An excellent “Camp Signal” song about recent security events…
Ala Allan Sherman’s “Hello Mudder, Hello Fadder” from Camp Granada.
A Cursor -y Warning: How a MIT Math Whiz Failed Privacy 101
Arvid Lunnemark, one of the 2022 MIT mathematics graduates behind the Cursor product that may be looking at all your code, in 2021 wrote about achieving “complete privacy” through cryptographic means. Looking at his published engineering principles reveals exactly why his approach to privacy is so concerning:
1. Deal with the mess.
2. Let different things be different.
3. Always use UUIDs.
4. Delay serialization.
5. Look at things.
6. Never name something `end`. Always either `endExclusive` or `endInclusive`.
7. When a method is dangerous to call, add `_DANGEROUS_DANGEROUS_DANGEROUS_BECAUSE_XYZ` to its name…
8. Good tools are critical… If there isn’t a good tool, make one.
This reads like an inexperienced life answer to happiness. It’s the least compelling answer to privacy: clean, organized, tool-focused, and utterly disconnected from reality of real world communication.
The tone is reminiscent of Douglas Adams’ “Hitchhiker’s Guide to the Galaxy,” where the supercomputer Deep Thought calculates the answer to life, the universe, and everything as simply “42“—technically “correct” and yet so obviously fundamentally useless without understanding the question.
Lunnemark’s approach to privacy openly and proudly embodies this same catastrophic mistake everyone has been warned for decades to understand (hey, he was still a student, stretching his wings, hoping to start a revolution).
His principles show a mindset being taught or schooled that complex problems are to be reduced to technical solutions by building the “right” tools and labeling dangers “explicitly” enough. This isn’t just naive—it’s potentially harmful in tautological fallacies.
Privacy with better UUIDs or cleaner method names is like a bank vault with cleaner threads on its screws. Revolutionary? Pun intended, but not really. Safety from loss of privacy exists within centuries-old power struggles between individuals, economic or social groups, and states. It operates within power systems that incentivize imbalance for reasons well known. It functions very, very differently across cultural and political contexts.
When someone who graduates from MIT in 2022 proclaims the year before that they’ve found the answer to privacy through better cryptography, they’re giving us their “42”—a solution to a problem they haven’t properly understood.
Such technical reductionism has real consequences. The whistleblower who trusts in “complete privacy” might face legal jeopardy no cryptography can prevent. The activist who believes their communications are “cryptographically completely private” might not anticipate physical surveillance, economic coercion, or infamously documented rubber-hose cryptanalysis.
The inexperienced quick-fix engineering mindset that treats privacy as primarily a technical problem is dangerous because it creates false security. It promises certainty in a domain where there is none, only trade-offs and calculated risks. It substitutes a fetish of mathematical proofs for proper sociopolitical understanding. You want more message confidentiality? You just lost some availability. You want more message integrity? You just lost some confidentiality.
History repeatedly shows that technical absolutism fails. In fact, I like to ask computer science graduate students to read about neo-absolutist secret services (meant to preserve elitist power) for a great example of important history overlooked (because there’s 100% certainty they’ve never heard of it before, despite direct relevance to our challenges today).
…the regime rested on the support of a standing army of soldiers, a kneeling army of worshippers, and a crawling army of informants was exaggerated but not entirely unfounded.
The German Enigma machine notably was undermined 10 years before WWII by Polish mathematicians because they understood and exploited weak supply chains and other human measures. PGP encryption has been theoretically secure while practically abused for being unusable because who has invested in the real issues? End-to-end encryption protects message content but still leaks metadata—as Lunnemark correctly identifies—but his solution falls into the same trap of believing the next technical iteration will be the first one to “solve” privacy.
Young engineers aren’t wrong to build better privacy tools—we desperately need better things. They’re better! But they need to approach measuring concepts of “better” with humility and interdisciplinary understanding. What’s good for one may be bad for many, good for many bad for one. Engineers in other disciplines have to sign a code of ethics, yet a computer engineer has none. They need to recognize that they’re not the first to think deeply about problems like privacy, and that philosophers, historians, economists, and political scientists have insights that algorithms alone cannot provide.
Key management is much more interesting as a problem of social science than the mathematical properties of “better” material for making locks strong, or even those revolutionary finer threads on a vault screw.
The answer to privacy isn’t 42, and it isn’t “complete cryptographic privacy” either. It’s a complex, evolving negotiation that requires technical innovation alongside deep understanding of human systems. Until our bright young minds grasp this, they risk creating even worse problems rather than real solutions.
Honestly, I’d rather be riding a mechanical horse than driving a car because legs are “better” than wheels in so many ways I’ve lost count. The “automobile” rush that pushed everyone and everything off roads has been a devastatingly terrible idea, inferior in most ways to transportation much older. Those promoting the “king’s carriage” mentality often turn out to be aspiring kings, rather than solving problems to make transit “better” for anyone but themselves.
