Cryptography & Security Newsletter

Feisty Duck’s Cryptography & Security Newsletter is a periodic dispatch bringing you commentary and news surrounding cryptography, security, privacy, SSL/TLS, and PKI. It's designed to keep you informed about the latest developments in this space. Enjoyed every month by more than 50,000 subscribers. Written by Ivan Ristić.

The last several years have seen the continuous rise of so-called residential proxies. If you’re not familiar with this term, the name refers to the proxies usually (but not always, as we will see later) installed at residential addresses and used for website scraping and similar activities. It’s a fairly niche topic, and it’s quite likely that you won’t have heard about it. It is, however, a phenomenon that requires your attention.

What Are Residential Proxies?

A great number of services on the Internet try to walk the fine line between providing their wares to the general public while also detecting and eliminating unwanted traffic. Take scraping, for example. It’s ever popular, but increasingly difficult to do. If you try to monitor some of the top websites from a single IP address, you will often end up being blocked, and quickly. If you then try to scale your scanning to use multiple IP addresses from servers at various cloud providers, you’ll find that data center traffic is very often blocked wholesale. Looking for a solution, it’s usually at this point that you learn about the existence of residential proxies.

Scraping is often not desired, but it’s not necessarily illegal. Intensive scraping, however, is definitely a problem that websites need to deal with. Those reaching for residential proxies exist on a spectrum from entirely legitimate (as anyone wanting to do any sort of paid network monitoring can attest to) to nefarious. Criminals attempting to exploit websites, for example, often reach for residential proxies to hide their tracks.

Recently, the rise of AI and AI agents has further increased the demand. For example, the AI vendors want to train on the content available on the Internet. In addition, individuals using AI want to give their tools the same unrestricted access that they enjoy. It is now believed that bots generate more internet traffic than humans.

Perhaps this is a problem we can address by balancing the economy of scraping, by finding a way for the bots to pay for their access. (Cloudflare had this idea in 2025 and later created the x402 standard with Coinbase. AWS recently added support for this payment protocol to their WAF product.)

It’s Worse Than You Think

To start a residential proxy operation, you need a great many network endpoints all around the world. But how do you build such a network? As it turns out, there are two approaches. One is where you’re pretending that you’re doing it legally. You create software development kits for popular devices that exist in large numbers—for example, mobile phones and TVs—and then entice software developers (with money, of course) to embed your proxy software in their applications. In the worst case, the proxy code is silently deployed alongside the applications, which are often provided for free. In the best case, a consent screen is presented to end users, and they opt in to operate a proxy exit node, but does anyone really believe that such consent is informed? If you’d like to understand more, read this recent report from Include Security. According to Synthient, most victims are, well, residents.

The other approach is to build your network in any way you can, using any means, including the very illegal ones. Hacking into routers is always effective, but enterprising criminals are getting much more creative than that: it’s documented that many of the cheap devices one can buy come with residential proxy malware preinstalled. Imagine this: you buy a nice digital frame for your family photos. Unbeknownst to you, the frame is a Trojan horse, and you’re now part of a botnet. KrebsOnSecurity published an in-depth report on how some of these networks operate.

Your Local Network Is Under Attack

It’s easy to think that this is not a big problem, because—what’s the worst that can happen? If you’re lucky, someone benign will scrape from your IP address and use some of your bandwidth. If your IP address becomes associated with a residential proxy network, you may quickly discover that you can no longer access your websites. If you’re really unlucky, you may get a visit from the FBI or your local government agency because someone used your IP address as a stepping stone in a cyber attack.

Increasingly, residential proxy networks are used by criminals to give them access to your internal networks. Although some providers claim to restrict access to private IP addresses, their code is usually poorly written. No one claimed these people understood network security. Apparently, a great many Android-based devices are shipping with something called Android Debug Bridge, designed for manufacturer troubleshooting. On your network, it allows your devices to be quickly rooted.

