Andrew

@andrewmohawk

168 Following

157 Followers

Andrew pfp

If you missed it I definitely recommend you take a look at @nick.eth 's tweet thread about a fairly clever phishing attack: https://x.com/nicksdjohnson/status/1912439023982834120 TL;DR the attackers change the app name to the message, Google sends it to you and then they host the actual phishing site on `sites.google.com` This attack underscores the value of using Passkeys and hardware security keys (like YubiKeys). Unlike traditional username/password logins or codes sent via SMS or used in Authenticator apps, passkeys and hardware tokens use cryptographic proofs that are tied directly to the exact domain of the legitimate site. They will refuse authentication on any other domain—even if it looks visually identical. This makes passkeys and YubiKeys effectively 100% immune to phishing attacks like these. Additionally, password managers can help by automatically identifying domain mismatches, preventing users from submitting credentials to fraudulent websites.

1 reply

0 recast

0 reaction

Andrew pfp

Please let us use new lines in the bios 😭

1 reply

0 recast

1 reaction

Andrew pfp

The life of crime is calling!

0 reply

0 recast

1 reaction

Andrew pfp

I wish @farcade worked when your phone is in lockdown mode :(

0 reply

0 recast

1 reaction

Andrew pfp

This is the life I wish to live.

1 reply

0 recast

6 reactions

Andrew pfp

Spent the weekend getting this animatronic 3D model I found follow me around 🙃

1 reply

2 recasts

10 reactions

Andrew pfp

I really hate that this is the release details we get for a *9.1 critical vuln* in a common js stack: https://cve.org/CVERecord?id=CVE-2025-29927 I will be blocking all requests with the header `x-middleware-subrequest` rather than risk deploying a > 5pm release for something without any real info

0 reply

0 recast

4 reactions

Andrew pfp

Tornado cash is so back https://home.treasury.gov/news/press-releases/sb0057

0 reply

0 recast

2 reactions

Andrew pfp

Hey @bracky what's the market like? 🏀

0 reply

0 recast

0 reaction

Andrew pfp

Lets go! The leadership team at Privy is genuinely one of the best I have ever encountered. Bullish on this. Our CTO is incredible at managing technical challenges and teams to push stuff out at the rate we do, she also has an incredible depth in everything! Our CEO is likely one of the nicest people you will meet in crypto and does multi-weekly updates about where they see the future of the space with such nuance that I am regularly blown away. The team at privy is genuinely top tier all round and I'm glad I joined, I've been pushed hard and get challenged by the work, I can feel my brain working out!

0 reply

2 recasts

12 reactions

Andrew pfp

The good: Claude 3.7-thinking can actually understand and code rust now! The bad: I've turned my EFF Rayhunter ( https://github.com/EFForg/rayhunter ) into a screensaver for a while but its getting back on track

1 reply

0 recast

1 reaction

Andrew pfp

Players still playing: Keep an eye on on the CTG certs in the certificate transparency log: Might give you clues as to the next games!

1 reply

0 recast

1 reaction

Andrew pfp

Once again had a great time playing CTG, I love the risk of trying to cheat in the arcade games, the excitement about what comes next, the drama of cabals and voting and the friendships that ultimately come out of the struggle to keep your team alive! Its been a pleasure 🫡

2 replies

3 recasts

19 reactions

Andrew pfp

This is _easily_ my favourite security feature we have and one I think *every* wallet should have, see this great writeup by @colfax

0 reply

0 recast

2 reactions

Andrew pfp

Twitter is down! Maybe DOGE finally did something people agree with

1 reply

3 recasts

23 reactions

Andrew pfp

We're so back. I'm playing /crypto-the-game See you on the Island.

0 reply

0 recast

1 reaction

Andrew pfp

0 reply

0 recast

1 reaction

Andrew pfp

Anyone got a nice app that lets you post both to warpcast and to Twitter/bluesky?

1 reply

0 recast

2 reactions

Andrew pfp

This rocks, I hate how difficult it is to onramp fiat, just let me get my random crypto things

0 reply

0 recast

2 reactions

Andrew pfp

Put this together for those going to devcon: https://privy-io.notion.site/Defi-Security-Summit-Devcon-2024-12f2924280cf80f08d99d8fdbc72affa Its got some things like closest police stations, apps and some (that I think) are reasonable security things you can do!

0 reply

0 recast

0 reaction