Hacker News new | past | comments | ask | show | jobs | submit | lvh's comments login

This is a fantastic example of applying deception strategies in practice as part of a detection & response plan. The most common use case is as a canary, but it absolutely works as evidence of compromise, too.

I won't comment on the specifics of the case (the complaint comes across as very convincing), but I will remind people that it's common for investigations to ostensibly show an employee doing bad things, when in reality it's e.g. that employee's credentials/devices that are compromised.


Some of our customers, like Tailscale, are a helluva lot more picky than that.


Re: hashing: Yes, but I'll leave that one to Paul who is a lot smarter than I am :)

Re: QA: can you say a bit more about the type of coverage you're worried about? Is your concern that we'd be missing APIs, or that the storage format itself breaks, resulting in fact elision? payne (the underlying project) has a borderline obnoxious amount of tests, but that doesn't mean we didn't miss anything :)


FYI: we're planning a followup post for people who are less interested in the Datomic mechanics and more interested in the usefulness to investigations and other security functions. Informally, I think of it this way: your SIEM has the deltas, but often you want the contextual states in between the deltas (and a lot of investigation is about trying to reason about that state). We built this tool originally to support that, and it turned out that approach was also super useful for things like compliance, CSPM...

We already wrote a high level blog post here: https://www.latacora.com/blog/2023/11/01/our-approach-to-bui... -- but the one I'm hoping to write is more of a case study.


(I'm one of the founders of Latacora and reviewed the post.) If any of you are at Heart of Clojure, I'll be there both wearing my Latacora hat and my Clojurists Together hat :)


Missed your reply but we've met anyway... so all is good. Thank you for attending and sponsoring.


I don't know if I count as a "feline friend", but: SIDH kept the DH shape. Being able to upgrade the protocols we had relatively closely is appealing. "Structure is useful but seems precarious" wasn't exactly secret knowledge.


We did an updated version of the Cryptographic Right Answers for PQC. Given how quick the field is moving, I'm sure we're going to have to edit it a bunch :)

https://www.latacora.com/blog/2024/07/29/crypto-right-answer...


These standards are developed out in the open.

Are you suggesting a true backdoor, or just "the NSA knows something about lattice algorithms the rest of us don't"?


The additional information you need is that that's what Thomas Wouters does (and has done for as long as I've known them, which is many, many years).


You should try C-f "Chinese".


Ha, derp on my part. You’d think I would’ve learned not to beer and HN by now.


“Chin”


Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: