Hafa adai! 👋
My name is Eli,
I build private and performant data systems.
Recent notes
Don't wait for FHE, encryption-in-use is possible today*!
*terms and conditions may apply.
TIL: Testing Secure Zeroization in Zig with Custom Memory Allocators
TIL: compile with a locally patched Zig standard library via
--zig-lib-dirZig
TIL
Programming
Madrid Culture Nuances
Personal
Archive
Spain
Odd tcsh issue on alpine linux [UPDATED]
Archive
Software
Programming
Linux
Alpine Package Names
Archive
Programming
Software
Linux
Recent links
Password managers are an important area with surprisingly little formal analysis and this work emphasized the importance of fixing that.
To be presented at Real World Crypto 2026 and published at USENIX Security 2026.
Full paper can be found here: https://eprint.iacr.org/2026/058.
Bitwarden’s blog post on the subject is here: https://bitwarden.com/blog/security-through-transparency-eth-zurich-audits-bitwarden-cryptography/1.
Specific remediation details can be found in the report linked at the end. ↩︎
via Bas Westerbaan
A curated and crowdsourced list of ~*fancy*~ cryptography protocols, currently deployed at scale.
Some rabbit holes I’m falling down:
A super bowl chaser. The only thing more powerful than hate is love.
It’s been more than forty years since Ken Thompson delivered his famous talk, “Reflections on Trusting Trust“, which pointed out how there is no avoiding some level of trust. Hence the question here is not: should we trust someone. That decision is already taken. It’s: should we trust that WhatsApp is not running the biggest fraud in technology history.
Advice as old as time but I often forget. Placed well in the context of today’s workplace.