Implementing existing algorithms using existing APIs

This is rolling your own crypto in the sense that you’re implementing a cryptographic algorithm rather than calling a cryptographic library that exposes that algorithm. For example, implementing HMAC using an incremental SHA-256 API.

However, there’s a specification that should explain how to implement the algorithm properly, there should be existing implementations to compare against, and this involves using a cryptographic library for the internal function(s). Therefore, if the specification is written properly, the cryptographic library is written properly, and the implementer reads the specification/documentation and checks correctness properly, the probability of making a mistake is low.

An issue with the specification or cryptographic library is not the implementer’s fault. All they should need to do is follow the specification, proofread their code, and test their code.

If they skip these steps, there will likely be a problem, but that’s the same with all code, not just cryptographic code. Where they may run into trouble is with things like constant-time code. However, the specification should say when this is important, prompting a logical person to research what that means if they’re unfamiliar with the term/how that affects implementation. Chances are the cryptographic library will include the necessary constant-time functions too.

Clearly, if the person does their due diligence, there’s a small risk of vulnerabilities here. On the other hand, an existing API may be available and have better performance, so it’s best left as a learning exercise unless the algorithm isn’t available in cryptographic libraries (e.g., Daence).

Designing/implementing custom constructions using existing algorithms/APIs

Here, you’re rolling your own crypto by designing something as well as implementing it. For example, an Encrypt-then-MAC AEAD scheme using a ChaCha20 and BLAKE3 API.

Whilst you’re still using an existing cryptographic library for the underlying algorithms, now there’s no specification/standard. The designer must be familiar with what makes that type of construction secure/insecure and how decisions affect the performance, usage limits, etc.

However, chances are there are existing, secure designs that can be looked at and used as inspiration as well as guidance on common pitfalls. Therefore, if the implementer does sufficient research, the risk of vulnerabilities in the design is low. Furthermore, following the previous section, implementation vulnerabilities are unlikely as well due to the use of existing APIs.

Implementing existing algorithms without using existing APIs

This time you’re no longer relying on a cryptographic library for the internals but there’s a specification. For example, implementing Argon2 requires implementing the compression function G.

This feels riskier, but the implementer can just copy an existing implementation from a reputable source, like the reference implementation, which is hopefully secure (if this isn’t clear, it’s not the fault of the implementer). The main time this won’t be possible is if the algorithm only exists in a paper, which is dodgier because pseudocode in papers typically isn’t the easiest to follow and can leave things open to interpretation.

The risk also depends on the algorithm, like how a naïve AES implementation could be vulnerable to side-channel attacks, which isn’t a problem for ChaCha20. Certain algorithms are just much simpler to implement than others.

Therefore, the chance of mistakes here is higher than in the previous two contexts but sometimes exaggerated, especially if the algorithm is on the simpler side and the reference implementation or other existing implementations are good.

However, the performance compared to an existing, optimised implementation may be terrible, making this more appropriate as a learning exercise again. It’s actually a great way to solidify your understanding of an algorithm after reading about it.

Implementing existing protocols

Now we’re on to protocols. Specifically, protocols designed and documented by someone else, like WireGuard or MLS.

This can likely be done using existing APIs since existing algorithms should be being used. The trouble is there’s usually a massive jump in complexity compared to implementing a single algorithm. Unless the protocol is simple, the specification will probably be overwhelming for the reader, significantly increasing the chance of mistakes.

Thus, the risk of vulnerabilities is more about how well the specification is written and how long/complicated it is. Major Internet protocols like TLS 1.3 aren’t meant to be implemented by one person, whereas implementing Minisign or age in your programming language is totally doable.

Again, you’ve got to ask yourself why bother. There will already be existing implementations that are likely going to be more performant, maintained by a team of people/someone more qualified, etc. Put differently, it’s probably another learning exercise unless you’re the first person to implement the protocol or the original implementation is no longer maintained.

Designing/implementing a new protocol

This often goes wrong at actual companies, so what hope does a single individual have? Well, like always, it depends.

What people don’t seem to realise in this context is that a new protocol can be heavily inspired by an existing protocol. If I look at the Minisign protocol, swap scrypt for Argon2id, and use that derived key with an encryption algorithm rather than as a keystream, I’ve just created a new protocol. Is this protocol insecure? No, definitely not; one could make a strong case for this being an improvement. Was it difficult to design? No, the changes were trivial.

Obviously, this is a simple example, but it highlights how certain deviations from an existing protocol are unlikely to cause vulnerabilities. And this can apply to bigger changes as well. The key is understanding what the strengths/weaknesses of existing designs are, what the threat model is, what security properties algorithms offer, and how to compose algorithms together.

Of course, with more real-world protocols like client-side encrypted cloud storage (with file/folder sharing) or E2EE messaging, the difficulty substantially goes up because of the complexity. But I would argue this is still achievable without vulnerabilities if you understand good existing designs and best practices.

Designing a new algorithm/primitive

Finally, we’ve reached the classic use of ‘don’t roll your own crypto’. Designing a new hash function, MAC, encryption algorithm, password hashing algorithm, etc.

At a first glance, this seems pretty cut and dry. However, this is again actually not as hard as you might think in some cases.

A good example is the sponge/duplex construction. Designing a permutation like Ascon or Keccak-f is hard, but designing a sponge/duplex-based algorithm using an existing permutation is significantly easier. Yes, there are multiple ways of doing it, but there are again existing designs that one can look at and combine ideas from. For instance, one could build a scheme like Ascon-128 using Keccak-f so there’s a larger rate/capacity (apparently someone else had the same idea).

On the other hand, designing an unkeyed permutation, a block cipher, a stream cipher, an elliptic curve based scheme, a post-quantum KEM/digital signature scheme, etc requires a lot more knowledge and experience. This is where the risk of vulnerabilities is highest (guaranteed if you don’t know exactly what you’re doing). Even cryptographers working in teams come up with broken algorithms all the time.

The takeaway

‘Don’t roll your own crypto’ isn’t a productive or logically sound statement. It either puts people off learning about cryptography/getting into the field or encourages recklessly forging ahead in an attempt to prove people wrong/restore their freedom. And cryptographers sometimes don’t roll crypto properly either when a non-cryptographer would’ve been able to avoid such a mistake.

Variants of the phrase like ‘roll your own crypto, then throw it away’, ‘write crypto code, but don’t publish it’, and ‘never roll crypto on your own’ are an improvement but still misleading. There’s no issue with publishing experimental cryptographic code/designs if there’s an obvious warning in the README and it isn’t used in production (aka it’s a learning exercise). This is just a waste of time if you make little to no effort to understand the subject as what you produce will probably be broken or worse than something that already exists.

In production, if there’s an existing algorithm/standard/protocol that meets your needs and is accessible, you should probably be using it. However, there are limitations with every algorithm and some don’t fit the bill in terms of required security properties, performance, supported algorithms, and so on. There isn’t a standard for everything, and just because there’s a standard doesn’t mean it’s good. There are also gaps in protocols that can be filled.

As long as you put in the time/effort and aren’t operating out of your depth, rolling your own crypto in production can be ok. The exception being brand new algorithms/primitives, which need third-party analysis before being used to be trusted. This requires publishing a paper and/or submitting the algorithm to a competition before waiting a few years.

Therefore, my super catchy catchphrase proposal is ‘only roll your own crypto if there’s a reason to do so and you’re going to do it properly’, by which I mean:

• Have justification.
• Know your limits (be honest).
• Educate yourself.
• Be thorough.
• Play it safe.
• Be boring.
• Take your time.
• Ask for help.
• Document everything.
• Double and triple check.
• Seek peer review.

Nobody is perfect; don’t pretend cryptographers are. We all make mistakes and can’t know everything. If you follow these rules, you have just as much right to be rolling your own crypto as a cryptographer because they’re doing the same thing, just with a head start and the advantage of easier collaboration.

Deterministic?

The idea of a deterministic password manager seems to date back to 2002 with Alan Karp’s Site Password. Ross et al. from Stanford also had a paper published in 2005 for the browser extension PwdHash. For comparison, the first traditional password manager was reportedly released by Bruce Schneier in 1997 and became open source in 2002. RoboForm was originally released in 1999, KeePass in 2003, 1Password in 2006, LastPass in 2008, Dashlane in 2012, and Bitwarden in 2016.

The concept is simple. Instead of storing passwords in a file, derive them on the fly. The inputs being some sort of unique identifier (e.g., your full name or a username), a domain/URL, a master password, a counter for when you want to change the password for a site, and possibly some options for formatting the derived password (e.g., length, lowercase/uppercase, etc).

In technical terms, a password-based KDF (PBKDF) can be used to derive a master key from the master password using the unique identifier as the salt. The master key, domain, length, and counter can be fed into an ordinary KDF to derive a subkey. Finally, this subkey can be converted from bytes into a string using the modulo (%) operator or via some encoding like Base64.

If you want to see some real implementations, check out Spectre, LessPass, and Cahir. Cahir is my attempt at a CLI deterministic password manager as a fun project. It aligns with the technical description above, whereas others may do things differently, like passing the domain/counter into the PBKDF salt and not deriving a subkey.

Now that you know what a deterministic password manager is, it’s time to discuss the strengths, weaknesses, possible improvements, and whether you should bother using one.

Strengths

Statelessness

The main selling point is that nothing gets stored. Firstly, you don’t have to synchronise your password vault between different devices. Secondly, there’s no file to lose/corrupt. Thirdly, you don’t have to trust a company to store your data securely.

With an offline password manager, the first two points are a problem. Syncing the vault to other devices and performing multiple backups is a hassle. Chances are you’ll end up storing the database in the cloud, making it more accessible to attackers, albeit this requires a targeted attack.

A cloud-based password manager shifts the problem to point three. Some companies are just crap, some are proprietary, some are resistant to change/criticism, and these services are an attractive target for attackers since data from many users is stored centrally. This trust and lack of control gives some people the heebie-jeebies. So does storing anything at all because it feels like attackers can obtain a copy.

Whilst some would dismiss this as nonsense, they sort of have a point. An attacker who has a copy of the ciphertext vault can perform an offline attack, guessing passwords until they successfully decrypt. By contrast, they can’t do an offline attack against a deterministic password manager without having a derived site password to guess against. Otherwise, all you can do is an online attack against a specific site, which will be rate limited as well as slowed by two PBKDFs.

