If you're still using Zoom, you're cooked. Their April 2025 privacy policy collects "mouse movements, clicks, keystrokes or actions" during meetings. That's not crash telemetry. That's behavioral surveillance. The promise not to train AI on your audio and video is misdirection. "Service Generated Data" which includes telemetry, usage patterns, who you talk to, when, for how long is theirs to use for machine learning. Your social graph was never part of the deal. Zoom employees can access your content for "support reasons." A support ticket becomes a master key. Account owners control everything else. AI features, archiving, which third-party apps get your audio, video, messages, contacts. You don't approve these. Your employer does. "Enhanced Features" process facial geometry and voiceprints server-side. Their AI Companion requires disabling E2EE. Privacy and functionality are mutually exclusive by design. CVE-2025-64740: The VDI installer doesn't verify cryptographic signatures properly. Local privilege escalation to SYSTEM. They want your keystrokes and biometrics but can't sign their own binaries correctly. Participants get a popup when AI is enabled. Your choices are "Proceed" or "Leave." If it's a required work call, that is not consent. The policy is written for account owners. If you're an employee, you're inventory.

Notes from @ebfull's Tachyon blog post and his conversation with @str4d on scaling @Zcash with oblivious synchronization Zcash's privacy comes from nullifiers. When you spend funds, you reveal a random looking 32 byte token that prevents double spending without revealing which note you're spending. The problem: validators must store every nullifier forever. At 100 TPS, that's roughly a gigabyte of state growth per day. You can't prune it because you don't know which nullifiers correspond to which notes. This has been a known bottleneck since the original Zerocash paper in 2013. Tachyon inverts the architecture. Instead of validators maintaining the full nullifier history, wallets maintain proof carrying data of their own state. When you spend, your transaction includes a proof that the nullifier hasn't appeared in the chain up to a recent anchor. Validators only need to check recent blocks. Nearly all historical state becomes prunable. The key mechanism is oblivious synchronization. Third party services can sync your wallet and generate proofs without learning anything about your funds. They see nullifiers but protocol changes to how nullifiers are derived prevent even that from leaking information about note location in the accumulator. Your wallet can stay current while offline. Out-of-band payments are part of this. Currently wallets trial decrypt every shielded transaction to find incoming payments. Doesn't scale. Tachyon moves secret distribution off chain entirely, removing ciphertexts from transactions. This also eliminates the parts of the on-chain protocol that aren't yet quantum resistant. The Halo discovery made this practical. Before Halo, proof carrying data was theoretical due to performance limitations and trusted setup requirements. Halo changed that and triggered a wave of new PCD constructions. Sean has built Ragu, a library for recursive proofs on the pasta curves, specifically to support Tachyon's requirements. This matters because privacy and scalability have traditionally been in tension. Ledger indistinguishability means you can't tell which state a transaction modifies, which breaks most parallelization strategies. Tachyon resolves this by shifting the proof burden to wallets while keeping the same cryptographic privacy guarantees Zcash has maintained since launch. Timeline is ambitious: major improvements on mainnet within a year using cryptography Zcash already deploys. No speculative research required. Doesn't conflict with Crosslink or ZSAs. The Sapling upgrade proved this team can ship production ZK systems under pressure. They did it in 18 months while simultaneously patching a soundness bug in Sprout.

anon’s guide to actually supporting privacy: > donate to tools you use instead of just complaining they need money > contribute code if you can, documentation if you can’t > use private money (cryptocurrency, cash) > tell normies about alternatives without being insufferable about it > work for companies that aren’t surveillance machines > push for legal protections because tech alone won’t save us privacy isn’t a product you buy, it’s an economy you build