchmark numbers)

                              sign/s verify/s

   256 bits ecdsa (nistp256)   34642.6 11700.3

                              sign/s verify/s

   456 bits EdDSA (Ed448)   3209.5 409.5

There is basically no incentive to use Ed448 unless you think ECDSA with 256-bit curves is insecure or will become in the near future.

New comment by honzaik in "Recent 'MFA Bombing' Attacks Targeting Apple Users"

honzaik — Wed, 27 Mar 2024 08:43:23 +0000

I am confused. What does happen after clicking allow? Does Apple just provide a password reset form to the person on the iForgot website or does it show up only on the device?