At least in terms of the Bada55 paper, I think he writes in a fairly jocular style that sounds unprofessional unless you read his citations as well. You seem to object to his occasional jocularity and take it as prima facie evidence of him being “batshit”. Given that you are well known for a jocular writing style, perhaps you should extend some grace.
The slides seem like a pretty nice summary of the 2015-era SafeCurves work, which you acknowledge elsewhere on this site (this thread? They all blend together) was based on good engineering.
No, what I'm saying has only to do with the substance of his claims, which I now think you don't understand, because I laid them out straightforwardly (I might have been wrong, but I definitely wasn't making a tone argument) and you came back with this. People actually do work in this field. You can't just bluster your way through it.
This is a "challenge" with discussing Bernstein claims on Hacker News and places like it --- the threads are full of people who know two cryptographers in the whole world (Bernstein and Schneier) and axiomatically derive their claims from "whatever those two said is probably true". It's the same way you get these inane claims that Kyber was backdoored by the NSA --- by looking at the list of authors on Kyber and not recognizing a single one of them.
What do you think about Bernstein's arguments for SNTRUP being safe while Kyber isn't? Super curious. I barely follow. Maybe you've got a better grip on the controversy.
I’m not sure why you’re hung up on SNTRUP, since DJB didn’t submit it past round 2 of NISTPQC. In round 3, DJB put his full weight behind Classic McEliece.
You’ve previously argued that “cryptosystems based on ring-LWE hardness have been worked on by giants in the field since the mid-1990s” and suggested this is a point in Kyber’s favor. Well, news flash, McEliece has been worked on by giants in the field for 45 years. It shows up in NSA’s declassified internal history book, though their insights into the crypto system are still classified to this day.
That's a funny claim given NTRU goes back to 1996 and was a PQC finalist. I barely know what I'm talking about here and even I think you're bluffing your way through this. At this point you're making arguments Bernstein would presumably himself reject!
Since you've been very strident throughout this thread I'm wondering if you're going to have a response to this. Similarly, I'm curious, as a scholar of Bernstein's cryptography writing --- did the MOV attack (prominently featured on Safecurves) serve as a lovely harbinger of the failure of elliptic curve cryptography?
Well that's sure an argument. You get that I'm not the one who accused him, right? What you think of me has literally nothing to do with the claims Henry de Valence made. My guess is that these two documents (or maybe just the one you posted) are literally the first time you ever heard that name. Am I right?
EDIT: Adding more to my post here because it would be hypocritical for you to complain:
1. I feel like given how I can make accurate predictions about Henry’s sphere of influence, that might gain me a little credibility: https://qht.co/item?id=45495180
2. The reason I insulted you is because I know for a fact that when the mob came and demanded you shun and persecute someone, you caved.
>>> There is a committee at TU/e charged by law with ensuring proper
grading, and I have recently learned that claims by Mr. de Valence
related to this topic have been formally investigated and rejected by
that committee. Now that Mr. de Valence has issued public accusations,
it would seem that a public resolution will be necessary, starting with
Mr. de Valence making clear what exactly his accusations are.
He also points out that de Valence is himself likely guilty of academic misconduct based on his own admissions.
We have two people making contradictory statements. The only ways to resolve it are facts (which were presumably reviewed by the committee) and credibility. You clearly think de Valence is more credible because he’s one of your feline friends, and because your other feline friends accused Appelbaum of sexual crimes, and you hate that Bernstein worked with Appelbaum because in your mind a sexual abuse accusation is as good as guilt of sexual abuse.
de Valence chose the same credibility-destroying path as Lovecruft, Honeywell, et al. did: make serious accusations in the public sphere instead of letting our public institutions charged with addressing these type of accusations do their job. Wise people realize that you can’t be criminally charged for publishing a smear campaign online, but you can be criminally charged for filing a police report, and evaluate accordingly.