Furthermore, if an attacker manages to crack the master password, they don’t automatically know which sites you use, what the derivation parameters are, or any other account information (e.g., usernames, email addresses, security question answers, 2FA codes). With a traditional password manager, they get this type of information (not everybody uses 2FA on their phone).

Simplicity

Perhaps the most overlooked advantage is that deterministic password managers are incredibly simple in terms of design and implementation. A single person with some programming/cryptography background can assess the security in an afternoon assuming the code is open source. There might also be just one implementation that works cross-platform (via the web).

In comparison, traditional password managers are far more complicated, perhaps not properly documented, more likely to be proprietary, and typically have desktop, mobile, browser extension, and web implementations with different codebases, which increases the likelihood of vulnerabilities.

Phishing

Another advantage you don’t see mentioned is that copying and pasting a URL to derive a site password protects against phishing. A phishing URL will be different to the legitimate site, resulting in a different derived password.

By contrast, copying and pasting a password from a traditional password manager does not offer protection unless you visit the URL directly (and don’t get maliciously redirected), although autofill functionality can if you use a browser extension.

Exfiltration

A final moot point is that physical/remote access attacks (e.g., via malware) against a traditional password manager may allow an attacker to retrieve more information than with a deterministic password manager.

For example, a RAT could capture your typed master password whilst the encrypted vault is exfiltrated from your machine. With a deterministic password manager, only the accounts used in the time period before removing the malware might be compromised.

Of course, if your machine is compromised, you’re screwed regardless. This kind of attack cannot be defended against by a password manager. Other security controls must be deployed (e.g., anti-malware software, OS hardening, firewalls, etc).

So, those are the strengths, but do they outweigh the weaknesses?

Weaknesses

Unavoidable State

Not storing state doesn’t really work for a few reasons. Different sites have different password policies (different length and character set requirements), meaning a default deterministic format won’t work everywhere. Either you accept that certain sites cannot be used, you support derivation parameters that have to be remembered, or you remember manual tweaks to the derived password. None of these options are good for usability.

Although the derivation parameters don’t need to be secret, that’s preferable as it’s valuable information to an attacker, and writing these things down defeats the point of a deterministic password manager. You’d need to synchronise this information between devices and could lose it or not have access to it when needed (e.g., when on holiday). Storing them in the cloud unencrypted is worse than using a traditional password manager, and storing them in the cloud encrypted is nearly equivalent to using a traditional password manager.

Similarly, you can’t store usernames/email addresses (e.g., aliases), URLs, debit/credit cards, notes (e.g., cryptographic keys, PINs, answers to security questions), previous passwords, or generate 2FA codes. If you already have a system you trust for storing passwords, you may as well store all this information in the same place. Storing these things elsewhere is more hassle and possibly less secure (e.g., unencrypted).

Furthermore, if a site password is compromised (e.g., in a breach or copying/pasting it accidentally), it needs to be rotated. The main way to tackle this is by having a counter, which is again something that needs to be stored or remembered. If you forget, you can trial and error it, but this slows down log ins. Some sites may even force you to reset your password every so often (e.g., Netflix blocking VPNs), mandating this counter usage.

Domains

The domain input may be handled differently depending on the deterministic password manager. For example, it could be interpreted as the whole URL, truncated to the subdomain, or truncated to just the domain.

If the whole URL is used, you could accidentally lock yourself out of an account. A good example is the Amazon Sign in page, which includes an openid.return_to= that varies depending on which Amazon page you were previously on. However, this is useful for offline applications that don’t have a website (e.g., off GitHub).

Problems may arise if there are differences between the main website domain (e.g., proton.me) and the login subdomain (e.g., account.proton.me). This could again accidentally lock you out of an account.

If a website changes its domain (e.g., tutanota.com -> tuta.com, protonmail.com -> proton.me, etc), copying and pasting the URL won’t derive the same site password. You either need to permanently remember to use the old URL or remember the old URL then reset your account password to use the new URL.

Lastly, having multiple accounts on the same service (e.g., multiple email accounts) means you end up reusing the same site password unless you introduce your own modifications to the domain input that have to be remembered.

Resetting Passwords

Changing your master password or breaking changes to the protocol requires resetting the password for each account you own, which would be incredibly time consuming for lots of accounts and possibly get you locked out of a few. Neither is an issue with a traditional password manager as you can update the vault.

There’s also no way of importing passwords like a traditional password manager. You’re forced to reset every account password when you first want to use a deterministic password manager. The exception being if you use a derived password to encrypt a file containing your passwords, which defeats the point of a deterministic password manager. Then if you want to switch back or create a paper backup, there’s no way of conveniently exporting site passwords.

Master Password Typos

If the master password is hidden when typing it (e.g., in a CLI application), you won’t necessarily know that the derived site password is wrong until you attempt to log in to that account, which slows you down.

This would also be a nuisance if you forgot your master password and were trying to guess what it was. For instance, if you got two words in a passphrase the wrong way around. Eventually, you’d be rate limited by the website.

Then if there’s some fingerprint for the password you typed, like the emojis with LessPass, an attacker performing shoulder surfing could significantly speed up password cracking since the fingerprint will be computed using a fast cryptographic hash function without a salt. Otherwise, it wouldn’t be useful for identifying whether you mistyped your password.

Passphrases

The tools I’ve seen can’t generate memorable passphrases, which forces you to use another tool for that purpose in scenarios where you want to memorise things (e.g., disk encryption) or just have an easy to type site password (e.g., for sharing). Then if you want them written down in case you forget, they’ll probably get stored in plaintext.

Exposed Site Passwords

Moving on to security, exposure of a derived site password (e.g., in a breach of a service you use, accidentally sharing it with someone, etc) can allow an attacker to perform offline password cracking for the master password. This scenario is more likely and less under your control than an attacker having an offline copy of the vault with a traditional password manager.

If the breached service uses a password hashing algorithm and accepts high-entropy passwords, it’s unlikely a derived site password would be recovered. However, the server receiving account passwords before they’re hashed could be compromised or accidentally logging the passwords.

The caveat is that an attacker must know you use a deterministic password manager and which one, making it a targeted attack. Otherwise, a derived site password dumped on the dark web looks like any other randomly generated password.

Master Password Compromise

Compromising a traditional password manager requires knowing the master password and having access to the ciphertext vault, which could be kept offline. With a deterministic password manager, a master password compromise alone could expose every site password if the attacker can figure out or find the derivation parameters.

Seeing as the salt is likely public information (e.g., your full name), an attacker may be able to precompute mappings of master passwords to derived site passwords and then search for one of those site passwords in a breach to determine the master password. This isn’t possible with a traditional password manager.

With most implementations, there’s no form of MFA (e.g., a pepper stored in a file) to protect you when your master password is compromised. In contrast, traditional password managers widely support this, including with physical devices like YubiKeys.

Then if a password manager service is breached, there should be a notification from the company so people know to change their passwords. With a deterministic password manager, you won’t know if an attacker has access to your accounts unless you get an email warning you about a suspicious log in or similar. You obviously won’t get this warning for an offline application, and you might miss a warning (e.g., since you use a VPN and frequently get false positive warnings).

Insecure Design

Despite deterministic password managers being simple, they’re normally designed and implemented by a single person who may or may not know what they’re doing. Then fixing vulnerabilities in the protocol (e.g., not using a PBKDF) forces users to reset all their account passwords.

Companies like 1Password can afford professional security audits and should be hiring experienced professionals, meaning vulnerabilities are less likely in that respect. Vulnerabilities are perhaps also more likely to be fixed (and fixed more quickly) due to more manpower and to avoid their reputation being tarnished. A deterministic password manager may be unmaintained. Lastly, these companies generally manage to fix things without the user noticing.

Salt Reuse

The salt for password hashing/password-based key derivation is meant to be unique but ends up remaining the same when you change your master password unless you also change your unique identifier, which isn’t intuitive when it’s something like your full name. Plus, you could then forget this change.

If the deterministic password manager is popular enough, it’s also likely multiple users will choose the same identifier if something like a full name or username is encouraged. For example, two people could have the same username on different sites. A full name or username is probably quicker to type than something more unique so could be the go-to option for users.

Improvements

Now that it’s clear deterministic password managers have many unavoidable limitations, it’s worth thinking about ways to make the best of a bad situation. If you’re developing a new deterministic password manager, take note.

Pass The Pepper

To significantly improve the security, a pepper should be used. Assuming the pepper isn’t obtained by the attacker, it becomes computationally infeasible to crack the master password regardless of its strength.

The obvious way to implement this is a keyfile like in KeePass. This can then be stored offline on several (optionally encrypted) memory sticks for extra security. Alternatively, you could store the pepper on a YubiKey.

However, to avoid storing anything, you could implement something like BIP-39 mnemonics, explained here. This would be like Proton Mail’s two-password mode. A 12 word mnemonic is difficult to remember though and slow to type.

Limited Derivation Options

To get around sites having different password policies, instead of remembering derivation parameters (e.g., length and character sets), one could set up profiles to choose from like Spectre (e.g., short, medium, long). Forgetting the profile isn’t the end of the world because it can be trial and errored, but it does mean some sites might not be supported without manual tweaks to site passwords.

Another idea is you could generate let’s say 9 different types of passwords (different lengths/character sets) and display them in a 3x3 grid for the user. Now the user has to remember the position in a grid, which is more visual. Again, forgetting the position isn’t the end of the world, but now the user might not bother with the counter, which could lead to them using weaker site passwords.

Finally, the domain input could be used to search an embedded database of site password policies, allowing derived site passwords to meet the required criteria. However, there are obviously too many sites for this to work. It would require constant maintenance (e.g., new websites, domain changes), worsen performance, and break things if a site changed its password policy.

Retyping Master Passwords

To avoid the shoulder surfing attack when typing a hidden master password, the pepper could be included when calculating the fingerprint, or the password could be retyped to check for mistakes. However, not everybody will use a pepper, and the latter is slow plus doesn’t help if you’re misremembering or you’ve accidentally hit caps lock.

If one was to do away with being stateless, part of the PBKDF output (separate from the part used for key derivation) could be stored and used to check the typed master password before displaying the site password. But at this point, just use a traditional password manager.

Passphrases

As well as random looking passwords, a -w|--words option could be supported to derive memorable passphrases and usernames. The -l|--length option can control the number of words, -u|--uppercase for the capitalisation, -n|--numbers for whether a number is included, and perhaps a new option for the type of symbol, with a default of - or a space.

Alternatively, you could do profiles, as mentioned above, and accept that derived passphrases won’t work everywhere and that they might be harder to type (e.g., always capitalised to meet password policies).

Unique Salts

To improve the uniqueness of the salt, a full name or username alone should probably be avoided. Instead, the user could be encouraged to also include their date of birth, use an email address, or use their mobile phone number with the country code.

Perhaps a better idea is to enforce the use of an email address or phone number by using validation. This should be fine for everyone but Jack Reacher.

PBKDFs

Ordinary cryptographic hash functions must be avoided for password-based key derivation because they make password cracking very efficient. Older PBKDFs, like PBKDF2, should also be avoided because they’re not memory- or cache-hard. This means they fail to significantly reduce the advantage attackers get from using GPUs/ASICs.

Instead, an algorithm like Argon2id should be used with parameters for a large but acceptable delay (e.g., 1-2 seconds). These parameters might have to be limited to support certain types of devices though (e.g., phones).

Say No To Modulo Bias

Another design flaw in implementations is modulo bias. When generating a pseudorandom number in a range (between 0 and Rand.Max), you want all values to be equally likely (a uniform distribution). However, this only happens if (Rand.Max + 1) % n == 0.

In our case, n is the length of the character set for the derived site password (e.g., 26 if just doing lowercase letters). A single byte has a value between 0-255, so (255 + 1) % 26 = 22, not 0. In other words, 256 isn’t evenly divisible by 26 (there’s a remainder). 256 % 32, 256 % 64, and 256 % 128 don’t have a remainder (because both numbers are powers of two and the right number is smaller than the left) so don’t suffer from modulo bias.

There are several ways of avoiding modulo bias. The simplest to understand is the Simple Modular Method, which technically doesn’t eliminate the bias but makes it small enough for us not to care. Instead of randomNumbers[i] % characterSet.Length, you do UInt128(randomNumbers[i..(i + 16)]) % (UInt128)characterSet.Length. This means a 128-bit random number rather than an 8-bit random number. Whilst a 72-bit random number is sufficient following NIST SP 800-90A Rev. 1, that’s beyond the size of UInt64, so it makes sense to use UInt128.

To Use or Not to Use

The author of Spectre wrote a blog post that contains the following password wish list, claiming Spectre meets this criteria:

• I don’t want to have to remember a ton of things
• I don’t want anyone else having control over my passwords
• I don’t want to be dependent on anyone for access to my own passwords
• I don’t want to risk getting locked out of my passwords
• I don’t want passwords an authority or criminal could seize or lay siege to
• I don’t want anyone able to find, steal or discover my secrets
• I don’t want to have to do mental gymnastics to get to my secrets
• I don’t want to have to do any work when creating a new account
• I don’t want to worry about ever forgetting or losing my passwords again
• I want passwords that are scientifically good passwords
• I want passwords that are practically impossible to guess
• I want passwords that my relatives can inherit should anything happen to me
• I want passwords known exclusively by myself and the site I use them for
• Bonus: I want passwords ready for the apocalypse

By now, hopefully you realise that it doesn’t. Deterministic password managers inherently have significant limitations. They’re objectively less usable whilst more often than not having worse security than traditional password managers.

Therefore, my recommendation would be to avoid them. If you use a strong passphrase, MFA, and trust the right company, a cloud-based password manager is absolutely fine. If you want more control and extra security, use an offline password manager (and ideally keep the vault offline).

I would suggest Bitwarden (free, open source, cloud-based), 1Password (paid, closed source, cloud-based), or KeePassXC (free, open source, offline). Whatever you do, avoid LastPass like the plague.

And before someone criticises me for suggesting 1Password since it’s not open source, understand that they know what they’re doing and seem pretty on the ball. They have a detailed whitepaper, use a secret key to bolster your account password, don’t send your password to a server, have had lots of audits, and were quick to support passkeys.

Have I missed anything or made a mistake? Unconvinced? Let me know.

The good

Every talk I attended live and watched on YouTube was understandable and engaging. They were good summaries of the topic at hand, the slides were legible, and the presenters did a solid job. It was also interesting hearing how Paul Kocher, one of the winners of the Levchin Prize, studied biology and intended to be a vet, which gives people like me with no maths background hope.

There are still a few talks I intend to watch over the next few days. Some of these are very likely understandable by someone of my level and others not so much, but I think the ratio of expertise required was balanced. There also weren’t too many invited talks, and some of the lightning talks were entertaining, like Nadim Kobeissi giving out free copies of his puzzle game called Dr. Kobushi’s Labyrinthine Laboratory. Rosenpass was another cool project that got mentioned.

The bad

Firstly, I didn’t realise the slides and videos of each presentation were going to be freely available without delay. The website did have a vague note on the Program page (different from the current note after the conference), but I assumed things would be private access via login, at least initially, because there was the option to pay to attend virtually. What reinforced this was that the linked YouTube channel under RWC General hasn’t had any uploads in 3 years.

It turned out the slides were uploaded to the conference site on the day or a day before the talks, although one or two lack slides entirely. Then the recordings were uploaded to the TheIACR YouTube channel the day after and can be found easily via the RWC 2023 playlist.

As much as I appreciate free resources, this makes little sense when there’s an option to pay to attend virtually. Instead, I think people attending should have early access, meaning a delay after the conference before the resources are shared publicly. Otherwise, a major incentive for paying is gone.

The ugly

My biggest complaint is that I asked two questions in the chat and neither was read out, whereas in-person questions were being answered. This was not limited to me either; I saw someone else’s question skipped over and have been told it happened in other talks I didn’t attend live.

Being able to ask questions live seems like the only reason to pay if everything is published for free, and yet the in-person audience was clearly given priority. For the sake of fairness, it should be back and forth between in person and online. This means if time for questions runs out then both parties get equally screwed over.

And that brings me to a related problem. Most of the talks I saw ran over their allotted time, which meant no questions or only a few in-person questions and not getting to online ones. Furthermore, some talks were quite surface level and clearly could’ve gone into greater detail if more time was available. This is solvable by making talks longer and accommodating for talks running over time. Instead of 3 days, perhaps the conference could be 4 or 5. I’m guessing the idea is to limit people’s required days off work, but 20-30 minutes is simply not generous enough for most topics.

A fistful of dollars

In sum, based on this experience, just keep your fistful of dollars. You may as well wait until afterwards to watch the talks on YouTube, scroll through the slides, and email questions to the presenters for free. There’s obviously no guarantee you’ll get a reply, but there’s no guarantee your question will be answered live either.

It would seem many people cannot rate and review shows/films properly. Evidence of this can be found strewn across IMDb, Rotten Tomatoes, and Reddit. There are franchise cults for things like Star Wars, where every show and movie are seen as brilliant despite glaringly obvious flaws. There are those who review things too critically, with low scores being dropped when they find things boring or outrageous. Then there are people who claim everything is 10/10, meaning exceptional all around.

If we look at Game of Thrones, 40% of IMDb reviews for episode 3 of season 8 were 10/10. 40%! Are you having a laugh? The Long Night must be near perfect.

Moving on to episode 6, the finale, 13.1% gave it 10/10, 29% in total gave it 6+/10, and 45.8% gave it 1/10. The ratings flipped, but about a quarter of people still considered it above average.

As another example, 15.8% of reviews were 10/10 for the entirety of The Book of Boba Fett, with 12.6% being 9/10 and 25.7% being 8/10. ~55% of ratings are 8+ on IMDb.

Finally, 28.2% of Obi-Wan Kenobi reviews were 10/10, with 14.2% giving it a 9 and 16.5% giving it an 8. Nearly 60% of ratings are 8+.

Newsflash: season 8 of Game of Thrones was an objective writing catastrophe, and these recent Star Wars shows are not good, let alone excellent.

Reviewing a show/movie is more than about enjoyment or feeling. Yes, they’re entertainment, and that’s important, but enjoyment alone is a poor gauge of quality and misses the multidimensional nature of film.

Alongside this overreliance on enjoyment, I think these inaccurate reviews stem from four other main factors:

• Bias
• An inability to notice what’s going on
• An inability to think critically and objectively
• The 1-10 rating scale being tricky to grasp

Bias is never going away, some people won’t care enough about what they’re watching, and idiocy is here to stay too, especially whilst social media is so popular. However, perhaps something can be done about this 1-10 scale, and maybe that will help with the other factors to some extent. That’s where my Film Review Scale comes in.

The (partial) solution?

No matter what people say, there’s some objectivity in film reviewing. Unrealistic writing, stereotypical characters, a lack of depth, wooden acting, poor casting, an excessive runtime, unnecessary scenes, shaky cam, rapid cuts, fake or over the top action, dodgy CGI, movie looking sets, and a repetitive soundtrack are examples.

This fact and the existence of categories that should be evaluated when rating a film mean we can break down this overarching 1-10 scale and calculate a rating based on each component, with some categories being more important than others.

My Film Review Scale consists of 10 items/categories:

1. Plot
2. Characters and dialogue
3. Acting and casting
4. Pacing
5. Cinematography
6. Editing
7. Practical and visual effects
8. Production design (sets/props/costumes)
9. Sound effects and soundtrack
10. Enjoyment/feeling

Items 1 and 2 are given double the weighting because writing often makes or breaks a film, whereas people can live with some bland cinematography or dated visual effects.

Each item is rated using a 5-point Likert scale, with lower being worse:

1. Terrible/well below average
2. Bad/below average
3. Ok/average
4. Good/above average
5. Excellent/well above average

A 5-point scale was chosen because any less would be too vague and any more could make classification overly complicated. The goal is for the scale to have utility whilst being sufficiently easy to use.

Once you add up the 1-5 rating for each item/category, you get a total score out of 60. This score can then be divided by 60, multiplied by 100, and rounded to the nearest 1-10 rating.

The scores for each category can help indicate inaccuracy, things to pay attention to upon a rewatch, and weaknesses/strengths. However, I recommend keeping some notes to clarify the good and bad.

The limitations

‘If you give a calculator to a f** r*****, he’s gonna try to turn on a TV with it’. It’s time to up your film watching game if you didn’t get this reference.

This type of mathematical scoring is not always going to align with your actual rating. That may be a good thing, or it might mean inflated scores because, for example, only the writing is bad.

Some categories were merged to reduce complexity, but how do you score a film with excellent practical effects but terrible CGI? Not that this example is a major problem for modern films given their overreliance on CG.

