Hafa adai! 👋
My name is Eli,
I build private and performant data systems.
Recent notes
Don't wait for FHE, encryption-in-use is possible today*!
*terms and conditions may apply.
TIL: Testing Secure Zeroization in Zig with Custom Memory Allocators
TIL: compile with a locally patched Zig standard library via
--zig-lib-dirZig
TIL
Programming
Madrid Culture Nuances
Personal
Archive
Spain
Odd tcsh issue on alpine linux [UPDATED]
Archive
Software
Programming
Linux
Alpine Package Names
Archive
Programming
Software
Linux
Recent links
Did recent events leave you wondering “how could LLMs be useful for spying on citizens”? Here’s just one concrete example.
We show that from a handful of comments, LLMs can infer where you live, what you do, and your interests – then search for you on the web. In our new research, we show that this is not only possible but increasingly practical.
Check out the full paper for details.
Buddy Guy brought the house down at Tiny Desk, with a feature from rising-superstar Miles Caton.
Once again, thank you Sinners.
When you overload a credential used for authentication by also using it for encryption, the ‘blast radius’ for losing that credential becomes immeasurably larger.
Password managers are an important area with surprisingly little formal analysis and this work emphasized the importance of fixing that.
To be presented at Real World Crypto 2026 and published at USENIX Security 2026.
Full paper can be found here: https://eprint.iacr.org/2026/058.
Bitwarden’s blog post on the subject is here: https://bitwarden.com/blog/security-through-transparency-eth-zurich-audits-bitwarden-cryptography/1.
Specific remediation details can be found in the report linked at the end. ↩︎
via Bas Westerbaan
A curated and crowdsourced list of ~*fancy*~ cryptography protocols, currently deployed at scale.
Some rabbit holes I’m falling down: