Geremia – WindowsTechs.com

Does using Cloudflare DNS (1.1.1.1 or 1.0.0.1) enable bypassing Cloudflare CAPTCHAs faster?

Posted on March 17, 2026 by Geremia

Does using a Cloudflare DNS server (1.1.1.1 or 1.0.0.1) enable bypassing Cloudflare CAPTCHAs faster?
Conceivably, a Cloudflare CAPTCHA could ask Cloudflare if my IP address was looked up with 1.1.1.1 or 1.0.0.1. Does it do this?
I noticed … Continue reading Does using Cloudflare DNS (1.1.1.1 or 1.0.0.1) enable bypassing Cloudflare CAPTCHAs faster?→

How were WikiLeaks’s leaks obtained?

Posted on September 17, 2025 by Geremia

How were WikiLeaks’s leaks (like the Podesta emails) obtained?

Continue reading How were WikiLeaks’s leaks obtained?→

Do ISPs track/log DNS lookups to their DNS servers? [closed]

Posted on September 8, 2025 by Geremia

Has there been any evidence that ISPs track/log DNS look-ups to the DNS servers they operate and supply for their own users?
Some of OpenNIC’s public servers keep logs, so DNS servers can log (and others support DNSCrypt, which presumably … Continue reading Do ISPs track/log DNS lookups to their DNS servers? [closed]→

Does cracking forward secrecy only involve finding the session key (in addition to the authentication key)?

Posted on September 8, 2025 by Geremia

How could forward secrecy be cracked?
Ferguson, Schneier, & Kohno, Cryptography Engineering: Design Principles and Practical Applications, p. 238:

Even knowing Alice’s authentication key doesn’t let the attacker find the session key k… Continue reading Does cracking forward secrecy only involve finding the session key (in addition to the authentication key)?→

How many possible MD5 hashes are there, 16³²? Or do MD5 checksums have error correction (in which case <16³² possible hashes)?

Posted on July 29, 2025 by Geremia

Are there 1632 possible MD5 sum hashes, or does MD5 have an error correction, where certain combinations are invalid MD5 hashes?

Continue reading How many possible MD5 hashes are there, 16³²? Or do MD5 checksums have error correction (in which case <16³² possible hashes)?→

Is SimpleX more secure than Signal?

Posted on February 19, 2025 by Geremia

SimpleX (whitepaper; audited by Trail of Bits) claims to be

The first messenger without user IDs
Other apps have user IDs: Signal, Matrix, Session, Briar, Jami, Cwtch, etc. SimpleX does not, not even random numbers. This radically improve… Continue reading Is SimpleX more secure than Signal?→

What are ProtonMail’s headers? [closed]

Posted on May 31, 2024 by Geremia

What are the following headers in an end-to-end ProtonMail email?
X-Pm-Content-Encryption
X-Pm-Origin
X-Pm-Scheduled-Sent-Original-Time
X-Pm-Recipient-Authentication
X-Pm-Recipient-Encryption

It also mentions pgp-pm.
Are they specific to … Continue reading What are ProtonMail’s headers? [closed]→

Why is Telegram’s server-side code closed source?

Posted on April 20, 2024 by Geremia

Why is Telegram’s server-side code closed source, but the client code is open source? Does having closed source servers improve its security?
Telegram FAQ page:

Q: Can I get Telegram’s server-side code?
[…]
By contrast [to the client apps… Continue reading Why is Telegram’s server-side code closed source?→

Convert PGP key to X.509?

Posted on March 6, 2024 by Geremia

Can I convert a PGP key to X.509, using OpenSSL or GNUPG?
Aren’t these only container/wrapper formats?

Continue reading Convert PGP key to X.509?→

IP address leaked in email header?

Posted on August 24, 2020 by Geremia

Can my IP address ever be included in the header of emails I send? Or do email servers never include my IP address in my emails’ headers?

Continue reading IP address leaked in email header?→