On
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 Mar 2026 15:30:56 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning cypherpunks-bounces@lists.cpunks.org does not designate 198.252.153.129 as permitted sender) client-ip=198.252.153.129; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.cpunks.org header.s=default header.b=qrE7M17u; dkim=pass header.i=@lists.cpunks.org header.s=default header.b=slw80URk; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20251104 header.b=jj2HtWtD; arc=fail (body hash mismatch); spf=softfail (google.com: domain of transitioning cypherpunks-bounces@lists.cpunks.org does not designate 198.252.153.129 as permitted sender) smtp.mailfrom=cypherpunks-bounces@lists.cpunks.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from= lists.cpunks.org; dara=neutral header.i=@gmail.com Received: from mail.pglaf.org (mail.pglaf.org [69.55.231.143]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by mx1.riseup.net (Postfix) with ESMTPS id 4ffntf6rXHzDrVJ; Mon, 23 Mar 2026 22:30:34 +0000 (UTC) Authentication-Results: mx1.riseup.net; dkim=pass (2048-bit key; unprotected) header.d=lists.cpunks.org header.i=@ lists.cpunks.org header.a=rsa-sha256 header.s=default header.b=qrE7M17u; dkim=pass (2048-bit key) header.d=lists.cpunks.org header.i=@ lists.cpunks.org header.a=rsa-sha256 header.s=default header.b=slw80URk; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20251104 header.b=jj2HtWtD; dkim-atps=neutral DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=lists.cpunks.org; s=default; t=1774305034; bh=PeXpWPeSN1BMwvsUiKbX+Ry6/lbJA8igWkWbnKUtpHE=; h=In-Reply-To:References:Date:Subject:To:List-Id:List-Archive: List-Help:List-Owner:List-Post:List-Subscribe:List-Unsubscribe: From:Reply-To:From; b=qrE7M17uSpghZ92wFMY0TpSd/Izcxifr2IvwlnAdNKHL5ejByawa9TKp7SVUmSRRs 4fu/yxgaec94/IIvTr4cfzftS9l78szAqh38U4DuHwgZlSv7Iff88zb2wvK3Rx/xRu qvzplmWYBplO8r7dfn8IR0E2gpOAH8DFqqzGEybGO8rLaIEqeDZwefk00eDLsobT+b as0D12IJoGhDbOZCt0KpAkjewqI6yBE8xu9QF8rzkkM08M3XppHsBPhg8BaSGBPRMs U4ABMh5RPbm69fnRzQc31bQrg717vc8jGvH+aWuPqzZtwwaHd9FkSqsNViJHv/x0y4 yumSixmKGvxcw== Received: from localhost (localhost [127.0.0.1]) by mail.pglaf.org (Postfix) with ESMTP id 66D5A1940FB1; Mon, 23 Mar 2026 15:30:34 -0700 (PDT) X-Virus-Scanned: Debian amavis at mail.pglaf.org X-Spam-Flag: NO X-Spam-Score: 0 X-Spam-Level: X-Spam-Status: No, score=x tagged_above=-999 required=3 WHITELISTED tests=[] autolearn=unavailable Authentication-Results: mail.pglaf.org (amavis); dkim=pass (2048-bit key) header.d=lists.cpunks.org header.b="slw80URk"; dkim=fail (2048-bit key) reason="fail (message has been altered)"
these things about dkim and message verification failing indicate to me there's no reason to assume it's greg i don't know what they mean yet :/ but it's more same old for me, i remember as a teen all my tcp checksums would fail a cryptographic signature is kinda more serious though possibly suspecting now some bytes in the attachment were getting fiddled (like a poor sequence that matches an escape edge case) who knows! but usually people assume a malicious actor when sig failures are seen. this device already known compromised.