Andrew Lilley Brinker
@alilleybrinker.com
A MAZE OF TWISTY LITTLE THREADS, ALL ALIKE
Writing on alilleybrinker.com and elsewhere.
Principal Engineer doing CVE and OSS security at MITRE. Opinions are my own.
Writing on alilleybrinker.com and elsewhere.
Principal Engineer doing CVE and OSS security at MITRE. Opinions are my own.
The Jack Daniels situation is how I learned about Canada's provincial liquor control boards!
January 13, 2026 at 9:56 PM
The Jack Daniels situation is how I learned about Canada's provincial liquor control boards!
Oh, uh, wow... that's an outright counter-productive and harmful CoC (assuming you mean this one)
The Ruby Community Conduct Guideline | Ruby
We have picked the following conduct guideline based on an early proposed draftof the PostgreSQL CoC, for Ruby developers community for safe, productivecolla...
www.ruby-lang.org
January 13, 2026 at 9:54 PM
Oh, uh, wow... that's an outright counter-productive and harmful CoC (assuming you mean this one)
IMO it’s way too early to say
January 13, 2026 at 9:04 PM
IMO it’s way too early to say
I guess what I'm pushing back on is something I see here and elsewhere when pitching stuff built on passkey PRFs: the pitch doesn't identify the tradeoff of growing the passkey-loss blast radius.
Building on passkey PRFs is valid, but it's not a free win and I don't want it to seem like one.
Building on passkey PRFs is valid, but it's not a free win and I don't want it to seem like one.
January 13, 2026 at 8:26 PM
I guess what I'm pushing back on is something I see here and elsewhere when pitching stuff built on passkey PRFs: the pitch doesn't identify the tradeoff of growing the passkey-loss blast radius.
Building on passkey PRFs is valid, but it's not a free win and I don't want it to seem like one.
Building on passkey PRFs is valid, but it's not a free win and I don't want it to seem like one.
I just think that 1) it's worth identifying the downsides of choosing the passkey PRF route, and 2) Confer ought to be *very clear* to users what happens if the passkey is lost.
January 13, 2026 at 8:24 PM
I just think that 1) it's worth identifying the downsides of choosing the passkey PRF route, and 2) Confer ought to be *very clear* to users what happens if the passkey is lost.
The Confer blog post about it covers the other common options: confer.to/blog/2025/12...
- A passphrase the user must store
- A password the application needs to extend with a KDF
- A device-key
Each of these has their own tradeoffs, and I get *why* Confer is choosing the passkey PRF.
- A passphrase the user must store
- A password the application needs to extend with a KDF
- A device-key
Each of these has their own tradeoffs, and I get *why* Confer is choosing the passkey PRF.
January 13, 2026 at 8:24 PM
The Confer blog post about it covers the other common options: confer.to/blog/2025/12...
- A passphrase the user must store
- A password the application needs to extend with a KDF
- A device-key
Each of these has their own tradeoffs, and I get *why* Confer is choosing the passkey PRF.
- A passphrase the user must store
- A password the application needs to extend with a KDF
- A device-key
Each of these has their own tradeoffs, and I get *why* Confer is choosing the passkey PRF.
Yeah I've been curious about that too. I believe people when they self-report that it didn't work for them, but how much of that is 1) the way they naturally want to use it is ineffective vs. 2) they use it in an ineffective way (consciously or unconsciously) because they *want* it to be ineffective
January 13, 2026 at 7:51 PM
Yeah I've been curious about that too. I believe people when they self-report that it didn't work for them, but how much of that is 1) the way they naturally want to use it is ineffective vs. 2) they use it in an ineffective way (consciously or unconsciously) because they *want* it to be ineffective
Putting a fine point on that: if someone made a machine that paved roads effectively and more quickly than humans, we'd be excited because paving roads is important despite being rote!
January 13, 2026 at 7:49 PM
Putting a fine point on that: if someone made a machine that paved roads effectively and more quickly than humans, we'd be excited because paving roads is important despite being rote!
Ha, nice analogy!
January 13, 2026 at 7:31 PM
Ha, nice analogy!
Similarly, "AI truthers" (the "AI literally never works" folks) try to make arguments from philosophy of mind or via descriptions of LLMs as only reductions from training data (and thus something categorically unable to produce anything "new") to justify AI "never working" despite present proof.
