LightNews
dadrian.io
David Adrian
@dadrian.io
530 followers 95 following 220 posts
Used to do TLS, still kind of do TLS. PM at Chrome Security. Founded Censys. @scwpod.bsky.social
Posts Media Videos Starter Packs
dadrian.io
David Adrian @dadrian.io · 21d
Iowa-Rutgers hitting the over? Trump ruined the B1G West.
dadrian.io
David Adrian @dadrian.io · Sep 11
New post! Stop trying to solve revocation, we already have the answer. dadrian.io/blog/posts/r...
Revocation ain't no thang.
Adam Langley wrote about how revocation in the Web PKI doesn’t work over 10 years ago. Since then, the Web PKI has drastically changed for the better, despite not appearing to “solve” revocation. Unfo...
dadrian.io
1 4
dadrian.io
David Adrian @dadrian.io · Sep 6
Kirk Herbstreit is going to be the first person to make a Golden Retriever unlikable.
1 1
Reposted by David Adrian
rmhrisk.bsky.social
rmhrisk @rmhrisk.bsky.social · Sep 3
The bigger issue? Microsoft’s root program still trusts this CA, leaving Edge and Windows users exposed in ways Chrome, Firefox, and Safari users aren’t.

The pattern is familiar: long-lived trust, weak oversight, systemic risk. It’s time for Microsoft to step up and fund proper root governance.

👇
Another Sleeping Giant: Microsoft’s Root Program and the 1.1.1.1 Certificate Slip | UNMITIGATED RISK
unmitigatedrisk.com
2 1 3
dadrian.io
David Adrian @dadrian.io · Sep 2
Tell Holly and her mom I say hi
1
dadrian.io
David Adrian @dadrian.io · Sep 2
If you look closely, you can see UNC’s quarterback is not Tom Brady
1 1 3
Reposted by David Adrian
mbernhard.com
Matt Bernhard @mbernhard.com · Aug 30
This game has me feeling like I'm watching Iowa play Iowa.
1 2
dadrian.io
David Adrian @dadrian.io · Aug 29
Lincoln is a great town to watch a football game in!
dadrian.io
David Adrian @dadrian.io · Aug 29
I’ve never had a runza, but I have had a pasty which seems close enough.
1
dadrian.io
David Adrian @dadrian.io · Aug 29
Confirmed it’s “incomprehensible”
1
dadrian.io
David Adrian @dadrian.io · Aug 29
Sent this to a girl in California and pretty sure she thinks it’s in another language
erinsorensen.bsky.social
Erin Sorensen @erinsorensen.bsky.social · Aug 29
👀👀👀
1 2
dadrian.io
David Adrian @dadrian.io · Aug 23
Come for the PGP dunks, stay for the broader discussion of why encrypted email doesn’t make sense
scwpod.bsky.social
Security Cryptography Whatever @scwpod.bsky.social · Aug 23
NEW EPISODE!

An OpenPGP.js bug gave us an excuse to tear encrypted email via PGP to shreds. William Woodruff joined us to explain the vuln & indulge our gnashing of teeth on why email was never meant to be encrypted:

securitycryptographywhatever.com/2025/08/22/s...
www.youtube.com/watch?v=IoL3...
Stop Using Encrypted Email with William Woodruff
YouTube video by Security Cryptography Whatever
www.youtube.com
1 8 14
Reposted by David Adrian
simon.overgrown.garden
Simon Fondrie-Teitler @simon.overgrown.garden · Aug 17
The first part of this interview with my ex-colleague Alex is a great listen if you're a software engineer (or otherwise technical) and are interested in what we were working on as technologists at the Federal Trade Commission.
scwpod.bsky.social
Security Cryptography Whatever @scwpod.bsky.social · Aug 16
NEW EPISODE!

We chat with friend of the pod and special guest Alex Gaynor, former deputy chief technologist at the FTC and all around good Security Person™. Join for nerdery about WebAuthn, stay for accidentally melting down GitHub APIs around November 2020!

youtu.be/gBoGvyvsSi4
Alex Gaynor
YouTube video by Security Cryptography Whatever
youtu.be
2 3
Reposted by David Adrian
scwpod.bsky.social
Security Cryptography Whatever @scwpod.bsky.social · Aug 23
NEW EPISODE!