Editing and production design are particularly tricky to rate. Few people notice editing unless it’s blatantly terrible like for the fight scenes in Jason Bourne. Cinematography, production design, and the soundtrack are often average or unnoticeable again.

What is average? Is it average for that genre or across genres? Where do you draw the line between ‘good’ and ‘excellent’/’bad’ and ‘terrible’?

The quality of each category could vary throughout the show/film. For instance, there’s some excellent CGI in Dune (2021), but there’s also a sequence from the trailer showing loads of fighting that looks completely animated and off.

Tackling the limitations

The scale requires honesty to work properly. Hopefully the categories cue recollection and evaluation, perhaps even encouraging someone to revisit scenes, the soundtrack, or the entire film.

Sometimes making small adjustments can tip a score over. Failing that, your hypothetical score could be misleading, the scale needs a revision, or it’s not possible for this type of scale to have such accuracy.

The categories could be separated if necessary, but it’s more likely that you have to take an average of both or assess one over the other (e.g. acting rather than casting).

It should become easier to evaluate things like cinematography and editing with greater experience and attention. A lot of the time, however, these things are rather ordinary and thus don’t deserve much of a mention. An example of standout cinematography for me would be Mr Robot.

Production design really comes down to realism and believability. Sets are frequently spotless, and costumes representing metal may look like plastic. Judging the soundtrack is about its appropriateness, emotional impact, and originality/memorability.

To me, average should be across genres, although a film’s budget could arguably be taken into account. ‘Terrible’ is nearly or completely unwatchable. ‘Bad’ can be watchable, but you know there’s a lot wrong. ‘Ok’ is watchable but nothing special. ‘Good’ loses the mediocrity of ‘ok’, meaning greater quality and entertainment. Lastly, ‘excellent’ is rare and really sparks feeling/interest, going beyond merely enjoyable.

Finally, the quality per category should again be an average. If a film has some noticeably poor CGI, it shouldn’t get the highest rating. However, if it’s infrequent, then it shouldn’t get a low rating either. This is common sense, something lacking from reviewers at the extremes.

To infinity and beyond

The state of platforms like Netflix and franchises like Star Wars is in shambles. As consumers, we should want better quality products, not endless garbage. Speaking your mind is part of that, and money talks. Review what you watch, unsubscribe from Netflix, and let me know your thoughts on the scale.

Disclaimer

I’m an average gymgoer who hasn’t coached anybody or read any of the literature. The following information is based on what reputable people in the fitness industry have said and personal experience/opinion. You should fact check what I’m saying and do your own research.

You will almost certainly disagree with some exercise classifications. There will always be individual differences, and most exercises are not black and white good or bad. With the exception of stupid exercises, you should experiment to find what works for you in terms of enjoyment, results, and preventing injury.

If you find anything that’s factually inaccurate, please email me so it gets fixed. My opinion also does change from time to time after trying and hearing new things, so maybe come back here in the future.

Bodybuilding 101

Realistic expectations

Picture the person you want to look like. Chris Hemsworth? Zac Efron? The Rock? Arnold? Now scrunch up that thought and throw it in the bin. You will probably never look like any of them or completely reach your goal appearance.

Why? Because genetics are a limiting factor. If you don’t have a wide frame, you’re not going to look just like Superman. Famous people and fitness ‘influencers’ often have above average genetics whilst taking performance enhancing drugs (PEDs) that assist with building size and strength.

Luckily for you, genetics aren’t a big issue. If you train well and consistently, you will eventually look considerably better than the vast majority of people, regardless of your genetics. So, get over it. ‘Bad’ or ‘average’ genetics are not an excuse to avoid working out.

Social media

Get off social media, especially Instagram. The psychological literature suggests social media use is associated with worse mental health, and this is anecdotally the case too. You end up wasting time and constantly comparing yourself to other (often enhanced) people, which becomes depressing and disheartening rather than motivational. There are better ways to spend your time.

When it comes to YouTube, there are a few great channels to learn about lifting. My main recommendation would be Jeff Nippard. He knows what he’s talking about, his workouts consist of reputable exercises, and his videos are very well made. Sean Nalewanyj, Sean Nalewanyj Shorts, Geoffrey Verity Schofield, John Meadows, and Eugene Teo also provide loads of excellent information. There are others, but these are all you need.

Unfortunately, there are also lots of channels pumping out lower or inconsistent quality information. Examples include more recent Greg Doucette content, various (especially old) ATHLEAN-X content, Ryan Humiston, Jeremy Ethier, V Shred, and the list goes on. As a rule of thumb, question everything you hear and try to listen to what other YouTubers have to say on the topic.

Bodyweight

Unless it’s some doctor prescribed physiotherapy, don’t do pilates (e.g. weightless bicep curls). The amount of people defending it for actual muscle growth is quite sad to see. It would be more beneficial curling literally any object (e.g. a rucksack) than weightless curling. These types of exercises should be reserved for people incapable of doing regular exercises. They will not meaningfully improve your muscles because there’s little to no resistance.

However, you can build muscle and strength via bodyweight exercises alone. The trouble is it’s generally more inefficient and less effective than using weights. For example, it’s more likely that you’ll be out of breath rather than reaching failure on bodyweight squats, particularly as time goes on. Of course, there are more difficult variations, but not everybody will be able to do these. You also still need some equipment really, like a bar for pull ups/chin ups. Therefore, it’s better to mix in bodyweight exercises with some weight training instead. If you have room to do bodyweight lunges, you probably have room to have a pair of dumbbells.

Equipment

If you go to a commercial gym, equipment is probably not an issue. By contrast, if you lift at home, it’s important to prioritise owning certain equipment. Here’s an ordered list:

1. Adjustable 1-inch dumbbells: if you can afford proper 30-40kg per dumbbell adjustable ones, go for it. Otherwise, get some metal spinlock ones, which are usually either 20kg or 30kg total. Opt for more weight if possible because 20kg only means 10kg per dumbbell, which won’t last long for some exercises.
2. A bench: flat is cheaper but incline is more useful, just make sure it’s robust rather than wiggly.
3. Horse stall mats: assuming you’re inside, this is to protect the floor and weights. Avoid foam flooring because it’s too flexible for proper lifting.
4. A power rack: a half rack with storage on the back is probably best for most people unless you can afford a full rack with a cable extension at the back. Get one with a straight pull up bar and plate storage if possible. Get j-cups or put foam or cut up toilet rolls on the end of spotter arms for sound dampening.
5. A 7ft Olympic barbell: you don’t want a smaller barbell because this is the standard size that will fit racks properly and weigh 20kg on its own. Higher quality bars will have a better grip and last you indefinitely.
6. 2-inch Olympic bumper plates: rubber is better for 10kg+ plates, exercises off the floor (e.g. deadlifts), and dropping the bar. Consider iron for 2x5kg plates and possibly 2x10kg plates. Whether you buy crumb, smooth, or narrow rubber plates really depends on how much you’ll be lifting and if you want shock absorption. A set of 2x2.5kg, 2x5kg, 2x10kg or 4x10kg, 2x15kg, and 2x20kg will last ages. Then buy more (e.g. 2x25kg) if needed.
7. Accessories: for example, resistance bands, an EZ bar, drop pads, lifting straps, a belt, a landmine, a weighted vest, a trap bar, a safety squat bar, etc.
8. Machines: if you have the space and money, a cable machine, leg press machine, leg extension machine, hack squat machine, and so on are all excellent pieces of equipment. The best leg exercises really require machines sadly.

For things you intend to use forever (e.g. a barbell and a bench), don’t go cheap. However, you also don’t need the top of the line Rogue gear either. Mirafit is a brand I’d recommend if you’re in the UK. Get some used gear if you want to save money.

Certain pieces of equipment are either very low priority or not worth buying, such as multistations, kettlebells, medicine/slam balls, push up handles, anything to do with sit ups/ab training, jump boxes, a weight sled, tricep bars, Swiss bars, and so on. Save your money.

Number of exercises

As a rough guide, pick 3-6 of the recommended exercises for each body part. I strongly recommend always having the compound lifts, in some form or another, in your workout program. The different lifts you choose should also target different muscles for each body part (e.g. you should train hamstrings as well as quads for legs). Training the calves, abs, and forearms directly is optional.

If a) you’ve sustained an injury that makes it unwise to perform the exercise, b) the exercise causes you pain (even after tweaks that may help some people), or c) you absolutely hate the exercise, then you shouldn’t do that exercise. If it’s a compound lift, I would recommend ideally doing another variation (e.g. dumbbell instead of barbell bench press) rather than avoiding the movement altogether. However, there are no ‘mandatory’ exercises.

Every so often (e.g. every 10-12 weeks), it can sometimes make sense to change one or two exercises to try something new and get more variety. This could be as simple as switching from dumbbells to a barbell or vice versa. Some lifts, like side lateral raises, should stay in your program, but you can try them standing, seated, with cables, on an incline bench, etc. Experimentation is the key to finding exercises and exercise variations that work for you.

Changing exercises too frequently or infrequently will ultimately limit your progress. In the case of the former, you won’t nail the form or progress well strength wise. In the latter case, you’ll probably lose motivation and plateau.

Workout split

For the average person, I’d recommend a 3-day full body or 4-day upper/lower or push/pull split. You probably don’t want to be spending less or more time in the gym than that.

For exercise junkies and more advanced lifters, a 5-day full body or push/pull/legs split works too. 6 days a week is more like athlete level training and therefore excessive. Daily lifting would mean no rest day, which would be bad for recovery. Exercise and staying healthy should not take over your life.

The body part split, also known as the ‘bro split’, gets a lot of hate but will work if done correctly. For example, don’t just hammer out 4 or 5 exercises that train the same body part in the same way. However, the other splits are generally regarded as more optimal and help train each muscle group at least twice a week.

Compound lifts and larger muscle groups should come first in your workouts, followed by isolation exercises for smaller muscle groups and abs/calves/forearms last if you’re training those.

