Posts tagged with security
Why it matters: Quantum computers pose a severe threat to current internet security. This initiative introduces Merkle Tree Certificates to proactively transition the WebPKI to quantum-safe cryptography, ensuring future internet security without compromising performance.
- •Quantum computers threaten current internet cryptography, particularly TLS certificates, by enabling "harvest now, decrypt later" attacks and server impersonation.
- •Post-Quantum (PQ) algorithms like ML-DSA-44 have significantly larger signatures and public keys (20x increase), which would degrade TLS handshake performance if directly adopted.
- •Cloudflare, in collaboration with industry partners and IETF, is proposing Merkle Tree Certificates (MTCs) to redesign the WebPKI for PQ authentication.
- •MTCs aim to drastically reduce the number of public keys and signatures exchanged during a TLS handshake, making PQ certificates performant enough for widespread deployment.
- •The goal is to enable a smooth transition to quantum-safe authentication today, without waiting for Q-day, and without impacting performance.
- •Cloudflare is experimentally deploying MTCs in collaboration with Chrome Security to test their real-world impact and ensure safe implementation.
Why it matters: Engineers must understand the accelerating threat of quantum computers to current encryption. Proactive migration to post-quantum cryptography is crucial to secure data against future decryption, as Q-day is approaching faster than anticipated.
- •As of late 2025, over 50% of Cloudflare's human-initiated traffic utilizes post-quantum encryption, mitigating "harvest-now-decrypt-later" attacks.
- •Quantum computers pose a significant threat to current cryptographic standards like RSA and ECC, necessitating a shift to post-quantum cryptography.
- •"Q-day," when quantum computers can break current encryption, is estimated to be less than three years after they surpass classical computers in factoring.
- •Progress towards Q-day involves advancements in both quantum hardware (e.g., qubit count, error correction, scalable architectures like Google's Willow chip) and quantum algorithms.
- •Different quantum computer technologies (silicon-based, trapped-ion) have varying characteristics regarding scalability, noise, and error correction requirements.
Why it matters: This article is crucial for engineers building GenAI products, demonstrating how to integrate privacy-aware infrastructure and data lineage to manage complex data flows, ensure compliance, and accelerate innovation responsibly.
- •Meta addresses GenAI privacy challenges by scaling its Privacy Aware Infrastructure (PAI), using AI glasses as a key example.
- •GenAI products like AI glasses introduce new data types, increased volumes, and complex real-time data flows, necessitating robust privacy systems.
- •Key challenges include managing explosive data growth, adapting to shifting privacy requirements, and supporting rapid innovation cycles.
- •PAI leverages data lineage insights and automated privacy controls to embed privacy deeply into product development.
- •This approach enables Meta to accelerate GenAI product innovation while upholding user trust and data protection.
Why it matters: This article details Slack's Anomaly Event Response, showcasing a real-world example of building a proactive, automated security system. Engineers can learn about designing multi-tiered architectures for real-time threat detection and response, crucial for modern platform security.
- •Slack's Anomaly Event Response (AER) is a proactive security system that detects and responds to emerging threat behaviors in real-time.
- •AER automatically terminates suspicious user sessions, reducing the detection-to-response gap from hours/days to minutes.
- •It targets common threats like Tor access, excessive downloads, data scraping, session fingerprint mismatches, and unusual API patterns.
- •The system uses a multi-tiered architecture: detection engine, decision framework, and response orchestrator.
- •Enterprise Grid customers can configure AER to select which anomalies trigger automated responses and notification preferences.
- •This native solution disrupts attack chains, preventing data exfiltration and system compromise without additional tools or human capital.
Why it matters: Engineers often struggle to balance robust security with system performance. This approach demonstrates how to implement scalable, team-level encryption at rest using HSMs without sacrificing the speed of file sharing or the functionality of content search in a distributed environment.
- •Dropbox developed a team-based encryption system using Hardware Security Modules (HSM) for secure key generation and storage.
- •The architecture solves the performance bottleneck of re-encrypting 4MB file blocks during cross-team sharing operations.
- •Unique top-level keys allow enterprise teams to instantly disable access to their data, providing granular control over sensitive information.
- •The system balances high security with usability, maintaining features like content search that are often lost in traditional end-to-end encryption.
- •This security framework serves as the foundation for protecting AI-driven tools like Dropbox Dash and its universal search capabilities.
Why it matters: This article details how to build secure, privacy-preserving enterprise search and AI features. It offers a blueprint for integrating external data without compromising user data, leveraging RAG, federated search, and strict access controls. Essential for engineers building secure data platforms.
- •Slack's enterprise search and AI uphold strict security and privacy by keeping customer data within Slack's trust boundary, utilizing an AWS escrow VPC for LLMs.
- •The system employs Retrieval Augmented Generation (RAG) instead of training Large Language Models (LLMs) on customer data, ensuring data privacy and preventing retention.
- •Enterprise search operates on a federated, real-time model, never storing external source data in Slack's databases, but rather fetching it via partner APIs.
- •Access to external content is strictly permissioned based on the user's existing Access Control Lists (ACLs) and requires explicit user/admin consent, adhering to the principle of least privilege.
- •External data and permissions are always up-to-date with the source system, ensuring accuracy and compliance.
- •Search Answer summaries generated by the AI are ephemeral, shown to the user and immediately discarded, further enhancing privacy.
Why it matters: Managing content quality at scale requires balancing real-time signals with static analysis. This approach shows how to operationalize quality metrics and use multi-stage ML pipelines to protect users while maintaining high-performance recommendation systems.
- •Combined manual labeling with classifier scores to create calibrated metrics for statistically significant A/B testing results.
- •Developed 'read-path' models that utilize real-time engagement signals like comments and likes to improve detection precision.
- •Maintained 'write-path' filters at the sourcing level to handle low-prevalence violations and ensure a baseline of benign content.
- •Implemented a multi-stage pipeline that balances high-precision sourcing filters with fine-tuned ranking models.
- •Established continuous model performance tracking to identify edge cases and maintain user safety standards.