https://eprint.iacr.org/2026/058

starts writing on the chalkboard, Bart Simpson style

"I will NOT get nerdsniped into another cryptography side-project."

The frustrating part about attack papers like this is how much they step on the same rakes that were deemed hazardous for more than 20 years.

My heuristic from 2023 still rings true lol

https://soatok.blog/2023/01/21/how-you-respond-to-security-researchers-says-everything-about-you/#password-managers

https://eprint.iacr.org/2026/058

Wow

Y'know what's funny?

I spend a lot of time thinking about and working on technology to make it easier for folks to have privacy in their comms,

But most of my chats are like:

"awawawawawa"

[furry sticker]

[furry sticker]

[furry sticker]

"why are compilers, man?"

Matrix has many incentives to lie or mislead. Their leadership includes the CEO of a company whose product is a Matrix client. There's active political talks about the EU investing heavily in Matrix. He's got a vested interest in looking good, even at the expense of doing or even being good.

On the other hand, I have nothing to gain. If everyone switches to Matrix tomorrow, nothing in my life changes. If Matrix self-implodes and everyone goes back to XMPP tomorrow, nothing in my lfie changes.

The only things I want are:

1. End-to-end encryption to be better.
2. End-to-end encryption to become ubiquitous for communication protocols and apps.
3. The large tech companies whose business models involve privacy violations and stealing from artists and other creative workers to burn down so gloriously that society forgets the word "billionaire" in twenty years.

I've had a few people ask why I didn't post the full Matrix email on my Fedi thread. There are two reasons:

1. It wouldn't fit in 1k characters.
2. Listen carefully:

Y'know how "just getting caught cheating on your monogamous partner" isn't the right time to discuss exploring ethical nonmonogamy?

In a similar vein, asking for information while dismissing a report as "no practical security impact" is still dismissing the goddamn report.

I excerpted the part of their email where they dismissed my report. That was the part that initiated the immediate disclosure. The inciting turn of phrase.

It doesn't matter how much you piss on my leg, I'm not going to believe it's raining.

@RueNahcMohr Compiler optimizations are black magic

Stolen from a hellsite user

I've never met a bigger group of dumbfucks than Matrix defenders

Like holy shit, how are they all so dense

A web developer and a speedrunner have a very different understanding of the term iframe

RE: https://furry.engineer/@soatok/116088925054375056

I'm going to be very clear about something:

If you tell me that something I reported has "no security impact", I publish it as soon as possible.

If you're wrong in your assessment of the actual security impact, that's not my problem.

If you're citing an argument about the wrong level of abstraction, I will tell you you're wrong (and why) while I'm publishing.

Do you know a neat trick for avoiding this outcome?

It's called the Socratic method in fancy circles, but it's basically: Ask clarifying questions.

https://soatok.blog/2026/02/17/cryptographic-issues-in-matrixs-rust-library-vodozemac/

#Matrix #infosec #vulnerabiltiy #cryptography #privacy

The crucial thing Arathorn hasn't figured out is he's his own worst enemy when it comes to public relations.

Several folks have told me they stopped trusting Matrix. But not because of my write-up. They stopped trusting Matrix because of how Matrix responded to my write-up.

They couldn't just said something banal like, "Thanks for contributing to the security of Matrix," and done less damage to their own reputation.

There are more pathetic comments on the Hacker News thread.

For example:

(Would you believe this guy has -18 karma?)

The Matrix guy is incentivized to control the narrative here. No surprise there.

But I implore anyone paying attention to critically evaluate the facts and what he said then as well as what he's saying now.

Like, the issues I found aren't even particularly difficult to mitigate. I provided some sample code in my Matrix disclosure blog post and pointed to a bitsliced AES implementation (BearSSL) for systems that can't do AES-NI.

Hell, you could probably get a fucking LLM to do it. Trail of Bits published a Claude skill for detecting whether a compiler has undermined the intent for code to be constant-time. But the heavy-lifting is done by a Python script.

Shipping cryptography without side-channels was table-stakes for being taken seriously.

(Note: I'm not endorsing LLM use. This is a flippant remark about how embarrassing the things I found in Matrix's Olm library were.)

Ah, the Matrix guy decided to chime in on the Hacker News thread about my blog.

https://news.ycombinator.com/item?id=46979742#46982871

Of course his comment is bullshit.

@0x4d6165 That said, secure encryption needs to be lower-friction for most people to use.

It needs to be secure even if the end user isn't thinking about security.

This is why I've spent years on Key Transparency, where most app developers were perfectly content with "demand users manually verify key fingerprints" instead.

@0x4d6165 Anyway, to that I say: No.

It's important for privacy that a lot of the data being encrypted is low-value.

If you only ever encrypt activist stuff, then by virtue of using encryption the government can argue they know you're doing activist stuff. Possibly illegal activist stuff. And a Grand Jury will be convinced.

But if we normalize using encryption always, not just for "sensitive" stuff, then that argument falls apart.