An OpenPGP.js bug gave us an excuse to tear encrypted email via PGP to shreds. William Woodruff joined us to explain the vuln & indulge our gnashing of teeth on why email was never meant to be encrypted:

securitycryptographywhatever.com/2025/08/22/s...
www.youtube.com/watch?v=IoL3...
Stop Using Encrypted Email with William Woodruff
YouTube video by Security Cryptography Whatever
www.youtube.com
2 12 22
Reposted by David Adrian
scwpod.bsky.social
Security Cryptography Whatever @scwpod.bsky.social · Aug 16
NEW EPISODE!

We chat with friend of the pod and special guest Alex Gaynor, former deputy chief technologist at the FTC and all around good Security Person™. Join for nerdery about WebAuthn, stay for accidentally melting down GitHub APIs around November 2020!

youtu.be/gBoGvyvsSi4
Alex Gaynor
YouTube video by Security Cryptography Whatever
youtu.be
1 4
dadrian.io
David Adrian @dadrian.io · Aug 13
And then there’s David.
badciphercodes.bsky.social
BadCipherCodes @badciphercodes.bsky.social · Aug 11
There are PMs who are useless. And then there are PMs:
3
dadrian.io
David Adrian @dadrian.io · Aug 1
figma balls
1
Reposted by David Adrian
scwpod.bsky.social
Security Cryptography Whatever @scwpod.bsky.social · Jul 29
New episode! Come to SCWPodCon, sponsored by Teleport! www.youtube.com/watch?v=tbnh...
Vegas, Baby!
YouTube video by Security Cryptography Whatever
www.youtube.com
1 3
dadrian.io
David Adrian @dadrian.io · Jul 23
I didn’t kill my wife!
1 1
Reposted by David Adrian
dimcheff.wtf
boo-randon is spooky now @dimcheff.wtf · Jul 17
🫡 go blue www.michigandaily.com/opinion/edit... #a2council
From The Daily: Vote yes on Ann Arbor proposals A and B
This Editorial Board endorses these proposals and believes that the development of this new, multi-use structure would offer many new opportunities to the Ann Arbor District Library and the greater lo...
www.michigandaily.com
1 5 29
Reposted by David Adrian
durumcrustulum.com
Deirdre Connolly¹ ² @durumcrustulum.com · Jul 16
pew pew pew

www.youtube.com/watch?v=vtt8...
This Quantum Attack Is Live Now
YouTube video by Deirdre Connolly
www.youtube.com
4 8
dadrian.io
David Adrian @dadrian.io · Jul 8
Just posted a deep dive on how Chrome integrates with Advanced Protection Mode on Android. security.googleblog.com/2025/07/adva...
Advancing Protection in Chrome on Android
Posted by David Adrian, Javier Castro & Peter Kotwicz, Chrome Security Team Android recently announced Advanced Protection , which extend...
security.googleblog.com
1 1
dadrian.io
David Adrian @dadrian.io · Jul 6
Wrote some words about memory safety and JITs. Basically, there are things we want out of hardware, but it's not MTE and it still involves migrating to memory safe languages

dadrian.io/blog/posts/m...
Sandboxes? In my process? It's more likely than you think.
Discussions around memory safety often focus on choice of language, and how the language can provide memory safety guarantees. Unfortunately, choosing a language is a decision made at the start of a p...
dadrian.io
3 4
Reposted by David Adrian
eff.org
Electronic Frontier Foundation @eff.org · Jul 3
We’re not yet sure exactly what quantum computing can do yet, and that’s exactly why we need to think about post-quantum cryptography now, @durumcrustulum.com tells EFF’s Cindy Cohn and @thejasonkelley.com on the new episode of “How to Fix the Internet."
Podcast Episode: Cryptography Makes a Post-Quantum Leap
The cryptography that protects our privacy and security online relies on the fact that even the strongest computers will take essentially forever to do certain tasks, like factoring prime numbers and ...
www.eff.org
2 10 42
dadrian.io
David Adrian @dadrian.io · Jun 26
Guide for #a2council to just do things—

Step 1: Ask @sstrudeau.bsky.social and @akgood.bsky.social what rules to get rid of.

Step 2. Get rid of those rules.
dadrian.io
David Adrian @dadrian.io · Jun 26
If #a2council would have just done things, instead of wasting time with an expensive and useless comprehensive land use plan, then John U. Bacon wouldn’t be able to post boomer misinformation about it.
7