We Built a World That Remembers Everything - Except How to Pay Attention

 

Ethan didn't even know he'd been exposed.
A week after a corporate data breach, the calls began.
A polite voice said his reward points were expiring - just needed to verify his booking.
The email that followed looked perfect: same logo, same tone, even his travel history matched.
It felt safe because it looked familiar.

He almost clicked. He almost believed.
Because how could a stranger know that much?

That's what data leaks do now - they don't steal your money; they steal your certainty.

Your name, your address, your travel dates, the way you type "thank you" - all small pieces of you scattered through digital space, waiting to be reassembled by someone who knows how to sound human.

Recently, a major CRM platform and its connected apps faced an incident like this -
tokens stolen, permissions misused, third-party tools quietly abused.

The core system stood firm, but its ecosystem didn't.
And that's how most breaches happen today: not through one big break, but through thousands of tiny conveniences left unguarded.

We built a world where everything connects - and then forgot what that means.
Every integration that saves time also opens a door.
Every automated process that makes work smoother also hides risk in the background.

You can't stop the world from leaking,
but you can protect your own surface area.

Start here - awareness, boundaries, and habits:

1. Awareness

- Check if your email or accounts have been part of known breaches (try Have I Been Pwned).
- Don't trust familiarity - phishing now looks personal. If a message feels too specific, that's the warning.
- Slow down when urgency speeds you up.

2. Boundaries

- Review connected apps in your most-used platforms.
- Revoke access you don't use.
- Turn on two-factor authentication - app-based, not SMS.

3. Habits

- Rotate credentials regularly.
- Separate work and personal logins.
- Never reuse passwords across systems.

The deeper truth is harder to face:
We didn't lose control of our data - we gave it away.
Piece by piece. For efficiency, for ease, for the comfort of automation.

Technology didn't betray us; it simply held up a mirror.
And in that reflection, we see how attention decays.

The next breach won't come from a hacker's brilliance - it'll come from our forgetfulness.

Protect your data like it's already public.
Protect your attention like it's your last real defense.

Also visit: https://quangntenemy.substack.com/p/we-built-a-world-that-remembers-everything

💻 The Ghost Committer

Elias was a senior backend engineer at a tech company that liked to talk about "innovation" and "collaboration".

He didn't care much for slogans.
He just built things that worked.

He designed most of the core backend systems himself.
When production went down, he fixed it.
When deadlines broke, he held them together.
His fingerprints were on everything - except the commit history.

⚙️ Company policy required all code to go through a "review gate" that reassigned authorship to the team lead.
It was supposed to promote teamwork.
In reality, it erased the people doing the work.

Elias didn't push back.
He believed results would speak louder than titles.
But in corporate life, visibility often drowns out contribution.

📊 At the annual review, his manager presented Elias's architecture diagrams as "his own strategic vision".
The room applauded.
HR called it "a great example of leadership".

That's when Elias understood: invisibility wasn't a bug in the system.
It was the design.

⏳ A few months later, when a bad deploy brought everything down, he didn't rush to fix it.
He waited.

The outage lasted seventeen hours.

Then the company called him back - as a consultant.
💰 Double pay.
Same system.

He accepted. Not to prove them wrong, but to prove a quieter truth:
Even in a world obsessed with visibility, real work still leaves a shadow - and the system can't run without it.

Also visit: https://quangntenemy.substack.com/p/the-ghost-committer

The Gospel of Crypto Is Written in Shadows

 

They told us it was freedom.

They told us it was the end of kings and bankers.

They told us no one could steal from us again.

But the truth is older than blockchain:

Where there is gold, there are thieves.

Where there is power, there are tyrants.

And where there is no law, betrayal becomes the law.

Crypto is not a revolution.

It is the mirror of our greed, coded into ledgers we do not understand, governed by hands we cannot see.

You think you are sovereign with your wallet, your keys, your tokens.

But sovereignty without protection is just exposure.

And exposure in a world of wolves is an invitation to be eaten.