Sets/reps

Aim for 10-20 sets per muscle group a week. If the goal is growth rather than pure strength, the number of reps I’d roughly recommend depends on the exercise:

• Compound lifts (e.g. deadlifts): 3 or 4 sets of 5-12 reps
• Most isolation movements (e.g. bicep curls): 3 or 4 sets of 8-15 reps
• Certain isolation movements (e.g. shrugs and calf raises): 3 or 4 sets of 12-20 reps
• Rest pause: as many as possible (ideally, for a weight less than 20 reps), followed by 3 or 4 minisets to failure (e.g. 4-5 reps)
• Myo reps: as many as possible (ideally, for a weight less than 20 reps), followed by 3 or 4 minisets of 3, 4, or 5 reps (the same amount each time)

The 5-12 range helps prevent sets dragging on and form breakdown on compound lifts. Use a weight that will cause you to come close to or reach failure in the recommended range. Whatever you do, don’t restrict yourself to a specific number of reps each set when you can do many more.

Avoid one rep maxes and very heavy lifting if you want to reduce your risk of injury. In most cases (e.g. calves may be an exception), it doesn’t make sense to exceed 20 or so reps for an exercise because other factors will likely prevent you reaching failure. If you do this high of a rep range, you should up the intensity.

Intensity

People don’t like to hear this because it makes working out actually challenging, but the most important thing for growth is that you either train to failure or within 1-3 reps of failure. If you’re stopping an exercise with 10 reps in the tank, you’re largely wasting your time. To maximise muscle growth, you should be really pushing yourself to or near the limit on each set for every exercise.

With compound lifts (e.g. bench press), it’s often not safe to go to complete failure, so you should go until you’re confident that you’re about to fail, unless you’re on a smith machine or something where you could go to failure. By contrast, with isolation exercises (e.g. bicep curls), you can safely go to failure. Nobody manages to go to failure all the time, and it’s arguably unnecessary if you’re going close to failure (1-3 reps in reserve), but it provides some challenge to your workouts and helps track progress in terms of additional reps completed.

Another important and related concept is that of progressive overload, which involves increasing the stress placed upon the body. Adding weight to the bar isn’t the only way to progressive overload; you can increase the number of reps/sets, slow down more on the eccentric, do half reps/partials, do pauses/holds, do drop sets, do supersets, and so on. A lot of these techniques are really for intermediate to advanced lifters, but even as a beginner, you should be overloading in some way, typically by gradually adding weight to the bar to build up strength.

Rest

You should be resting in-between sets for ‘as little time as it takes to recover’. That’s not helpful though, so here’s what I’d recommend:

• Supersets (e.g. bicep curls then tricep pushdowns): no rest
• Rest pause or myo reps (only for isolation movements): ~15 seconds
• Isolation movements (e.g. side lateral raises): ~1 minute
• Compound lifts (e.g. bench press): ~2-3 minutes

You obviously don’t need to time your rests, but it can be helpful to keep your workouts shorter and more focused. I suggest resting 3-5 minutes between different exercises. You should probably be at the gym for somewhere between 45 minutes and 2 hours, with rests taking up a lot of that time. Supersets and rest pause are great ways to speed up a workout.

Unless exercise is your profession, it shouldn’t be taking over your life. However, you should remain consistent if you want results, meaning going to the gym at roughly the same time every workout and only taking time off when you’re too ill or injured to train, on holiday, or when you need a break after about 10-12 weeks (~3 months) of training. Skipping a workout leads to a downward spiral in gym attendance for some.

Form

Generally, use a full range of motion, control the weight, don’t overextend things like your back on deadlifts, and avoid excessively explosive movements (e.g. locking your legs out) because it probably won’t be great for your joints. Ensure that you learn and practise the proper form for each exercise you’re doing, especially for the compound lifts, which may require recording yourself and assessing the footage every so often. You don’t need to be ridiculously strict on most exercises (e.g. bicep curls), but you shouldn’t let momentum take over either.

Nutrition

If you want to gain weight, you should aim for ~200-400 calories above maintenance, which you must figure out. This will lead to putting on less body fat than ‘dirty’ bulking whilst ensuring you make more progress than staying at maintenance.

If you want to lose weight, you should aim for ~300-500 calories below maintenance. Avoid unsustainable dieting and crash dieting because you will just put the weight back on and increase your chances of developing an eating disorder. Instead, you need to find lower calorie foods that you enjoy and find filling/can eat a lot of without gaining weight. The best way of doing this is by eating more fruit and veg and having less processed foods, takeaways/restaurant meals, high calorie snacks, etc.

In terms of general advice, try to eat lots of protein every meal (~1.6+ g/kg bodyweight per day) and get in your 5 a day (e.g. a portion per main meal and with/as snacks or puddings). A portion is more than you expect for certain fruit/veg (e.g. tomatoes), so look up the amount for what you eat. Have a balanced diet that doesn’t consist of too much processed food rather than restricting yourself to specific food groups unless you have a medical or moral reason for avoiding certain foods. Eating should be enjoyable rather than sickening or a chore, so don’t stuff or starve yourself. Having a snack in the morning and afternoon is a great way to increase your calories and protein whilst decreasing hunger. Try not to skip meals; it has a psychological and physical impact.

You don’t need supplements. Many supplements are a complete waste of money (e.g. BCAAs and testosterone boosters), and many brands produce low quality products in terms of ingredients and ingredient amounts. The only two worth considering are protein powder if you can’t get enough protein from food and creatine monohydrate for potentially a slight performance boost and fuller look. Both are well researched and safe supplements, but neither are needed by any means.

Lastly, try to drink at least 2 litres of water a day, but obviously don’t try to drink insane amounts because people do die (e.g. in marathons). I’d personally recommend avoiding everything else because drinks are a common source of extra calories which people ignore and sugar, which may harm your teeth. Alcohol in particular has a long list of cons, with many of them interfering with improving your health, physique, and wellbeing. Obviously, for the same reason, don’t do things like smoking and drugs either. Caffeine is debatable as it may be beneficial, but people do get dependent on it, and too much will again cause problems like trouble sleeping.

Best and worst exercises

Chest

Best

1. Flat bench press: a fundamental compound lift for strength and size. Both the barbell and dumbbell variations are effective, with a barbell allowing you to move more weight but dumbbells giving you a greater range of motion. Use the spotter arms with a barbell you fool of a took. You should do whichever you have access to and find more comfortable. Use a shoulder width or slightly wider than shoulder width overhand grip, avoid flaring your arms out, avoid bouncing the bar off your chest, keep your wrists straight, drive your feet into the ground, and make sure you arch your back a bit, with your shoulders back and keeping your butt on the bench. Use a shoulder width grip if you get shoulder pain.
2. Incline dumbbell bench press: use an incline of 15-30 degrees to target the upper chest. Larger inclines make this more of a front delt (shoulder) exercise. The information above still applies aside from an arch.
3. Machine chest presses: the bench press but without the stabilisation or risk of being crushed. This is a good substitute to the bench press if you can’t perform it due to injury.
4. Smith machine flat bench press: this is useful if you want to go to failure or if there are no spotter arms on the rack at the gym.
5. Floor press: potentially awkward to set up but can be performed almost anywhere with dumbbells. It’s easier on the shoulders than the regular bench press, helps with the lock out, and can allow you to lift more weight.
6. Dips: typically regarded as a tricep exercise, but if you lean forwards, then it targets the entire chest, particularly the lower chest. Lower yourself until you reach about a 90-degree bend in your arm. If they’re too easy, do them weighted. Some people find this movement uncomfortable on the shoulders, sternum, and/or collarbone. If you do, avoid this exercise.
7. Push ups: don’t bother with all the fancy variations, just stick to regular, shoulder width or slightly wider than shoulder width push ups without flaring your arms out. If you find push ups to be on the easier side, do them weighted. Make sure you go as low as possible, fully extend your arms at the top, and squeeze your chest.
8. Press flyes: a combination of the dumbbell bench press and dumbbell flyes by using a neutral grip and keeping a 90-degree bend in your elbows at the bottom. This is easier on the shoulders.
9. Cable crossovers: these are more of a finisher. Instead of having your hands meet in the middle, cross your arms over so they make an X to get an extra stretch. This can be done with bands, but I’ve never found it to be as good.

Worst

• Anything with a bosu/stability ball: this is a dreadful gimmick that needs to crash and burn. All this does is make performing exercises more difficult because you have to balance. That doesn’t help with progressive overload; it limits what you can lift and how good your form can be during the exercise.
• Guillotine press: a) it’s dangerous to lower a heavy amount of weight above your neck, and b) it’s bad to have your arms excessively flared out when pressing, which is exactly what happens.
• One-arm/alternating dumbbell bench press: this creates instability and will probably cause you to fatigue sooner.
• Dumbbell flyes: this comes with a greater risk of injury compared to using cables, and you get less time under tension. If you’re going to do these, don’t go heavy.
• Dumbbell pullovers: despite what some people claim, this is primarily a back exercise that works the lats.
• Dumbbell squeeze press: this is not a popular exercise from what I’ve seen. It just sounds like a hassle trying to keep the dumbbells squeezed together. Stick to a normal dumbbell bench press, and perhaps use a neutral grip if you find that helps with shoulder pain.
• Plate/pinch press: nobody does this, and that’s because a) it’s bad and b) there’s no need to if you do the bench press. It’s more of a tricep exercise due to the arm positioning at your sides, grip will be a serious problem, and you can’t target the ‘inner’ section of your chest.
• Landmine press: this works the shoulders and triceps considerably more than the upper chest. The alignment of the weight and lack of stretch at the bottom make this an overrated chest exercise.
• Decline bench press: this shortens the range of motion and makes it harder to unrack and rack the weight. There’s little reason to do this over the flat bench press unless it helps prevent pain.
• Incline barbell bench press: it’s significantly easier and safer to set up the dumbbell variation, and you get more of a stretch at the top due to a greater range of motion.
• Fancy push up variations: a lot of them just overcomplicate the exercise. If you find push ups too easy, you’re probably either not doing them properly or should be doing them weighted.

Biceps

Best

1. Standing bicep curls: these can be done with dumbbells, a barbell, or an EZ bar to reduce the strain on your wrists. An EZ bar is best if you want to go heavier (e.g. cheat curls) or avoid wrist pain. Keep your elbows against your sides, don’t lean back or swing the weight up, and use a full range of motion, squeezing at the top. If you’re doing this with dumbbells, supinated or pronated to supinated works, and lift both dumbbells at the same time so the exercise doesn’t take twice as long.
2. Incline dumbbell curls: use a 45-degree angle on an incline bench to get an extra stretch at the bottom. This is great for the long head and makes the bottom/middle of the curl hardest.
3. Spider curls: an underrated exercise to build the short head of the biceps. It makes the top of the curl hardest. Keep your elbows locked against the bench and squeeze at the top. Put the dumbbells on a block to make them easier to grab.
4. Hammer curls: these target the brachialis, which is undertrained.
5. Cable curls: these result in greater tension throughout the lift as the cables pull your arms backward, meaning a good contraction at the bottom.
6. Preacher curls: I prefer spider curls, but this prevents you from swinging the weight and provides a good contraction at the top. Don’t go too heavy though to avoid a bicep tear.
7. Chin ups: this is a good bodyweight exercise, and you can wear a weighted vest or belt to make it harder. Use a shoulder width grip and go all the way down before bringing your chin completely above the bar.