Since we’re in the world of agentic innovation, and I suspect a 2021 MIT student blog post never saw much interdisciplinary review, here’s a fictional “what would they say” thought exercise:
- Elinor Ostrom: “Lunnemark’s proposal demonstrates the danger of assuming universal solutions to complex governance problems. Privacy is not merely a technical problem but a common-pool resource that different communities manage according to their specific needs and contexts. It ignores polycentric systems through which privacy is negotiated in different social and political environments. Such a cryptographic approach imposed from above would likely undermine the diverse institutional arrangements through which communities actually protect their information commons. Effective privacy protection emerges from nested, contextual systems of governance—not from mathematical proofs developed in isolation from the communities they purport to serve.
- Hannah Arendt: “Lunnemark has mistaken a problem for a technical solution instead of a political one. Privacy is the precondition for political action, beyond the curation of an investigation’s authority. When he speaks of ‘complete privacy’ through cryptographic means, he betrays a profound misunderstanding of how power operates. Privacy exists in the realm of unruly human affairs, not in rules of math. The rush into ‘cryptographically complete privacy’ would be the illusion of protection while doing nothing to address the fundamental power relationships that determine who can act freely in the public sphere. Technical shields without political foundations are mere fantasies that distract from the real work of securing human freedom.”
- Michel Foucault: “How fascinating to see power’s newest disguise. This discourse of ‘complete privacy’ merely gives authority a new look, obscuring their unnatural role expanded. The author believes he can escape the panopticon through mathematical means, yet fails to see how this very belief is produced by the systems of privileged knowledge that determine what ‘privacy’ means in our epoch. His solution doesn’t challenge surveillance—it normalizes it by accepting its terms. True resistance requires not better cryptography but questioning the entire apparatus that makes privacy something we must ‘solve’ rather than a condition we demand. His technical solution doesn’t escape power; it merely reconfigures how power is exercised to likely benefit the shovel manufacturer in a graveyard.”
- Max Weber: “Lunnemark’s cryptographic solution reveals the iron cage of technical rationality at its most seductive. By reducing privacy to a mathematical problem, he exemplifies the disenchantment of the modern world—where substantive questions of human dignity and social relations are subordinated to formal, calculable procedures. This represents not progress, but the triumph of bureaucratic thinking over meaningful action. True privacy cannot be secured through technical efficiency alone, but requires legitimate authority grounded in social understanding. His approach mistakes the rationalization of means for the clarification of ends, creating an illusion of control while leaving the fundamental questions of power, surveillance, and human autonomy unaddressed. This is precisely the danger I warned of—when technical expertise becomes divorced from value-rational deliberation about the ends it ought to serve.”
Can you spot the mathematician? We need to find and fight against not just one specific ungrounded proposal such as Lunnemark’s, but the entire mindset of technical solutionism whenever it creeps into technology circles that operate without any code of ethics.
Killing a Public Safety Messenger: Lessons from 1988 UK Egg Price Crisis
Edwina Currie uttered a sentence in December 1988 that would rapidly end her ministerial career and send Britain’s egg industry into an alleged “crisis“:
Most of the egg production in this country, sadly, is now affected with salmonella.
Was she entirely accurate? No. She should have said “much” or left out the word “most”. That wordplay doesn’t sound like a crisis, though. Was there a genuine health concern that needed addressing? Absolutely. Egg production in the UK was affected with salmonella and she was correctly saying they could do better.
Government data showed concerning links between infections and egg consumption. Cases in Britain had more than doubled between 1982 and 1988. She brought to public attention that there was a real problem. Currie’s assessment was correct, despite an imperfect delivery by including a vague word “most”.
Most of the time we shouldn’t say most.
What followed was a textbook case of self-serving defensive semantics as tactics, trying to avoid bad news, rushing to shoot the messenger to undermine the message. Notably, egg sales were suddenly reported by the industry to plummet overnight and they demanded the government give them handouts (penalty payments) while they slaughtered millions of their hens. The industry reported it lost tens of millions, demanding even further government handouts. How convenient for the salmonella spreaders they could so immediately demand victim status compensation.
The industry reaction’s effect on Currie? They forced her to resign in disgrace. The industry effectively capitalized on her report; a political moment was seized to secure government subsidies while deflecting attention from evidence of neglect in safety practices. The government provided £20 million in compensation without first establishing an independent investigation into the actual scale and cause of the problem being subsidized. Talk about ironic evidence of corruption in the food industry that had led to the poisonings in the first place. Who were the victims again? Did the 27,000 sick get any of those millions in compensation, ever?
The business tactic of explosive anti-accountability was perhaps as predictable as it was unfortunate. Public health warnings in England must be nuanced or they could naturally trigger fear responses known to “plague” them, if you get my drift.
