profile picture

Hey, I'm Tao. I'm a software engineer interested in using technology for social good. I'm into computer security, decentralized systems, and philosophy.

Find me on GitLab and Pinboard.



2020-08-12 - Literature review: Routing attacks on Tor

Routing attacks on Tor occur when an adversary attempts to influence the route a Tor circuit takes in order to improve their chances of intercepting traffic.

2020-06-06 - Reasons not to use Telegram

A short list of reasons why I don’t recommend Telegram.

2020-06-01 - Feel-good security in ProtonMail

ProtonMail is one of the most popular security-focused email providers. Because email is not a particularly secure protocol, things like end-to-end encryption have to be bolted on top. To ensure interoperatiblity, an email provider must be able to send unencrypted messages to recipients who haven’t dived into the painful world of PGP.

2020-05-28 - Sometimes-on security: on mixing plaintext and encrypted messages

Several security-focused messaging apps give users the ability to choose between two modes: unencrypted chats, or end-to-end encrypted ones that might lack certain features. This is an anti-pattern when it comes to usable security, and it brings some risks that are rarely discussed.

2020-04-20 - Running ElasticSearch in podman on Fedora 32

Surprisingly painful.