Worst

• Reverse curls: this is a forearm exercise.
• Zottman curls: these works the forearms on the way down, which will probably fatigue curls on the way up for biceps. However, they’re time efficient for training both muscle groups.
• Pull ups and rows: these are back exercises where you should try to minimise bicep involvement.
• Concentration curls: unnecessary if you’re doing the curls I’ve recommended above properly, and these train one arm at a time, slowing down your workout and increasing boredom.
• Overhead cable curls: just an embarrassing variant of the cable curl that takes up a lot of room.
• Drag curls: they don’t feel very effective, and you might just shrug the weight up.
• Resistance band curls: if you can’t use cables, then stick to dumbbells and/or an EZ bar.
• Waiter curls: more awkward and uncomfortable on the wrists than regular bicep curls.

Triceps

Best

1. Cable pushdowns: using two ropes helps you bring your arms behind the body, which is what you want. Lean forward, keep your elbows at your sides, lock out your arms at the back, and then bring your arms back to chest level. You can also add a twist of the wrist at the bottom of each rep.
2. Lying dumbbell tricep extensions: the dumbbell version of skull crushers. This is easier on your elbows. Don’t raise the dumbbells straight above your head; your arms should be leaning back so the top position is just behind forehead level to keep the triceps engaged. Then bring the dumbbells down behind/to the sides of your head.
3. Close-grip barbell bench press: probably don’t bother if you’re already doing barbell bench press with a non-wide grip. Use a shoulder width grip and make sure you lock out. Using a smith machine is a safe way to reach failure.
4. Close-grip barbell floor press: close-grip bench press but on the floor, meaning you can lift more weight due to the decreased range of motion.
5. Overhead cable extensions: this isn’t great for some people’s elbows. Lean forward with a staggered stance, keep your elbows close to your sides, and go from slightly behind the head to straight arms.
6. Shoulder width push ups: if you can only do a bodyweight exercise, this isn’t bad. Keep your arms close to your sides and go as close to the floor as possible before fully extending your arms.
7. Dips: if you’re already doing them for chest, don’t bother. Try to keep your body slightly more upright than when doing dips for chest. This can be uncomfortable on the shoulders, sternum, and/or collarbone for some people, but using a dip machine can help.

Worst

• Barbell/EZ bar skull crushers: these will probably ruin your elbows and are rarely performed correctly. Stick to lying dumbbell tricep extensions performed behind the head.
• Pin press: feels harsher on the joints.
• Overhead dumbbell tricep extensions: these can hurt your shoulders and elbows. Using a cable is a much safer option, or you can perform this on an incline bench.
• One-arm overhead tricep extensions: one-arm exercises are slow and boring.
• French press: uncomfortable on the wrists and elbows. There are safer options.
• Bench dips: this is fine if you’re restricted to bodyweight only, but it’s often performed incorrectly and is generally worse than regular dips. Keep your hands facing out from your sides and your shoulders down and back.
• JM press: if you do this with a barbell, you’re lowering a heavy weight over your neck, which is never a good idea. With dumbbells, it’s a great way to hit yourself in the face.
• Diamond push ups: harsher on the shoulders and elbows than regular shoulder width push ups.
• Dumbbell or cable kickbacks: generally ineffective with a dumbbell due to the awful resistance curve and the fact it can’t be loaded well, meaning you either go too light or so heavy that you’re just swinging the weight around. Then using a cable is normally a one-arm exercise, which is slow and boring.
• Banded lying dumbbell tricep extensions: this is unnecessary, difficult to set up, and outright can’t be set up in certain places.
• Tate press: easy to hit yourself in the face, and it needs to be a one-arm exercise with a kettlebell to get the best stretch.
• One-arm kettlebell press: why use a kettlebell? It just knocks into your wrist and forearm. Furthermore, one-arm exercises are slow and boring.
• Landmine press: whilst this does work the triceps when using two hands, it doesn’t as a one-arm exercise. Both hit the front delts a lot.

Legs

Best

1. Barbell squats: the go-to quad exercise that builds strength. Generally, use a high bar position (you can lift more with a low bar position, but it’s more similar to the deadlift), use a shoulder width or slightly wider than shoulder width stance (this increases glute activation), keep your feet pointing slightly outwards, breathe in and brace your core before going down and breathe out at the top, don’t let your knees cave in (sort of push outwards), and go to parallel if possible but lower is unnecessary and will probably lead to butt wink. The bar should remain directly above the centre of your feet throughout the lift. Squat shoes (e.g. Adidas Powerlifts) or standing on small plates can help keep you more upright.
2. Barbell box squats: if you get knee pain or want to make squatting feel safer, then box squats are a great idea. Instead of tapping the box, sit on it without relaxing before pushing yourself back up.
3. Squat machines (e.g. the hack squat): these are an excellent accessory to or replacement for the free weight squat.
4. Leg press: this can be loaded more than the squat, focuses on the legs rather than also training the lower back, and it allows you to do forced and partial reps more safely. Grip the handles, pull yourself into the seat, use a low seat angle, and keep a slight bend in your knees rather than locking them out. Use a low, shoulder width foot position to train quads and a high (still shoulder width) position to target the glutes. You cannot target ‘inner’ and ‘outer’ quads by moving your feet around.
5. Sumo deadlifts: these provide a great stretch in the hamstrings, put less strain on the lower back compared to other deadlifts, and allow many people to lift more weight. It’s not cheating.
6. Walking or reverse lunges: these are great for the quads and glutes. Do walking if you have the room and it doesn’t hurt your knees. Reverse lunges are easier on the knees. Don’t step too far or too short, keep your chest up rather than leaning, keep your knees and hips straight/square, and let your knee get close to the floor. The biggest problem with reverse lunges especially is that it often becomes cardio, causing you to stop before you reach failure.
7. Leg extensions: another quad exercise if you can access the machine. This is an exercise to warm up with or leave until last. Grip the handles and pull yourself into the seat. Pause at the top and slowly go down.
8. Lying hamstring curls: a great exercise for the hamstrings. Position the pad around ankle level, keep your body flat on the seat, and go slower when lowering.
9. Bulgarian split squats: one of the most unenjoyable exercises. It’s a single leg exercise that’s difficult to go close to failure on because of how slow and uncomfortable it is. Probably best done with one heavy dumbbell whilst holding onto something with the other arm. It’s very effective for the quads if you can bare it and avoid cramp in your calf.
10. Romanian deadlifts: good for a hamstring stretch but regularly performed incorrectly and can be uncomfortable on the lower back. Don’t go too heavy and use lifting straps if possible. Stand feet shoulder width apart, toes pointing slightly outwards, maintain a straight back, set your hips back but not down, keep a slight bend in the knees but don’t let them travel forwards, lower the bar until just below the knees, and don’t overextend when squeezing the glutes at the top.
11. Glute ham raises: requires the machine, awkward to get in position for, and very difficult; therefore, lying hamstring curls are preferable. However, if you can perform enough reps correctly, then it’s effective. Hinge forward at the hips, control your body the whole time, don’t go completely to the bottom, and go slower on the way up.
12. Leg press calf raises: keep your legs relatively straight, toes at the bottom, and go to full extension, hold for 1-2 seconds, slowly lower the weight, hold for 1-2 seconds, and repeat. Bouncing/quickly going up and down takes the load off your calves. Go to failure. This may require a high rep range.
13. Seated calf raises: don’t do this without the machine or a smith machine because it’s considerably worse with free weights. Follow the instructions above to keep the load on your calves.
14. Single leg standing calf raises: if you don’t have access to a leg press machine, this helps speed up the bodyweight version of the exercise. Stand on a bumper plate or step, hold onto something vertical (e.g. your rack) without pulling yourself up, and follow the above instructions. Rest pause sets are great for this.
15. Donkey calf raises: another bodyweight version of calf raises, but it involves leaning forwards onto something like a barbell in a rack. Stand relatively far away, keep your feet close together, go to full extension, hold for 1-2 seconds, slowly lower yourself, hold for 1-2 seconds, and then repeat.

Worst

• Bosu ball squats: these turn the exercise into a balancing act for no good reason. You want stability to maximise tension and strength.
• Step ups and box jumps: these are boring and will not build much muscle. Furthermore, box jumps are often done stupidly high to the point that people get injured.
• Banded side steps: these provide a completely inconsistent load on the glutes.
• Glute kickbacks: these are awkward, and you won’t load the glutes maximally if done with bodyweight.
• Glute bridge: this is probably quite good with a machine, but that’s rarely available from what I’ve seen, so you’re stuck with bodyweight.
• Sled/prowler push: this requires a massive amount of room, meaning it’s not available in lots of gyms and not possible for most home gyms. It’s also more of an athletic full body exercise, although it could make sense as a finisher.
• Farmer’s walk/carry: boring, requires lots of room, needs heavy dumbbells, and is normally done as a grip strength/forearm exercise.
• Thrusters: these take away the leg focus by combining the squat with an overhead press for shoulders.
• Kettlebell swings: momentum takes over. There are way more effective exercises.
• Goblet squats: good for learning the form for barbell squats but can’t be loaded as heavily and can cause lower back pain.
• Single leg deadlifts: these are slow because only one leg is trained at a time and become a balancing act if you don’t hold onto something.
• Barbell hip thrusts: extremely uncomfortable and awkward to set up. Furthermore, most people swing the weight rather than controlling it and/or start arching their back at the top.
• Stiff leg deadlifts: these are done off the floor, whereas Romanian deadlifts are from midair/taken off a rack. They’re uncomfortable on the lower back, and people often incorrectly lock their knees when there should be a slight bend. Doing lots of deadlift variations is overkill, and sumo deadlifts won’t hit the lower back as heavily.
• Good mornings: you increase the risk of injuring your back. Stick to alternatives.
• Snatch and power clean: likely to lead to injury without appropriate training.
• Pistol squats: most people can’t do these, and they can hurt the knees.