The same credibility-destroying path of questioning the conduct of your hero, I do get what you're saying, we don't have to belabor this. If you had a real argument you'd have presented it by now.
I fully agree Matthew Garrett is not a secret NSA propagandist. There is a much simpler explanation.
In 2016, Isis Lovecruft was romantically involved with Jacob Appelbaum. Isis lost a coveted PhD student spot studying under Bernstein to… Jacob Appelbaum. Isis broke up with Jacob and accused him of sexual abuse in a spectacularly public manner.
Isis became romantically involved with Henry de Valence, another Bernstein PhD student. Valence became acquainted with Appelbaum. Later, under Isis’ direction, Valence published a wild screed full of bizarre accusations trying to get Appelbaum expelled and Bernstein fired. When this failed, Isis dumped Valence and publicly accused him of sexual abuse.
Isis Lovecruft is now married to Matthew Garrett. Obviously Matthew is going to work to discredit Bernstein, because if he fails, he knows what the next two steps are.
ML-KEM and SIKE were both candidates in the PQ competition which ML-KEM won. SIKE was considered such a strong contender that it was used in production TLS experiments at scale by Google and Cloudflare. (I guess you didn’t read past the second paragraph?)
You find it offensive now to compare ML-KEM and SIKE because SIKE was so thoroughly broken and demonstrated to be worse than pre-quantum crypto. But ML-KEM may already be broken this thoroughly by NSA and friends, and they’re keeping it secret because shipping bad crypto to billions of people enables SIGINT. The idea that your professional crypto acquaintances might be on the NSA’s payroll clearly disturbs you enough that you dismiss it out of hand.
Bernstein is proposing more transparency because that is what was promised after the Dual-EC debacle. Do you disagree with Bernstein because he advocates for transparency (which could prevent bad crypto shipping), or because of his rhetorical style?
I find the comparison risible because SIKE is based on an entirely different and novel problem class, and the vibe I get from Bernstein is that he thinks lattice cryptography is alien enough to people who don't work in this space that they'll miss the fact that cryptosystems based on ring-LWE hardness have been worked on by giants in the field since the mid-1990s.
You seem blind to the obvious corollary to that fact, which is if cryptosystems based on ring-LWE hardness have been worked on by giants for 30 years, then those same cryptosystems have been cryptanalyzed for 30 years, and a significant chunk of cryptanalytic research stays in NSA’s Classified Mathematics Library.
You’ve admitted you were “loudly wrong” when you announced Dual-EC couldn’t be an NSA cryptography backdoor. Snowden let us all know the NSA spends $250 million every year secretly convincing/bribing the private sector to use bad cryptography. Despite that history, you are still convinced there’s no way ML-KEM is an NSA cryptographic backdoor and that all the bizarre procedural errors in the PQ crypto contest are mere coincidences.
[checks my text messages] Lucy just texted me, Thomas. She’s outside waiting for you to kick her football.
When someone discovers the trick necessary to decrypt ML-KEM in an hour and publishes it in the unclassified sphere, I assume your response will be “hey, I may have been wrong yet again, but at least I wasn’t impudent!”
Again, to my point: you think the subtext of this post is that someone is going to break module-LWE with a Python script, because, I guess, to you these (module-LWE and supersingular isogenies) are equivalently exotic cryptography primitives. It bothers me that the author of this post is banking on you not understanding the difference here.
You saw a similar thing in Bernstein's earlier railing against the NIST contest (which he participated in), happily whipping up a crowd of people who believed Tancrede Lepoint or Chris Peikert or Peter Schwabe might have been corrupted by NSA, because nobody in that crowd have any idea who those three researchers are.
I mean, if you're putting me in the same camp as Mark Dowd, I'm flattered.
What I think you're not seeing is that this isn't a SIKE vs. Lattice kind of debate; it's a Curve25519 vs. P-256 kind of debate. P-256 was never broken. Curve25519 made smart engineering decisions that for years foreclosed on some things that were common in-the-real-world implementation pitfalls. P-256 has closed that gap now, but for the whole run of the experience they were both sane choices.