There is increasing evidence of residential proxy traffic from enterprise networks. A recent report from Infoblox (providers of protective DNS services) claims that as much as 65% of their customers have traffic traveling to residential proxy networks.

It’s not easy to know what to do. At home, consider using virtual networks to separate important devices from everything else. Monitoring of the traffic volumes is a good idea, too. Other than that, there is no certainty, if anyone in your household can install new apps on your TVs.

In enterprise environments, you’d ideally not allow unknown devices on your networks, but that’s easier said than done. Protective DNS services that are aware of the commonly seen residential proxy networks can help contain such traffic as well as point to the offending devices. Some devices may skip DNS altogether and connect via hardcoded IP addresses. In that case, having good threat intelligence and/or enterprise traffic inspection and monitoring.

---

Short News

Artificial Intelligence

• Samuel Judson (Trail of Bits) tested skill scanners from ClawHub, Cisco, and skills.sh and bypassed all of them in under an hour, demonstrating that static skill security tools offer little real protection against malicious AI agent skills in public marketplaces.
• Cloudflare details their model-agnostic vulnerability discovery harness that scans 128+ repos using parallel hunt/validate agents, cross-repo dependency tracing, and a second model for independent triage, compressing 20,799 raw candidates down to 7,245 actionable findings, with the initial audit skill released on GitHub and the promise of releasing the whole thing as open source.
• Matthew Green reverse-engineers the encrypted "reasoning" blobs sent via OpenAI and Anthropic APIs, finding they are authenticated ciphertexts returned to clients for multi-turn continuity, and probes what tampering reveals about how frontier LLM providers protect chain-of-thought data.
• Nahum Korda and Gadi Evron present OpenAnt, an open-source LLM vulnerability discovery pipeline that decomposes codebases by reachability (reducing analysis surface by up to 97%), uses adversarial attacker simulation for verification, and auto-generates sandboxed exploit environments, finding previously unknown vulnerabilities in OpenSSL, WordPress, and Flowise. arXiv paper.
• Lenny Zeltser and Sounil Yu's AI Defense Matrix is a structured framework for identifying gaps and selecting controls to defend AI systems, aligned with NIST CSF 2.0 and extending the Cyber Defense Matrix.

Cryptography

• Real World Cryptography 2027 conference (Seattle, April 5-7) invites talk proposals on real-world cryptography topics, with submissions due October 15, 2026.
• Guy Lewin announces that Meta's Messenger now distributes HSM public keys via Cloudflare Key Transparency to strengthen end-to-end encrypted backups.
• Michele Orru, Trevor Perrin, Nora Trapp, and Greg Zaverucha propose encrypted collaboration spaces, an architecture layering group key management, ratcheting, retention trees, and zero-knowledge fast-forward proofs atop untrusted servers to give collaborative apps verifiable confidentiality and integrity.
• Aaron Cope (SFO Museum) describes their experience cryptographically signing vector embeddings using X.509 and OpenPGP, their struggles with C2PA's certificate requirements and cost barriers, and why a "Let's Encrypt moment" is needed before C2PA can achieve mass adoption.
• Andy Tockman reverse-engineers how C#'s System.Random linear seed initialization creates exploitable correlations between Slay the Spire 2's RNG streams, allowing players to predict curses, potion drops, and event outcomes from visible game state.
• Keegan Ryan (Trail of Bits) and Hanno Böck discovered hundreds of "short-sleeve" RSA keys in the wild with structured zero-bit patterns caused by a type mismatch bug in CompleteFTP, and developed a polynomial-based factoring technique to recover 603 RSA and 74 DSA private keys.
• Thai Duong uses a one-byte AEAD tag bug (CVE-2026-34182) affecting OpenSSL, wolfSSL, Bouncy Castle, and GnuPG's gpgsm to explain why ciphertext formats are attack surfaces and argues that ciphertexts should carry nothing but a local key id plus an opaque blob, with all parameters bound to the key record. How to format a ciphertext.
• Nadim Kobeissi announces that his free Applied Cryptography course, originally created for Lebanon and the Levant region, is now adopted at four European universities including Ruhr University Bochum and the University of Edinburgh.

