RT @WatcherGuru: JUST IN: Tornado Cash co-founder Alexey Pertsev released from prison.

@josephdelong Bad take IMO. You want a variety of perspectives. Yes, get your friends to do a review, write good security tests, do internal reviews and use AI, but you still need to stack an audit on top of that. A professional security researcher will review the code in a way devs don't.

RT @DefiantNews: Court Overturns @TornadoCash Sanctions: What’s Next for Privacy? @preston_vanloon, @ethereum Core Developer Chapters 00:0…

RT @VitalikButerin: No man left behind. @rstormsf and @alex_pertsev next. Tornado Cash itself won an important case today: https://t.co/…

LFG 🚀 Privacy wins!

Wise words. Take OpSec seriously, please don't get hacked because of something simple!

@__Raiders @audit_wizard You could do that, but if you have malware on your host machine, it could compromise the docker image. Separate hardware is definitely the way to go. You could use VMs for risky stuff but I wouldn’t recommend that because it is possible for malware to break out of a docker image

@GodBungholio Ideally, yeah. Even if you do connect it to the internet, using it just for transactions and nothing else adds a huge layer of protection from malware vs using your normal machine.

You could even have a third laptop for risky actions like downloading meeting software or opening PDFs (never do these things on your other devices). The cost of a cheap laptop is nothing compared to the cost of being compromised.

Good security comes from challenging assumptions, hardening against disaster scenarios, mitigating compromises, and having multiple layers of redundant security controls to resist advanced threat actors. The job of plugging every hole is much harder than finding just one.

Good OpSec is: resistant to side-channel attacks, browser 0-days, social engineering, malware, insider threats, and all of that in combination. If someone is telling you that your OpSec may not have those properties, please god listen to them!

It was a pleasure to work with @use_corn and their fantastic team. We've designed one of the most thorough review processes out there for OpSec and InfraSec. Together, we ensured a high level of security that permeates their entire organization and keeps their project secure 💪

RT @0xzak: The long-awaited moment is upon us - the launch of @use_corn 's Maizenet! Corn, a network built for BTCFi, is now entering its…

@PatrickAlphaC I don’t think this is true of everything, some things have intrinsic value and can generate wealth for most long term. But there are so many zero-sum ponzis in crypto that are just predatory (looking at you memecoins) and retail are always ones getting rekt. Very scummy IMO

RT @jack__sanford: Biggest theme from DeFi Security Summit is that Stolen Private Keys is now by far the biggest security risk in crypto.…

RT @iampaulgrewal: Just days before the Fifth Circuit ruled that when OFAC sanctioned code it in fact violated the law, some in Congress as…

What if we used inkblots instead of letters for 2FA TOPT codes? Imagine scammers trying to social engineer a victim for their codes: "There's one that has a few dots and then a bigger splotch, one that looks sort of like a bird, and one that reminds me of my dad for some reason"