…human ectoparasites, like body lice and human fleas, might be more likely than rats to have caused the rapidly developing epidemics in pre-Industrial Europe. Such an alternative transmission route explains many of the notable epidemiological differences between historical and modern plague epidemics.
Scientists keep trying to figure out what caused the plague, while cynical and cruel businesses always seem to have another model in mind…
There was an emergence of a social narrative that Jews had caused the Black Death [by] people who noticed that, in fact, getting rid of Jews was a way of getting rid of debt, as well as taking possession of their wealth. The eruption of the plague had simply given an external reason for this to occur.
Thus, consider how a proud “keep calm and carry on crowd” somehow was pivoted into excited self-serving behavior like a bunch of chickens with their heads cut off at the very mention of a potential risk that needed thoughtful response. Instead of a measured action and patience about investigating a “most” eggs claim through scientific clarifications, somehow the egg industry was allowed to leverage mass panic to their favor, ginning up a hunt for…a very convenient scapegoat, a trusted source of concern.
Certainly, Currie’s delivery included a word that needed clarification. Who was more imperfect, the salmonella spreaders or the politician? Her use of “most” instead of very specific percentages transformed a targeted warning into an industry-wide condemnation. And in retrospect her job raising attention to a rising problem was effective. She was invoking the point that food poisoning from eggs jumped from 12,500 in 1982 to about 27,000 in 1988. That’s a lot of bad eggs, even if not most!
The “most” significant communication failure actually came after Currie had made her point. Industry representatives, media outlets, and government officials rushed into “don’t keep calm, don’t carry on” outrage instead of proper education. Rather than accept the criticism, contextualizing the risk, rather than providing leadership through the criticism and feedback, rather than providing consumers with practical safety guidance and goals, the egg industrialists under fire focused heavy return fire on destroying Currie herself.
How dare she say something was imperfect? How dare she focus on the bad things and bring attention on a worsening problem that had made 27,000 people sick?
The aftermath of the scandal presents a troubling paradox: the messenger who raised a very legitimate concern faced career destruction for a LOW imperfection in her delivery, while those who allowed salmonella to spread in the first place faced minimal scrutiny for CRITICAL imperfection in their delivery.
The egg producers who had failed to maintain adequate safety standards somehow emerged as the only victims of their own imperfections, while decrying any amount of imperfection as unacceptable in others. The industry stepped back in horror instead of forward into being potential contributors to resolving the real public health issue.
The British Egg Industry Council said it was seeking legal advice on whether it could sue Mrs Currie over “factually incorrect and highly irresponsible” remarks. A spokesman said the risk of an egg being infected with salmonella was less than 200 million to one. The National Farmers’ Union said it might seek legal damages.
The doubling of salmonella cases in five years to 27,000 people was effectively sidelined by industry representatives’ focus on defending their economic interests. Their claim of “200 million to one” odds of infection were foul, as it contradicted reliable government data showing rapidly increasing illness rates.
This pattern repeats itself regularly in public discourse to this day, and especially in security discussions with regard to technology such as the unsafe Tesla designs. We still see efforts to punish those who highlight uncomfortable truths, while counter-attacks are unleashed by those responsible for creating problems to avoid taking any accountability.
From whistleblowers to scientists warning about climate change, a tendency to attack messengers remains one of the most counterproductive social habits in risk management.
Currie’s egg scandal was about a collective inability to process warnings without feeling personally attacked, and trying to throw everything at the source to disarm the warnings. It highlighted a social response, if not a cultural one, where a panic instinct was to curate a simple villain story to avoid thinking hard about complex solutions.
The irony? The Lion Quality mark introduced after her scandalous “more” has made British eggs among the safest in the world. Currie’s warning, imperfect as any warning, ultimately is what led to very needed significant improvements in food safety.
…the industry did have a problem and was giving too many people food poisoning. Farms tried to clean up but the real breakthrough came in 1998 when the vaccination of hens for salmonella was introduced at farms backing the new British Lion mark. All the big egg producers put the marks on their eggs. From 1998 there have been falls almost every year in the number of human cases of Salmonella enteritidis. In 1997, there were 22,254 cases. In 2005, there were 6,677.
Perhaps it’s time we recognized someone who took the fall for speaking uncomfortable truths in British society, for her imperfectly delivered message bringing everyone a more perfect world.