That's a generous interpretation. Another parallel would be Rijndael vs. Serpent, where the Serpent advocates were all "I don't know about this Rijndael stuff seems dicy". Turned out: Rijndael was great.
But Bernstein wants you think that rather than a curve-selection type debate, this is more akin to a "discrete log vs. knapsack" debate. It isn't.
According to the New York Times in 2013, based on Snowden documents, the NSA allocates $250 million every year for the actions you quoted. They call it the “SIGINT Enabling Project”.
You are not allowed to have a moderate opinion on gender representation in tech, and you are not allowed to have photos of steak on your NixOS discussion forum profile:
> Srid states his opinion on the gender survey question under a topic titled “Nix Community Survey 2023 Results”. This response, a week later (see next point below), gets moved to a separate thread and gets unlisted (meaning, nobody can reach it without a direct link) by a moderator.
The problem is that communities want to have (or at least tolerate having) these demographic surveys in the first place. The easiest way to avoid identity politics drama is to avoid identity politics, and the easiest way to avoid identity politics is to minimize and discourage mention of identity. pg was right (https://www.paulgraham.com/identity.html).
Open source is for everyone. The OSI is abundantly clear about this. For any given project this means everyone in principle; there is no obligation to check whether you have collected all the identity Pokemon. If your group is small this is impossible and if it is large then it is either inevitable or a failure is not your fault (and trying to force the issue is in fact the discriminatory thing). Besides which, the identity Pokedex doesn't exist in the first place. Why even invite the argument about the categories that need to be considered?
You don't draw a circle by adding more sides. You draw it by using a damn compass.
i mean, this is a set of opinions and positions that are far beyond anything that could be called "moderate opinion[s] on gender representation" and are pretty uncontroversially terrible, particularly in the context of any non-homogeneous community of people
if you post something like this to the public internet and stand behind it, then man i'm not sure what you expect, you're self-identifying as an asshole, and it can't be surprising when you're banned from places as a consequence
edit: good lord, i clicked around a bit more on that website, dude is obviously a psychopath, and i feel duped even responding to this kind of nonsense
Could you state, for the record, your understanding of what "opinions and positions" are concretely expressed there, and your estimate of what proportion of the general population you'd expect to agree with them? I'm having a hard time understanding what you find objectionable there, aside perhaps from the fact that a political ideology is being criticized in arguably disparaging terms.
> The first step to resist or undo Woke Invasion in your organization (or your psyche) is to thoroughly understand its creed Critical Race Theory, so as to uncover the fact that generally speaking woke disciples care less about the problems in the world than assuaging their self-centered ideological feelings. 1 The next step, obviously, is then to effectuate an elimination of the wannabe woke invaders from your organization by instituting a culture based on common sense values stripped of identity politics.
this wildly pejorative definition of the central concept at play in the discussion, probably, is a good start to what i find objectionable, yeah?
or maybe the author's own definition of "wokeism"
> Wokeism is a secular religion that originated in the United States of America, based on the pseudoscienfic field Critical Race Theory. It presumably took roots around 2016 (see Woke Invasion) and has been withering away since around 2024. Bigoted ideologies like neoracism fall under wokeism.
which is about on the same level as vaccines cause autism
i'm sure there are lots of people who think otherwise and maybe you're one of them but frankly there is nothing useful to be gained by arguing the merits of this kind of stupidity
> which is about on the same level as vaccines cause autism... but frankly there is nothing useful to be gained by arguing the merits of this kind of stupidity
I prefer to follow the HN guidelines and not use language like that, but the feeling is mutual. (And I can assure you that the ideas you're trying to dismiss as fringe are in fact quite widely supported.)
Regardless, I'll try:
Certainly srid's rhetoric there would not be appropriate in the HN comment section (and you can see a clear difference in style between that rhetoric and srid's actual HN comments). But it frankly comes across that you primarily object to the fact that someone else doesn't like your politics and seeks to prevent such politics from taking root in more places.
