Recently I read about a number of studies that have been frustrated in their attempts to find the genes associated with extreme intelligence.

This article, in particular, highlights the difficulties in pinning down genius.

There might be an evolutionarily conserved reason why genius is not trivially linked to genes. For…


When developing an enterprise-scale server cluster, one source of potential failure is the high cost of connection establishment:

For example:

  • TLS Connection Negotiation is expensive
  • TLS Connection Negotiation can be made significantly more expensive for the server, if the attacker chooses to
    — Repeatedly renegotiate
    — Repeatedly connect

Many custom…


“Paltering” is a fun word which typically means “telling the truth in a way intended to deceive”.

Most companies, SAAS services pay lip service to regulation by encrypting data at rest using similar technologies:

  • Whole disk encryption
  • Whole database built-in encryption

Check out this nice page on how to “protect…


The streets are lines with burning cars and the screams of righteous anger. A motley mob of thirty protesters is walking down the city street shouting “death to facism".

Three lone dissenters face them down, weighing their options.

“We could just lie and say we agree with them, maybe smash…


Imagine a fake world with fake creatures where all anyone needs to do is move bushels. Everyone in this world has one job. They pick up bushels and move them. Everyone gets everything they need from this bushel-moving activity.

So now the world is in stasis. Everyone is equal. All…


When designing an endpoint application that’s exposed to the internet, extra care must be taken when using “dicts” or “unordered maps” implemented as hash tables with trivially attackable hash functioons.

If you’re not sure how your dict is implemented, or don’t want to read too much, just don’t use them……


Microservice architecture has, finally, been made easy with technologies like kubernetes, docker, and wsgi.

Larger companies have been building out distributed computing architectures for 30 years. …


There are several circulating blog articles about password managers claiming that this XKCD comic is incorrect:

The typical analysis goes something like this:

  • Users shouldn’t be choosing passwords
  • Users should use a password manager
  • Brute force isn’t the important attack
  • Sites should have password policies

The authors of these articles…


Currently, the leading proposal for a multisignature scheme is an M of M scheme. I would propose an additional protocol that provides for a threshold M of N scheme that has utility in circumstances where key loss is a concern.

The scheme causes signing to be interactive. But the security…


Gold has no fundamentals to speak of except some shitty value in industry and the fact that it’s limited and impossible to forge (better than Bitcoin here by a bit). Ultimately you can’t eat it or live in it and you can’t shoot people with it. …

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store