She deserved “more” thoughtful responses than the unfair and imperfect panic and persecution in the place that prides itself on a decorum of perfection. In retrospect, all the claims of harm by the egg industry were targeted political propaganda that evaporated the power of a person whose job it was to improve health. Currie explained it herself later:
…the numbers of confirmed cases continued to run at about 30,000 a year for the next decade, with about 60 deaths a year. […] There really was a problem with eggs. The hens’ oviducts had become contaminated with a new variant of salmonella, which did not kill the birds, but showed up in infected eggs, and caused a particularly virulent food poisoning in humans. It resulted from laying stocks being fed “protein” that turned out to be ground-up dead chickens. Similar insane feeding practices led to BSE in cattle in the 1980s and 90s. […] Ministry of Agriculture, Fisheries and Food were equivalent to a bunch of lunatics. They’d appointed themselves apologists for the farming industry – not their role, as public regulators and advisers. They were unscientific and incompetent. […] I hadn’t made a mistake – not in the substance. I was public health minister. If something wasn’t done during the winter of 1988, I could foresee that we would have an epidemic on our hands…
The egg industry’s response went beyond mere defensiveness, employing legal threats, contestable statistics, and claims of catastrophic financial harm to undermine a health official raising legitimate concerns. The subsequent events raise questions about whether public panic was unfairly manipulated and leveraged to secure financial benefits by the very industry that should instead have focused on its obviously flawed safety standards.
One final thing to consider is just how much Junior Health Minister Edwina Currie had the support of the public, yet this wasn’t enough to keep her in office. That’s important context for how certain powerful businesses conspired to remove a servant of the public, even against the public’s wishes.
Trump Tesla Tax Kills Last Place Still Buying Them: UK
Trump first said it was illegal not to buy a Tesla, then he said he was buying a Tesla, now he has slapped a 25% tax on anyone buying a car that isn’t a Tesla.
To be clear, the Trump Tesla Tax was designed to penalize all car companies other than Tesla. And not surprisingly Tesla put out propaganda saying it would be hurt by the thing designed to help it, because that’s how gaslighting works.
- Trump says he’s helping the people he actually hurts.
- People actually being helped by him say they will be hurt.
And up is down, down is up.
The disinformation doctrine is that nobody can stop a dictator when there is no truth left but whatever the dictator says in the moment.
All that anti-vaccine propaganda? It was strategic, meant to destroy faith in experts and scientific/critical thinking. It reconfigured society to be far more vulnerable to simple attacks, easily exploited by the biggest con artists unafraid to lie. That’s how we end up with the damage of a Trump Tesla Tax, expected to be as effective as Trump’s instant cure for COVID that killed millions instead.
For those watching the world reject the Tesla since January, and rightly so in places still able to think clearly, the defective and dated sub-par vehicle (the state-sponsored Trabant of America) has seen sales drop 90% while other EV sales are up, way up. Yet, there’s been one place notably still buying the Swasticar.
The UK.
Experts attribute this holdout, a bizarre remaining market for a Swasticar, to extremist right wing groups in the UK (white supremacist cells) who see a Nazi-saluting Tesla CEO as symbolic of their mission and beliefs.
In the rest of the world there simply aren’t as many extreme right wing activists as normalized in England. And to be fair, the English are not hesitant to call out their own Nazis.
Kudos to the Brits who studied history.
Now, in an ironic twist, the new Trump Tesla Tax meant to artificially juice American Swasticar sales, is instead immediately winding up resentment from the UK.
We are looking at the zero emission vehicle mandate which is why some of… that money goes to Tesla, and looking at how we can better support the car manufacturing industry in the UK.
UK finance minister Rachel Reeves is saying Tesla should be banned from any more government handouts. Makes sense, of course. The bogus “green” marketing loophole was allowed to dominate the Swasticar sales discussions before. Yet now the ugly Nazi reality of an aggressive foreign interventionist, imperialist tin-pot dictatorship, throwing dumb taxes around, is simply too hard to ignore anymore.
Oh, and the UK just banned Tesla marketing fraud.
…it is not even close to offering full self driving capability, a fact that has convinced the Department for Transport (DfT) in the UK to disallow most Tesla driver-assist features… If you told those people they had to stand over their toasters and monitor them constantly to prevent the toast from burning, they would think you were a perfect jackass.
The Tesla Trump Tax is backfiring, and is likely to make Tesla about as popular as when the East Germans (DDR) under the KGB (e.g. Putin) built a wall and mandated that everyone had to buy a Trabant.
Axios Harris Poll 100:
Tesla’s reputation ranking in the Axios Harris Poll 100 has fallen significantly, from 8th place in 2021 to 63rd in 2024.
Consumer Perception:
Overall, Americans’ impression of Tesla has dropped, with YouGov finding a score of minus 12.7 in March 2025, the lowest since 2016.
Caliber’s “Consideration Score”:
Caliber’s “consideration score” for Tesla fell to 31% in February, less than half its high of 70% in November 2021.
Buzz Score:
Tesla recorded a negative buzz score (-18.2) compared to Volkswagen (9.3), indicating more negative than positive buzz in the past two weeks.
Purchase Intent:
Consumer purchase intent for Tesla is also low, with a 1.6% score compared to Ford at 10.8%.”