I started this blog in April 2020 after a brief and irregular stint as a writer on Medium, because while I like putting my thoughts on a screen, I really disliked how Medium’s website constantly nags you to monetize your content. (I really dislike paywalls and I’m not arrogant enough to expect anyone to fork over their hard-earned money to read my writing.)
It hasn’t quite been a year since the inaugural post on Dhole Moments, but since 2020 is almost over, I thought it would be a good time to recap some of the stuff I’ve managed to publish thus far.
Some Quick Stats for 2020
- Total number of blog posts: 56 (including this one)
- Most popular blog post: Why AES-GCM Sucks
- Least popular blog post: A Few Missing Lessons from American Education
- Blog comments (not counting hate or pingbacks): 43
- Ad revenue: $0 (and this will stay that way, dammit!)
- Bugs found in WordPress.com just by using it: 1
- Zero-days published: 3
- Two against the Proctorio family of edutech spyware
- One against Twitter’s Gender field
- Open source projects spawned from blog posts: 2
- Hate emails/tweets/DMs/comments/etc. received: At least 100
- People who became cool with furries after interacting with me on social media (after other users failed to troll me) and subsequently admitted this to me privately: 4
- Furries I’ve inspired to make a dhole fursona (that I’m aware of): 0
- Fursuits commissioned: 1
- Fursuits acquired: 0 (hopefully in 2021)
- Amount spent on art commissions specifically for blog posts/series: $1500
- Bad puns and wordplay-based jokes:
I might make an effort to post a congruent, updated stats summary at the end of 2021.
Notable Happenings in 2020
One of my early blog posts in April (about source code leaks being effectively meaningless to endpoint security) got a lot of attention on social media and even got cited by The Register.
(Art by Kerijiano)
In May, I discovered some fraudulent “COVID-19 contact tracing” apps on the Google Play store which all appear to have since been taken down, then proceeded to teach the furry fandom how to deanonymize scam/knock-off sites on CloudFlare (and the scam/knock-off site in question went down within 24 hours).
In June, I published Furward Momentum, a guide to acquiring a technology career for as close to $0 as humanly possible with no prior experience, to help mitigate the economic pain of the pandemic for furries and furry-adjacent, LGBTQ-accepting folks. The introduction to the series is a blog post, but the other 9 pages of content are not.
In July, I published a post about trivial collisions in the new hash function in the IOTA hash function (Kerl), which led to a lot of angry IOTA fanboys flaming me with… arguments about the previously broken hash function in IOTA (Curl-P).
In August, I wrote a somewhat in-depth guide to side-channel attacks and how to mitigate them, which caused Reddit moderators to come to terms with a lot of their communities’ internalized ableism and homophobia as expressed through hatred of furries and–just kidding, it got flamed to oblivion on technical forums without a single technical disagreement and a lot of the moderators shrugged and did nothing.
In September, I decided to reverse engineer Proctorio, a browser extension used by schools to proctor tests which acts basically like spyware and compare its cryptography implementations to its marketing copy. Obviously, I found that Proctorio was deceptive to its customers as it is abusive to students, and its cryptography was pathetic. This got a shout-out from the Electronic Frontier Foundation on Twitter.
In October, I wrote too much for anything to really stand out, but if you’re interested in the design and security of Zoom’s end-to-end encryption, I found it to be somewhat bizarre but not dangerous. Also, I got tired of reiterating the same statements about furry art commission prices on Twitter, so I turned that into a blog post too.
In November, I wrote my guide to end-to-end encryption and got a second EFF shout-out!
And in December… I mostly rested.
Soatok’s Goals for 2021
- Continue the Dead Ends in Cryptanalysis series.
- Commission more furry art for my blog.
- Write about more cool stuff!
- Acquire Soatok fursuit from DrakonicKnight, post pics. (Already paid in full, just have to be patient.)
- Eventually write something so useful and high-quality on here that popular infosec Twitter/HN/Reddit/etc. users can’t help but talk about it. (Looking at you, @tqbf!)
- Help at least one furry get their first high-paying job in technology with a team they enjoy (if I haven’t already).
(Header art derived from art made by Atlas Inu and Johanna Tarkela, photoshopped by the author.)
3 replies on “The Story So Fur”
I didn’t even notice the title’s pun until seeing it in the URL while sharing.
If there are infinite puns, are there really any puns at all? :p
[…] has to be known that I’ve been pretty open about my stance against paid promotions, from my 2020 year in review blog post to the absence of any payment information (Ko-Fi, PayPal.me, Patreon, etc.) on my blog. I certainly […]
[…] the spirit of my 2020 recap, I thought it’d be fun to look back at everything that happened on this blog in […]