Public Key Infrastructure

• Rob Stradling (Sectigo) releases ctsubmit, an open-source CT submission proxy that handles policy-compliant SCT collection, intelligent log selection, parallel submissions, and monitoring.
• Stephen Davidson notes that Microsoft's Trusted Root Program has launched a PQC TLS Pilot for CAs to test ML-DSA-enabled certificate hierarchies in closed, non-public environments, requiring ML-DSA-87 for roots and capping leaf certificates at 90 days.
• Lenny Zeltser traces how observability, short-lived credentials, and active enforcement held the web's certificate trust model together through a decade of CA failures, and examines what lies ahead with post-quantum cryptography and Merkle Tree Certificates. Past, present, and future of web trust.
• Shodan offers a free API endpoint that returns all hostnames for a domain based on certificate transparency logs, with sample Python code in the Shodan book.
• Adriano Santoni reports that Firefox 152 now displays a prominent QWAC UI with the EU Trust Mark, replacing the minimal indicator from version 150, though it still requires a couple of clicks to surface rather than appearing automatically.
• Jake Edge (LWN) explains how Microsoft's 2011 Secure Boot signing key for Linux shim expires in September, why many systems lack the 2023 replacement key, and how LVFS and fwupd are the main path to getting firmware updated before Linux installation media stops booting on Secure Boot systems.
• Alex Polyakov (Adversa AI) publishes AIRQ, an open-source framework rating 100+ AI agents on security, finding only 11% are both capable and well-defended and 98% combine private data access, untrusted content, and outbound actions. AIRQ framework.