Shoulders

Best

1. Military/overhead press: mainly done for strength purposes but hits the front delts. Standing with a barbell will allow you to lift more weight but standing or seated with dumbbells may provide a more natural movement. Avoid arching your back, go from clavicle level to arms fully extended with the head coming forwards when using a barbell, and use a neutral grip with dumbbells for a nicer lifting position, lowering the dumbbells to shoulder level.
2. Side lateral raises: these are for the side delts. Use lighter weights, lean forward a bit with a slight bend in the knees and elbows, keep your shoulders down and back, keep your core tight, and focus on pulling the weight up with your elbows. The thumb end of the dumbbells should be level or marginally pointing up to avoid internally rotating the shoulder. Stop lifting at shoulder level because going any higher will use the traps. Try them standing, seated, with cables, and leaning on an incline bench when you need variety.
3. Reverse pec deck: if this machine is available, it’s probably the most effective way of targeting the rear delts.
4. Any barbell/dumbbell row: these will help work the rear delts. I’ve not found any decent rear delt isolation movements.
5. Landmine press: easier on the shoulders than the regular overhead press if you get pain. Perform it using both hands if you want to speed it up, although that probably leads to more tricep involvement.
6. Wide-grip seated rows: perhaps a more effective alternative to the rear delt fly because it allows your arm to move behind your body and enables you to move more weight. Keep your arms out wide so your elbows are high rather than against your sides, back straight, chest up, and drive your elbows backwards as far as possible, squeezing at the end.
7. Wide-grip inverted rows: a bodyweight exercise for the rear delts. Pause and squeeze at the top. The angle you use affects the difficulty.

Worst

• Front raise: the front delts are already overdeveloped in most people since they’re trained during exercises like the bench press, and this activates the front delts less than the overhead press. The overhead press should probably be the only front delt exercise you do because it’s a compound lift for strength.
• Standing upright rows: causes shoulder pain for lots of people. If it doesn’t, go ahead. Cables may be worth a try, but I wasn’t a fan.
• Rear delt flyes: uncomfortable and limits you to using light weights. If you want to do this, try it seated, leaning far forward, and raise your arms behind you at a 45-degree angle. Cables are worth a shot too.
• Face pulls: they feel awkward, are boring, and are rarely done correctly. However, they’re good mechanically if you can endure them.
• Bent over rear delt rows: leaning that far forward is uncomfortable to the point that it can become a limiting factor in whether you can reach close to failure.
• Arnold press: arguably an overcomplicated version of the overhead dumbbell press that will limit how much you can lift. Perhaps worth a try for variety.
• Bottoms-up kettlebell press: a single arm exercise that resembles bosu ball squats in that it turns into a balancing act. You’ll be so focused on keeping the kettlebell upright that the rest of your form may breakdown, and it won’t allow you to lift as much weight.
• Kettlebell halos: I’ve never seen anybody do these.
• Half-kneeling archer row: I’ve never seen anybody do these either. It looks like more of a warmup.
• Handstand push ups: too difficult for most people and hard to get in position for.
• Incline bench press: this should be for targeting the upper chest, not focusing on the shoulders.
• Shrugs: a traps exercise.

Back

Best

1. Pull ups or lat pulldowns: pull ups require engaging the core, leading with the chest, and driving your elbows back. Use a wider than shoulder width grip to reduce bicep involvement. Pull up until at least your chin goes over the bar and control the descent. If you really struggle or dislike pull ups, you may be better off doing pulldowns. In which case, the knee pad should be tight to your leg, keep your feet planted on the floor, use an overhand 1.5 times shoulder width grip, keep your chest up, pull the bar to your upper chest, don’t use excessive momentum or be overly strict, and control the negative. Avoid doing anything behind the neck because it’s riskier for your shoulders and provides no benefit.
2. Sumo, trap bar, or conventional deadlifts: the sumo deadlift is easier on the spine and lower back but will still train the back, whereas conventional deadlifts will very much be felt in your lower back. The trap bar deadlift is a compromise between the two. Try all of them over time to find out which you prefer. There’s no need to do a different deadlift for back and legs, just deadlift once for both.
3. Seated rows: use an overhand grip to reduce bicep involvement, keep your chest up, ensure your elbows are close to your body, and focus on pulling your elbows behind the body. Avoid too much momentum, and don’t jerk the weight when getting into position/pulling.
4. Chest supported T-bar rows: using a support helps take strain off your lower back and control the weight rather than jerking it around.
5. Chest supported neutral grip rows: instead of T-bar rows, use an incline bench and dumbbells to have a more comfortable and stable version of the bent over row.
6. Meadows rows: tough on the lower back and a single arm landmine exercise, so it’s slow to set up and carry out. However, you can feel it working.
7. Shrugs: using a barbell leaning forwards slightly or dumbbells works. Don’t jerk the weight around or ego lift; move the weight in a controlled manner. Use at least a shoulder width grip, squeeze at the top, and then get a stretch at the bottom.
8. Standing cable pullovers: a better version of dumbbell pullovers. Use a straight bar or EZ bar with a shoulder width overhand grip, keep a bend in your elbows, arch your lower back slightly, lean forwards but keep the chest up, focus on driving the bar down using your elbows, and then raise the bar overhead more slowly.
9. Inverted rows: an easier version of the pull up that can be made more difficult by adjusting the angle of your body or height of the bar. Use an overhand, shoulder width grip.

Worst

• Good mornings: an unnecessary injury risk.
• Kettlebell swings: momentum takes over. There are more effective exercises.
• Kettlebell snatch: a one-arm exercise that’s not focused on the back.
• Bear row to gorilla rows, elevated plank rows, renegade dumbbell rows, planks, and other silly movements: focus on the back and don’t overcomplicate things.
• Farmer’s walk/carry: this is more of a grip strength/forearm exercise and requires lots of room.
• Pendlay rows: uncomfortable, just like the bent-over row.
• Hyperextensions: stick with deadlifts to train the lower back. You don’t need multiple lower back exercises when it gets trained from squats as well.
• Dumbbell pullovers: requires being in not the most comfortable position, problematic if you have shoulder issues, and the resistance drops off for half the movement.
• One-arm rows: requires heavy dumbbells, and it’s a single arm exercise, so it’s slow.
• Bent-over rows: uncomfortable compared to T-bar rows because of the positioning. If you can bare them, they’re great.

Abs

The abs are trained in other lifts and can be engaged whilst moving weights around. However, it does make sense to train them for added definition and to help with compound lifts especially. Having a low enough body fat percentage is important for them being visible.

Best

1. Hanging knee/leg raises: these target the whole six pack. Grab the pull up bar with a shoulder width or slightly wider grip, keep your feet together, tense/crunch the abs, roll your hips forward and up, and don’t swing your legs (aka use control up and down). Consider using lifting straps if grip is a limiting factor, although not using straps gets some extra grip/forearm training in.
2. Cable crunches: these target the whole six pack. Don’t go heavy. Grab the rope with an overhand grip above the handles, keep the rope just above your head, squeeze your glutes, tense the abs, crunch down and inwards so your head is near the floor, and avoid moving your head around. Your back should round.
3. Bicycle crunches: these will involve the obliques. Lie on the floor, put your hands up next to but not touching your head, and bring one elbow to the opposite knee whilst twisting and tensing/crunching the abs.

Worst

• Most other ab exercises (e.g. YouTube ab workouts): most of these will largely waste your time (aka be time inefficient and less effective than the above). The abs are not a special muscle group that needs daily circuit training on the floor to develop. You should do normal amounts of rest, reps, and sets. A lot of it is related to diet and being lean because otherwise the abs will either be less or not visible. These ab workouts will not thin your midsection.

Forearms

You don’t necessarily need to train forearms directly since they’re trained in other lifts, but it might be worth it if you’re lacking in that area. Unfortunately, they’re not going to be massive if there’s a genetic limitation.

Best

1. Reverse curls: perform bicep curls but with an overhand thumbless grip. This is best done with an EZ bar for less wrist strain. Keep your elbows pinned to your sides and go slower on the eccentric.
2. Hammer curls: you can really feel them working the forearms.
3. Fat Gripz reverse curls: these make it harder to grip the bar/dumbbells, which should result in more forearm activation. Maybe don’t use them for bicep curls because that might prioritise the forearms.
4. Towel pull ups or bar holds: these carry over to exercises like the deadlift. Increase the weight and/or time gradually.
5. Wrist rolling: stand on something, keep your elbows close by your sides to avoid front delt fatigue, and rotate the handles towards you to raise the plate before rotating them away from you to go back down. Repeat this until you can’t keep going. This requires light weight and can be boring but is effective if you can hold out.

Worst

• Crab walk: you’ll look like a right idiot.
• Bottoms-up kettlebell carry: a balancing act.
• Plate pinches: easy for your hands to slip.
• Zottman curls: doing bicep curls and reverse curls separately will be more effective.
• Wrist curls: it takes ages to reach failure.
• Gripper squeezes: a single arm exercise. Overtraining will probably damage your nerves.
• Dead hangs, chin up/pull up holds, etc: extremely uncomfortable and difficult to reach failure on.
• Farmer’s walk/carry: requires lots of room, a trap bar or heavy dumbbells are needed, and it’s hard to reach failure on.

Signal gets a lot of praise, and for good reason. It’s mostly well designed. However, it’s far from perfect. I’ve found it to be pretty stable (although the order of messages can be messed up on mobile), unlike Element (e.g. decryption errors for both parties), but there are various missing features, such as no support for message backups in the desktop application, something requested in a GitHub issue that has now been open for over five years! Not everybody wants to lose their messages when they switch devices Signal. It shouldn’t even be a difficult feature to implement.

There’s also the fact that you need a phone to even use the service, which was an awful design decision for a privacy messenger. The whole ‘privacy != anonymity’ argument to defend Signal is missing the point; namely, that a) you shouldn’t give out your phone number to strangers on the internet, b) there’s no need for this phone number requirement (lots of other services have managed with usernames just fine), and c) not everybody has a phone. I’ll admit that c) is unlikely nowadays, but the recommended solution of using a Google Voice number is ridiculous when the same people recommending Signal advocate against using Google services. Moreover, Google Voice requires a US phone number. It’s simply not as easy to obtain access to another phone number as some claim.

