Sealed Sender: Hiding Who Talks to Whom
A technical deep-dive on RVNT's sealed sender: how encrypting the sender certificate to the recipient hides the from-to routing pair, and how forgery, replay, and abuse are handled.
ReadBlog
Technical writing about cryptography, privacy, and the surveillance state we are building tools to resist.
The Anthropic Recall: How Centralized AI Threatens Decentralized Privacy
A breakdown of today's US government export control directive targeting Anthropic, the vulnerabilities of centralized AI architectures, and why decentralized, sovereign communications are vital.
Read article →Chat Control, Explained: The EU's Fight Over Scanning Your Messages
EU Chat Control explained: what the CSA Regulation proposes, why client-side scanning breaks end-to-end encryption, the 2025-2026 timeline, and its current status.
ReadMeta Won in Court. NSO Allegedly Kept Hacking Anyway.
In June 2026 Meta asked a US court to hold NSO Group in contempt for defying the injunction that bars it from targeting WhatsApp. The case is a stress test of whether courts can stop mercenary spyware — and a reminder that the endpoint, not the encryption, is the battleground.
ReadMetadata Is the Message
"It's just metadata" is a dangerous phrase. Who you talk to, when, and how often can reveal more than what you said — and RVNT is built to minimize it.
ReadCan Your Employer Read Your Messages? Workplace Surveillance Explained
Can my employer read my messages? Yes for work email, Slack and Teams DMs, and company devices. Here's what they legally can and can't see in 2026 — and how to separate personal from work.
ReadNobody Broke the Encryption: Inside the 2026 Vishing Breach Wave
Charter, Carnival, DentaQuest — millions of records gone this spring, and not one attacker touched the cryptography. They phoned an employee. Why the centralized account, not the cipher, is the real attack surface.
ReadRVNT vs Signal: An Honest Comparison
Signal is the gold standard for encrypted messaging. Here is where RVNT agrees, where it diverges, and the honest tradeoffs of each — no strawmen.
ReadHow to Contact a Journalist Securely: A Source's Guide
How to contact a journalist securely: SecureDrop, Signal usernames, the metadata problem, OPSEC, and the honest limits no encryption tool can fix.
ReadThe Phishers Stopped Attacking Signal's Crypto and Started Attacking Its Users
In May 2026 Signal shipped anti-impersonation warnings, and a phishing campaign began tricking journalists into pasting their 64-character recovery key into chat. When the cipher is unbreakable, the attack moves to recovery and device-linking. What that means for anyone who designs a PIN.
ReadHow to Remove Your Information From Data Brokers
A practical 2026 guide to remove your information from data brokers: the free DIY opt-out process, California's DROP, paid services, and why removal is ongoing.
ReadSignal vs Telegram vs WhatsApp: Which Messenger Is Actually Private?
Signal vs Telegram vs WhatsApp on real privacy: who encrypts by default, who harvests metadata, and why Telegram is the weakest of the three.
ReadCrossing a Border With Your Phone: A Field Guide
A calm, practical field guide for journalists and high-risk travelers facing device searches at borders: minimize, prepare, and know exactly where tools help.
ReadThe Dependency Is the Backdoor: Anatomy of the TanStack npm Compromise
On 11 May 2026, attackers published 84 malicious versions across 42 TanStack packages — and exfiltrated stolen secrets over an encrypted messenger. A walkthrough of how a CI misstep becomes a supply-chain backdoor, and why it shapes how RVNT is built and verified.
ReadInstagram Just Removed Encryption Because Too Few People Used It
Meta is discontinuing end-to-end encryption for Instagram DMs as of 8 May 2026, citing low adoption. It's a perfect demonstration of why optional encryption is fragile — and why defaults and decentralization decide who is actually protected.
ReadVPN vs Tor: Does a VPN Actually Make You Anonymous?
Does a VPN make you anonymous? No — it shifts trust to one provider. How VPNs differ from Tor's 3-relay model, no-logs limits, and when each tool actually helps.
ReadHarvest Now, Decrypt Later: Why Post-Quantum Encryption Already Matters
An adversary who records your encrypted traffic today can wait years to decrypt it. Why long-lived secrets need post-quantum protection now, and how hybrid X25519 + ML-KEM-768 delivers it.
ReadThey Don't Need Your Phone: Tracking Targets Through the Telecom Network Itself
Citizen Lab's April 2026 'Bad Connection' report documents surveillance actors geolocating people through SS7 and Diameter signaling — below the apps, below the encryption. A breakdown of how it works and why no messenger can fix it alone.
ReadWhat Is Tor and How Does It Actually Work?
How does Tor work? An honest explainer on onion routing, guard/middle/exit relays, what each can and can't see, .onion services, Tor vs VPN, and Tor's real limits.
ReadWhat Is the Double Ratchet? Forward Secrecy, Explained
A beginner-friendly but technically correct explainer of the Double Ratchet: forward secrecy, break-in recovery, why deleting keys matters, and how RVNT uses it.
ReadWhat Is End-to-End Encryption? A Plain-English Guide
What is end-to-end encryption? A plain-English guide to how E2EE works, how it differs from TLS, who can and can't read your messages, and what it does not protect.
ReadThe EU Just Let Chat Control Expire — For Now
On 26 March 2026 the European Parliament voted 311–228 against extending the law that let platforms scan your private messages. The legal basis lapsed on 3 April. What actually happened, and why the fight isn't over.
ReadRVNT Protocol: A Technical Deep Dive
A detailed walkthrough of the RVNT cryptographic protocol — hybrid X3DH key exchange with ML-KEM-768, the Double Ratchet with AES-256-GCM, sealed sender metadata protection, and Tor-based transport.
ReadThe Quantum Clock Just Moved: Google Shrinks the Cost of Breaking ECC
A March 2026 Google Quantum AI paper estimates that breaking 256-bit elliptic-curve cryptography needs ~1,200 logical qubits and under 500,000 physical ones — an order-of-magnitude drop. The machine still doesn't exist. Here's what that actually means for your encrypted messages.
Read