Post-Quantum Cryptography

• Alfred Menezes releases the first version of their comprehensive introduction to lattice-based cryptography, covering Kyber and Dilithium.
• Apple details its custom formal verification approach using Isabelle, SAW, and Cryptol to prove the correctness of ML-KEM and ML-DSA implementations in corecrypto, releasing the tools and proofs publicly.
• Marin Ivezic's deep dive series covers how to build a quantum computer from commercially available modular components, including facility prep, cryogenics, control systems, and cost.
• Google outlines its opinionated strategy for quantum-safe certificates, favoring ML-DSA, Merkle Tree Certificates for Web PKI, and dual-certificate chains for private PKIs, targeting a 2029 migration deadline.
• European Union Agency for Cybersecurity (ENISA) has made the draft of their Agreed Cryptographic Mechanisms 3.0 open for public comment. ML-DSA, XMSS, LMS, SLH-DSA, ML-LEM, and FrodoKEM are included. Hybrids are recommended.
• Bas Westerbaan notes that researchers reverse-engineered Google's secret quantum algorithm in under two months, with the paper and Craig Gidney's confirmation now public.
• Docusign details its quantum-safe strategy: migrating PDF signatures from RSA 4096-bit to ML-DSA, adopting a hybrid cryptography approach, and planning early to address harvest-now-decrypt-later risks.
• Let's Encrypt outlines its plan to adopt Merkle Tree Certificates (MTCs) for post-quantum Web PKI authentication, targeting a staging environment in late 2026 and production in 2027.
• Stephen Davidson notes that Chrome 150 (releasing June 30) will add ML-DSA certificate support in TLS for enterprise private PKI, while public Web PKI will instead adopt Merkle Tree Certificates.
• Patrick Longa announces that FrodoKEM has been standardized in ISO/IEC 18033-2:2006/Amd 2:2026, the first ISO standard for post-quantum cryptography, alongside ML-KEM and Classic McEliece. NTRU is also in the document.
• Marin Ivezic releases version 2.1 of the Applied Quantum PQC Migration Framework, a completion release that takes explicit positions on hybrid and composite signatures, adds CBOM security and a migration verification and program closure framework, and aligns all six sector extensions to the v2.0 baseline.
• The PKI Consortium's PQC Working Group introduces the Post-Quantum Cryptography Maturity Model (PQCMM), a six-level vendor-neutral framework giving procurement and supply chain teams a standardized way to evaluate and compare quantum-readiness claims across products, with a formal certification program planned for late 2026.
• France's ANSSI confirmed it will stop certifying security products lacking quantum-resistant encryption from 2027, requiring hybrid PQC implementations and effectively locking PQC-free vendors out of French government and critical infrastructure markets.
• Symbolic Software's Dr. Nadim Kobeissi releases a 67-page Post-Quantum Migration Playbook covering primitive selection, hybrid constructions, TLS/PKI migration, secure messaging, library readiness, and common audit findings, with opinionated recommendations calibrated against the asymmetry of migrating too early versus too late.
• IETF publishes RFC 9958 "Post-Quantum Cryptography for Engineers" by M. Ounsworth, explaining the threat of cryptographically relevant quantum computers to existing public-key systems, the challenges of transitioning to post-quantum algorithms, and why this shift may require significant protocol redesign due to the unique properties of PQC algorithms.
• Michael Osborne (IBM) argues PQC migration should start with TLS key exchange given the harvest-now-decrypt-later threat, deferring TLS authentication, full crypto inventories, and ECH for later, citing testing across eight TLS stacks that exposed middlebox handshake failures, conflicting server cipher preferences, and FIPS compliance gaps.
• ICANN's OCTO, in a paper by Paul Hoffman, now recommends the DNSSEC community actively pursue a transition to post-quantum signature algorithms given shortened timelines for cryptographically relevant quantum computers, and that DNS protocols using TLS or QUIC follow the web community's PQC key exchange adoption.
• Trump signs an Executive Order directing a whole-of-government push to maintain U.S. quantum supremacy, establishing the QC-ADDS national quantum computing effort, updating the National Quantum Strategy within 180 days, and requiring agencies to protect QIST supply chains and restrict adversary access.
• Daniel J. Bernstein demonstrates two exploitable ML-DSA software vulnerabilities, each recoverable in 1 second on a laptop, and argues that hybrid ECC+PQ signing results in far fewer breakable keys than solo PQ even years after a quantum attack. Paper.

Privacy and Society

• The Cypherpunk Library collects 15 canonical cypherpunk texts, including manifestos by Eric Hughes and Timothy C. May and essays by Hal Finney and Philip Zimmermann, freely readable online.
• Holly Dagres describes how Iran's latest and longest internet blackout, imposed during this year's war, shows that shutting down connectivity remains a deliberate and repeatable tool of authoritarian control, with Starlink offering only a partial and increasingly risky workaround for Iranians.

Security

• Zack Whittaker reports Meta confirmed 20,225 Instagram accounts were hijacked via an AI chatbot flaw that sent password reset links to attacker-controlled emails on accounts without 2FA, with hacks running from April 17 until Meta disabled the chatbot this week.
• Steven Murdoch (UCL) reveals that the U.S. military has likely been broadcasting encrypted cryptographic keys over public GPS satellites for nearly 20 years via a hidden subframe field, using the GPS constellation as a covert global numbers station for its Over-the-Air Rekeying (OTAR) network.
• Interisle Consulting Group's analysis finds cybercriminals registered at least 10 percent, and potentially closer to 20 percent, of new gTLD domains in 2025, with abuse heavily concentrated among a small number of registrars and registries.
• Paradigm Shift publishes "usbliter8", an unpatchable Boot ROM vulnerability in Apple A12/A13 chips (iPhone XS through 11) that requires physical access and enables potential jailbreaks by defeating early boot security checks.

---

Looking to hire? Promote your open roles via our classifieds section. Early-bird discount available, please get in touch. Applying? Please them know you found the position through our newsletter. Your support helps us grow!