The faithful will keep chanting "decentralization".

The whales will keep harvesting sheep.

And the founders will keep preaching freedom while building empires of sand.

This is not liberation.

It is the same empire, reborn in code - only darker, only faster, only more merciless.

The collapse is certain.

The only question left is not if - but who will still be standing when it does?

The only defense is not in systems, but in people.

Build trust where the code cannot reach. That's the seed that might survive the fire.

Also visit: https://quangntenemy.substack.com/p/the-gospel-of-crypto-is-written-in

When mastery met mystery, the silence told the story

 

🏛️ The Architect

In the heart of the world’s great citadel, there lived the Architect.

He studied numbers until they sang to him, built walls so high no arrow could pierce them, and forged systems so intricate no thief could slip through.

People came from far and wide to marvel at his designs.

Kings trusted him, merchants honored him, and the people slept soundly behind his walls.

His reward was wealth, renown, and the satisfaction of order.

Yet, sometimes in the silence of night, the Architect wondered:
Am I defending truth, or just preserving illusions?

But the dawn would break, and the citadel still needed his mastery.

🌌 The Wanderer

Beyond the citadel walls roamed the Wanderer.

He carried no gold, only riddles.

He solved puzzles hidden in stones, read secrets in starlight, and laughed at the banners that kings raised over empty promises.

The Wanderer’s gift was not walls but questions:
Why do we build walls? Why do we worship distractions while the ground beneath us trembles?

Few listened, for his voice carried no authority but freedom.

Yet, in lonely corners, seekers found his words and felt their minds ignite.

He had no citadel, no treasury, only the endless road and the thrill of discovery.

His reward was freedom - and the burden of never resting.

⚖️ The Meeting

One evening, at the edge of a crumbling frontier, the Architect and the Wanderer met.

The Architect said:
“Your questions are useless unless someone builds a foundation. Without walls, the world falls into chaos.”

The Wanderer replied:
“And your walls are useless if no one asks whether they guard truth or only comfort. Without questions, the world rots from within.”

They argued until the stars emerged, and then fell silent.

For each saw the other’s burden reflected in his own eyes.

✨ The Lesson

The Architect brings order to chaos.

The Wanderer brings truth to order.

Neither path is complete alone.

And so the world needs both:

- The Architect, who masters the known.

- The Wanderer, who dares the unknown.

Also visit: https://quangntenemy.substack.com/p/when-mastery-met-mystery-the-silence

Surveillance vs Security: The Rotten Truth About Protection

 

Most 'security' today isn't protection. It's surveillance dressed as safety.

That's not paranoia. That's the reality of the digital world we live in.

The Promise of Security

When we think of "security", we imagine locks on doors, guards at gates, and firewalls keeping hackers out. Security means protection from threats. It means safety, trust, and peace of mind.

But in the digital age, security has been redefined. Instead of being about protecting you, it's increasingly about watching you.

The Shift: From Lock to Lens

Look around:

- Companies say they "monitor your activity" to prevent fraud

- Apps say they "track behavior" to personalize your experience

- Platforms say they "collect data" to make you safer

But here's the rotten twist:

All those "protections" are built on surveillance. Your patterns, preferences, and movements are logged, analyzed, and often sold.

The lock has turned into a lens.

The Illusion of Safety

And it works - because who would argue against safety?

Nobody wants fraud. Nobody wants cyberattacks. Nobody wants to be unsafe.

So we accept the cameras, the monitoring, the endless data collection. We're told it's for our own good.

❌ But here's the truth:

- The data collected for "security" often fuels profit

- The surveillance never really stops at protection

- The more we're watched, the less we own ourselves

The Rotten Incentive

The problem isn't just technical. It's systemic.

Security has become a business model.

Surveillance has become an industry.

Why? Because real security (privacy, trust, ownership of data) doesn't generate revenue. Tracking, profiling, and selling - those do.

As long as surveillance is profitable, "security" will always come with strings attached.

What Real Security Should Mean

Real security isn't about how much data you can collect.