And srid very clearly refers to documented and evidenced phenomena: many academics are quite open about their use of CRT, and there are clear connections between that theory and observable real-world policy (in particular, policies that attempt to effectively implement racial quotas while pretending they are not racial quotas), and abundant critiques of the pseudoscience involved. What is here called "neoracism" (not a term I've heard anywhere else) seems to simply mean racism that targets white people (and sometimes Asians; and where this happens, pointing out Asian victims often seems required in order to get anyone to care). This demonstrably exists (the people claiming it not to exist will commonly engage in it, and commonly seek to redefine terms to excuse themselves), is obviously bigoted (on basic principles of morality that children understand), and has clear real-world impact (see e.g. https://en.wikipedia.org/wiki/Students_for_Fair_Admissions_v...).
Your shallow dismissal of all of this, aside from not being how we do things here, is ignorant of the available evidence. Taking the so-called "Diversity, Equity and Inclusion" efforts at face value is a mistake. We are talking here about people who believe that racism is inherent to being white (https://duckduckgo.com/?q=%22all+white+people+are+racist%22), and invent terms like "whiteness" (https://en.wikipedia.org/wiki/Whiteness_theory) in order to perpetuate harmful stereotypes (leading to additional concepts like "white fragility", "white defensiveness", "white degeneracy", "white space" etc.). It is pseudoscientific because many of those terms are aimed at not only dismissing criticism without addressing it, but holding up the act of criticism itself as evidence.
> There is nothing "anachronistic" about pointing out the clear, well-evidenced facts about the racism that is demonstrably being perpetuated today.
You were cherry picking
I am a long way from the Americas (New Zealand), so I know little of the racism in the USA
But here the realisation that our dominant paradigms were based on racist and sexist assumptions has lead to an enormous flowering of culture. Don't knock it, it has made social conditions much better especially for young people (as economic conditions got much worse)
From this distance it looks to me that racism in particular and bigotry and prejudice in general in the USA are deeply entrenched and backed by violent fanatics on all sides. The reactionary bigots appear to have the upper hand for now, but it looks like it will not hold
I hope the USA can avoid the sort of violent conflicts of the 1860s, not looking good
>> our dominant paradigms were based on racist and sexist assumptions
> I don't think they actually were.
Open a book!
The dscovery doctrine
In the USA there is westward expansion, both genocidal and racist
Women have only been entitled to equal pay since the 1970s in most places
Indigenous Australians were only considered fully people in the 1960s
Most European countries restricted the rights of Jews until mid nineteenth century (or worse)
The Tasmainian genocide
In New Zealand the invasion of the Waikato
Canadian Christian schools
In New Zealand Māori were denied university education from about 1880 until the 1970s (a very few snuck through, some pretending they were foreign)
It was legal to rape your wife until very recently
When a woman married she had to resign her job (my grandmother)
Until the 1960s in NZ a married woman needed her husband's permission for a bank loan
On and on, from my memory banks. I am no historian nor sociologist so I may have buzzed some details, but you should get the point. The West's dominant paradigms are historically deeply racist and sexist.
More generally it is prejudice and bigotry
Whatever, you should see why DEI, even if it has become a box ticking farce, it has deep roots in desperate need
private communities (which in this context would include any website that doesnt end in .gov) banning assholes, has no impact on the human rights of those banned assholes, it is not a human right that you get to have an account on a private website
in the same way that getting trespassed from chipotle for not wearing pants when ordering your burrito bowl, doesn't mean your rights have been violated
Surely there is some implied right, as a user and developer on Nix to take part in the forums?
Should the quality of your opinions, outside the forum, be considered?
It is a difficult problem when dealing with notorious assholes. If they are playing a constructive part inside the organisation, at what level of notoriety and assholeness should the moderators pull the pin?