January 13, 2026 at 7:19 PM
Similarly, "AI truthers" (the "AI literally never works" folks) try to make arguments from philosophy of mind or via descriptions of LLMs as only reductions from training data (and thus something categorically unable to produce anything "new") to justify AI "never working" despite present proof.
Modern flat earthers, as a movement, often claim the mantle of science and try to use lack of visible curvature at human scale or supposed anomalies in trans-continental flight paths to "scientifically" justify the flat earth position.
January 13, 2026 at 7:19 PM
Modern flat earthers, as a movement, often claim the mantle of science and try to use lack of visible curvature at human scale or supposed anomalies in trans-continental flight paths to "scientifically" justify the flat earth position.
The "AI literally never works" position is IMO akin to a flat earth position at this point
January 13, 2026 at 7:16 PM
The "AI literally never works" position is IMO akin to a flat earth position at this point
The Pom in this case is described as 9 lbs. That is still a tiny dog!
January 13, 2026 at 7:14 PM
The Pom in this case is described as 9 lbs. That is still a tiny dog!
I think many users would not understand up-front that their passkey isn't just for logging in, it's also for being able to access the materials tied to their account.
Passkeys are great, but they *can* be lost, and I think system designers should try to reduce the blast-radius of key loss.
Passkeys are great, but they *can* be lost, and I think system designers should try to reduce the blast-radius of key loss.
January 13, 2026 at 7:01 PM
I think many users would not understand up-front that their passkey isn't just for logging in, it's also for being able to access the materials tied to their account.
Passkeys are great, but they *can* be lost, and I think system designers should try to reduce the blast-radius of key loss.
Passkeys are great, but they *can* be lost, and I think system designers should try to reduce the blast-radius of key loss.
Yeah, this isn't a concern about the E2EE, it's about how Confer would work if the user loses their passkey. By tying cryptographic material used for encrypting chats to a user's passkey, if the user loses the passkey, they lose access to the chats, even if they restore account access.
January 13, 2026 at 7:01 PM
Yeah, this isn't a concern about the E2EE, it's about how Confer would work if the user loses their passkey. By tying cryptographic material used for encrypting chats to a user's passkey, if the user loses the passkey, they lose access to the chats, even if they restore account access.
IMO Passkey PRFs are an anti-feature, especially given how poor user knowledge on Passkeys is today. I don't think most users would understand the risks associated with passkey loss when PRFs are used, or how to avoid losing passkeys unintentionally.
January 13, 2026 at 4:45 PM
IMO Passkey PRFs are an anti-feature, especially given how poor user knowledge on Passkeys is today. I don't think most users would understand the risks associated with passkey loss when PRFs are used, or how to avoid losing passkeys unintentionally.
For more:
One challenge: chats and data are encrypted using keys derived from the user's passkey, used for authentication. This raises the importance of the user retaining possession of that passkey.
January 13, 2026 at 4:44 PM
For more:
One concern with Confer is they use the Passkeys PRF extension to derive keys used for encrypting chats. The problem is if you lose the passkey, even if get back into your account, your chats are gone forever.
January 13, 2026 at 4:43 PM
One concern with Confer is they use the Passkeys PRF extension to derive keys used for encrypting chats. The problem is if you lose the passkey, even if get back into your account, your chats are gone forever.
Excluding mutuals makes it much worse
January 12, 2026 at 7:38 PM
Excluding mutuals makes it much worse
I grew up in the foothills of the San Bernardino mountains in California, and my parents tell stories of the mountains *not being visible* due to smog in the years before I was born.
January 12, 2026 at 7:01 PM
I grew up in the foothills of the San Bernardino mountains in California, and my parents tell stories of the mountains *not being visible* due to smog in the years before I was born.
You must be like the mighty wombat: hide in your hole with your butt facing the enemy
January 12, 2026 at 5:49 PM
You must be like the mighty wombat: hide in your hole with your butt facing the enemy
As Sun Tzu said, "Don't bother knowing your enemy, those guys are losers and learning about them would make you weak."
January 12, 2026 at 5:27 PM
As Sun Tzu said, "Don't bother knowing your enemy, those guys are losers and learning about them would make you weak."