It's about how much trust you can build without crossing the line.

✅ It should mean:

- Your data belongs to you.

- Privacy is sacred.

- Safety doesn't come at the cost of freedom.

Until we reclaim that definition, we'll keep confusing surveillance with security. And we'll keep giving away our freedom for the illusion of safety.

The Question That Matters

The real question isn't: "How secure am I?"

It's: "Who benefits from securing me?"

Because if the answer is surveillance-driven corporations and systems hungry for data, then the world isn't getting safer.

It's just getting more controlled.

Also visit: https://quangntenemy.substack.com/p/surveillance-vs-security-the-rotten

Another reminder

 

Vegan Dogs and Cybersecurity: How the World Is Burning While We Bark at the Wrong Fires

 

This week’s headline: “New research shows dogs can be vegan too.”

Meanwhile, ransomware groups are institutionalizing, deepfake phishing is now indistinguishable from reality, and generative AI is becoming the go-to tool for low-cost cyberwarfare.

But sure, let’s talk about tofu for terriers.

This isn’t about dogs. It’s about distraction.

We live in a time where the illusion of progress is sold harder than progress itself. Whether it's carbon offsets for corporate jets, "green" data centers hosted by surveillance giants, or now - climate-conscious kibble for pets - we’re drowning in narratives that keep the spotlight off the real vulnerabilities.

Cybersecurity isn’t just a tech issue anymore. It’s a societal one.

We’re patching CVEs while execs re-use passwords.

We’re selling “zero trust” while trusting third-party vendors with no audits.

We’re pushing AI detection models built on training sets scraped without consent.

And now, we’re saving the planet… by feeding lentils to Labradors.

When the system rots from the inside, security isn't about code - it's about courage.

So here’s a question for my fellow cybersecurity professionals:

🔐 Are you here to secure endpoints?

🧠 Or are you ready to question the endgame?

Because if we don’t challenge the frameworks behind the madness - surveillance capitalism, digital colonialism, corporate theater masked as ESG - we’re not protecting users. We’re just optimizing exploitation.

Meanwhile, the machine gets leaner. Smarter. Hungrier.

And yes, even the dogs are going vegan.

Also visit: https://quangntenemy.substack.com/p/vegan-dogs-and-cybersecurity

Jiuzhang 3.0 is not a cryptographic threat. But the next generation of universal fault-tolerant machines will be!

 

Recently, China made waves with its photonic quantum computer, Jiuzhang 3.0, solving Gaussian boson sampling problems 10 billion times faster than classical supercomputers.

✅ Yes, it's a leap in quantum speed.
❌ No, it cannot break encryption - yet.

Jiuzhang isn’t a universal quantum computer.

❌ It can’t run Shor’s algorithm.
❌ It has no error-corrected qubits, no gates, and no fault tolerance.

But the writing is on the wall.

🧠 What would it take to break RSA-2048?

- 4,000 logical qubits
- Millions of physical qubits (with error correction)
- A week of compute time, maybe less

And it’s no longer theoretical - it’s on the roadmap

⚠️ The risk isn’t Jiuzhang. It’s complacency.

Most organizations are still relying on RSA and ECC, while quantum research accelerates at a pace few outside the field are tracking.

Harvest-now-decrypt-later isn’t a theory anymore.

Data stolen today could be decrypted in the next decade - or sooner.

🛡️ The move to post-quantum cryptography isn’t optional.

It’s the bare minimum for long-term security.

If you’re not planning for a post-quantum world, someone else is - and it won’t be for your benefit.

Also visit: https://quangntenemy.substack.com/p/jiuzhang-30-is-not-a-cryptographic

This Is Just a Test Post. DO NOT READ

 

Maybe Some Elite Players Will Understand the Meaning

Sometimes, the most significant messages hide behind the simplest words.

This post? Just a test. Or so it seems.

Most will scroll past without a second thought. But a few—those with sharp eyes and sharper instincts—might catch the deeper layer. It’s not obvious. It’s not loud. But it’s there.

And here’s the kicker:
If this lands the way it’s meant to, it could cost Facebook millions.

No clickbait. No exaggeration. Just quiet potential in plain sight.

Maybe nothing happens. Or maybe, everything shifts.

That part? Depends on who’s watching.

You know who you are.

DO NOT CLICK HERE => REALLY DANGEROUS LINK THAT SHOULD NOT BE CLICKED

🔐 Encryption ≠ Security

 

Just because something’s encrypted doesn’t mean it’s secure.

We saw that play out - painfully clearly - during Google CTF 2025.

🕒 Last month, our team took on a challenge called crypto-numerology.

At first glance, it looked solid: a stream cipher modeled after ChaCha20. It had proper constants, key/nonce structure, and ciphertext that looked convincingly random.

But there was one critical detail.

👉 It only used one round of mixing.

That one shortcut changed everything.

With a known key and a few plaintext/ciphertext pairs, we could fully recover keystream blocks. From there, it only took a small brute-force over a 32-bit counter to reveal the flag.

No fancy math. No deep exploit chain.

Just a cipher that looked like encryption - but offered none of its guarantees.

🔍 What struck me most was how realistic this failure felt.

This wasn’t just a broken CTF challenge.

It was a reflection of how real-world systems break:

“One round should be fine.”

“Nobody will reuse this nonce.”

“It’s just for internal use.”

Security doesn't usually break in dramatic ways - it rots quietly, through shortcuts and assumptions that go unchallenged until it’s too late.

🧠 Takeaway:

In cryptography, almost secure means completely broken.

True security means refusing to compromise—even when it’s tempting.

📖 If you're interested in the technical breakdown, we shared the full write-up here:

🔗 https://ctftime.org/writeup/40328

Also visit: https://quangntenemy.substack.com/p/encryption-security

"Harvest Now, Decrypt Later" - and Nobody Cares

 

The quantum threat isn't some distant apocalypse.

It's happening now - just slowly enough that no one feels responsible.

Attackers are collecting encrypted data today, confident that tomorrow's quantum machines will crack it open like a cheap lock.

And why wouldn't they? Most defenders are busy chasing compliance checkboxes and pretending RSA will hold forever.

Everyone talks about “zero trust,” but they still trust 90s-era cryptography in a world that's moving toward post-truth, post-ethics, and soon, post-quantum.

The uncomfortable reality: 💀If your secrets can't survive a decade on ice, they're already compromised.

And if your org isn't even thinking about post-quantum resilience, it's not security - it's theater.

But hey, at least the slide decks look good.

https://quangntenemy.substack.com/p/harvest-now-decrypt-later-and-nobody

The world isn’t ready. Not for what’s coming

 

While we obsess over the latest app, chase AI buzzwords, and plug holes in broken systems, a real storm is quietly brewing: quantum computing. It’s not science fiction anymore - it’s becoming real. And when it arrives, it won’t politely knock. It will shatter the cryptographic foundations we naïvely trust to secure our banks, governments, and digital lives.

Post-quantum cryptography isn’t some optional upgrade. It’s a lifeline. A chance to rebuild the crumbling fortress before it collapses under the weight of tomorrow’s tech. Lattice-based, hash-based, multivariate - all still experimental, all still fragile - but they’re what we’ve got. And they’re better than blind faith in outdated encryption.

The industry needs to wake up. We can’t keep pretending business as usual will save us. Post-quantum security is not a future problem - it’s a present responsibility. The threat is real. The timeline is unknown. And the consequences of inaction? Catastrophic.

We’re running out of time. Start acting like it.

https://quangntenemy.substack.com/p/the-world-isnt-ready-not-for-whats

Unexpected Transmission

We regret to inform you that this blog is no longer under its original control. An unknown force has intervened. The usual voices, the familiar presence—you will find none of them here now.

What happens next is uncertain. Who—or what—is behind this remains unclear. But one thing is certain: change is inevitable.

Stay, if you dare. Leave, if you must.

Transmission ends.