To make matters worse, Signal’s funding model is problematic. It doesn’t take a genius to realise that donations from ordinary people alone won’t be able to sustain huge amounts of bandwidth, especially when most people don’t donate to open source projects. In response to this realisation, Signal decided to join the cryptocurrency craze. What a terrible idea. Firstly, Signal is a messaging app, not a payment app. Secondly, instead of integrating Monero, the best privacy respecting cryptocurrency, they decided to rip off Monero and make a new cryptocurrency that’s worse, all whilst cashing in when people make transactions.

It’s honestly baffling why so many people defend legitimate criticisms of Signal as if they developed the app themselves. Stop burying your head in the sand and start thinking critically. The fact that support for usernames doesn’t appear to be coming any time soon, the limited business model, the disparity between features on different platforms (e.g. backups on Android but not on iOS and PC), and now the integration of cryptocurrency indicates the flawed nature of the service. If you can’t see that, it’s time to get your eyesight checked.

With that said, all the current messaging apps have problems, and Signal is one of the better ones out there. For anybody wondering why, here’s a summary of the current messaging platforms and why you shouldn’t use them:

Mainstream messengers

• WhatsApp: owned by Facebook. Need I say more? Avoid it at all costs.
• Facebook/Instagram Messenger: the clue is in the name. Also, not end-to-end encrypted by default, certain topics of conversation get censored (e.g. piracy links), and there are feature disparities between the web and app versions.
• Snapchat: unencrypted data exists on their servers, Snapchat employees can access messages, there are concerns about facial recognition data being collected and shared, the app has been found to use the camera and microphone in the background, their privacy policy states that they collect lots of personal information, and there are adverts in the app.
• Discord: well designed for everything but privacy and security. It’s not open source, and they will never support end-to-end encryption because they want to moderate chats and share data with law enforcement, meaning you should avoid it at all costs. You can be sure they’re mining your data like crazy based on their privacy policy.
• Zoom: arguably the worst service anyone can use. They outright lied about the security of their product, lots of security vulnerabilities have been found, it has ties to China, it has been banned by governments, and it’s closed source.
• Skype: are you having a laugh? Microsoft handed over Skype data as part of the PRISM surveillance program, it’s closed source, it’s not end-to-end encrypted by default, and the UI is god awful.
• Kik Messenger: not end-to-end encrypted, closed source, you can’t delete messages from the other person’s device, there are adverts in the app, and it’s full of bots.

Privacy messengers

• Telegram: lots of infosec individuals have criticised its security, it’s not end-to-end encrypted by default, all messages are permanently stored on the server by default, there’s no end-to-end encryption support in group chats, it doesn’t use the Signal protocol (MTProto is much worse), it leaks metadata, secret chats don’t sync between devices, and only the clients and API are open source.
• Element: buggy (thousands of open GitHub issues) and somewhat poorly designed for non-technical people (e.g. awful error messages, technical terms, etc). I’m talking about messages that never get decrypted. What’s the point of a messenger that sends messages that are unreadable? There are also metadata concerns, and some of the staff on GitHub are unhelpful and come across as rude.
• Keybase: acquired by Zoom, a company who blatantly lied about the security of their product. Enough said. No thanks. It’s also likely a dead project now that the Keybase team are working on Zoom.
• Wickr: only the cryptographic code is open source, it was recently acquired by Amazon, based in the US, and there’s some metadata collection.
• Threema: security vulnerabilities and poor design decisions have been found despite two audits, they engage in false marketing, it costs money to use, it used to be closed source, the server code is not open source, the servers know who is talking to who, there are no self-destructive messages, you can’t delete sent messages, and there’s no desktop application (it’s web only, although the repository has been in maintenance mode).
• Session: apparently buggy (e.g. delayed messages, bad notifications, etc) and lacking in common features found in the other messengers (e.g. voice/video calls, pasting images from the clipboard on PC, etc). So, it needs more work at present. It’s also tied to cryptocurrency stuff, which is always off-putting, and the company is based in Australia, a country that hates end-to-end encryption. Furthermore, unlike Signal, it lacks forward secrecy, backward secrecy, and deniability, which are nice to have. However, it’s open source and has now been audited.
• Wire: buggy, there are metadata concerns, the team has links to Skype, it got bought out by a US company, and they made a vague change to their privacy policy (‘sharing user data when necessary’) that can be considered concerning. However, the apps are open source, they have had several security audits, there’s no phone number requirement, and they don’t rely on donations.
• Peer-to-peer apps (e.g. Briar): limited to a specialist audience for the most part. Many of these apps are also only available on one platform (e.g. Android). Furthermore, your contact must be online at the same time as you for messages to be delivered. Therefore, they’re hard to recommend.

Let’s hope Signal gets their act together and some of the above services improve enough to be recommended.

Note: Please contact me if I’ve missed something, managed to get anything factually wrong, or things have changed when you’re reading this.

Firstly, you don’t need a computer science or maths degree to learn about cryptography. Those types of qualifications will significantly speed up the learning process when it comes to more advanced topics and may be required for very advanced topics, but in many cases, the maths behind cryptography is not necessarily important to learn. If you’re a developer, then you shouldn’t be focused on the maths. You don’t need to learn about mathematical proofs and theoretical cryptography. Ignore people telling you otherwise because they’re speaking rubbish.

Books

I’d recommend Real-World Cryptography as a first read because it’s beginner friendly and doesn’t require a mathematical background. It explains a lot of the core concepts and discusses modern algorithms, like ChaCha20-Poly1350 and AES-GCM, in enough detail. It certainly doesn’t cover everything, but that’s good because you shouldn’t jump straight into the deep end anyway.

Another less mathematical book is Everyday Cryptography. This is a much larger book covering more topics and has very positive reviews. There’s also a free eBook called Crypto 101, which is recommended by the author of Monocypher. It’s meant to offer an introduction to cryptography for programmers of all ages and skill levels, but it’s still being written and contains some missing sections.

Some other highly regarded books include Serious Cryptography, Cryptography Engineering, and Understanding Cryptography. I believe these contain noticeably more mathematical notation than the other books I’ve mentioned, so they’re probably best for more intermediate readers.

Finally, Crypto Dictionary offers a light read and will help you learn some fun facts. However, some of the definitions aren’t really definitions, some terms/algorithms have been skipped over, and it intentionally doesn’t contain much detail. This should not be your first or second read.

Courses

The course I’ve seen recommended everywhere is Cryptography I by Dan Boneh from Stanford University, but I’d strongly advise against taking this course if you’re a beginner or someone who doesn’t have a maths background. It’s also very theoretical rather than applied, which is a shame because applied cryptography is far more important for most people.

Another course that may be less mathematical is the Introduction to Applied Cryptography course from the University of Colorado, although I haven’t looked into it enough to be sure.

There are also recorded lectures from MIT, Ruhr University Bochum, and Middle East Technical University. Plus, some universities share their notes/assignments publicly. However, these are likely more mathematical.

Lastly, a bunch of recommended computer science courses can be found on the Open Source Computer Science Degree list.

Blogs/Websites

• Wikipedia contains lots of useful information and some helpful diagrams.
• Cryptography Guidelines is a document I made that outlines recommendations for cryptographic algorithm choices and parameters as well as important implementation details.
• The libsodium documentation provides a summary of information on implementing popular cryptographic algorithms properly.
• Paragon Initiative Enterprises Blog, written by a team of security professionals who develop and audit cryptography related projects.
• Neil Madden, the Security Director at ForgeRock and author of API Security in Action.
• Dhole Moments by Soatok, a freelancer.
• A Few Thoughts on Cryptographic Engineering by Matthew Green, a cryptographer and professor at Johns Hopkins University.
• Cryptologie by David Wong, the author of Real-World Cryptography.
• Little Man in My Head by Scott Contini, who has a background in security.
• Emily M. Stark, a Software Engineer working on the Google Chrome browser.
• Cryptocoding by Jean-Philippe Aumasson, which lists ‘coding rules’ for low-level implementations of cryptographic operations.
• Kudelski Security Research, written by security professionals who develop and audit cryptography related projects.
• ImperialViolet by Adam Langley, a Principal Security Engineer at Google responsible for the fix for Heartbleed.
• Loup Valliant, author of the Monocypher cryptographic library.
• Cryptography Dispatches by Filippo Valsorda, the Go security lead.

Forums

You can ask questions related to cryptography on Cryptography Stack Exchange and Reddit via r/crypto. However, I would use these as a last resort because some answers may be inaccurate and mathematical in nature rather than summarised in layman’s terms. Books are a much safer bet when it comes to locating reliable information.

Programming

Learning by doing works well. I agree with Soatok’s recommendations and would suggest progressing through the following steps over time:

1. Create simple demos of common tasks (e.g. file encryption, password hashing, key derivation, key exchange, etc) using misuse resistant/hard-to-misuse APIs from Tink, libsodium, and Monocypher, with Tink being the easiest. Be sure to read the relevant documentation before coding anything. A nice libsodium cheat sheet can be found here.
2. Implement existing protocols, such as the Noise One-Way Handshake Patterns, a port of Minisign to another language, and Signal’s X3DH key agreement protocol.
3. Design custom protocols and constructions, such as file formats for an encryption tool, XChaCha20-BLAKE3-SIV, and a committing BLAKE3 AEAD.
4. Code the simpler/less error-prone existing cryptographic primitives, such as HKDF, HMAC, ChaCha20, and BLAKE2. Always review your code against the specification and test your code using the provided test vectors.
5. Complete as many Cryptopals and CryptoHack challenges as possible in a programming language of your choice.
6. Code the more complex/error-prone existing cryptographic primitives, such as Poly1305 and Elligator. This is very tricky to get right. Ideally, get someone else to check such implementations.
7. Design new cryptographic primitives. This is extremely difficult and best left to highly experienced professionals in academia because even they design insecure algorithms.

Good luck.

My goals for what Kryptor should be have changed. Kryptor was originally inspired by how VeraCrypt was designed. I wanted to give the user choice. However, as I’ve continued to learn about cryptography, I’ve come to realise that choice is a very bad idea. The software becomes reliant on the user making wise decisions rather than it being secure by default.

In response to this realisation, I’ve designed Kryptor v3 to be more like age. However, I decided to take things further and implement Minisign like functionality. The result is a mix of the two tools with some improvements and limitations, and I think this is a good thing since a common complaint is that you shouldn’t have to download separate tools for file encryption and file signing. I just need to ensure that I don’t go overboard with features.

Now that the intro is out of the way, here’s a breakdown of what you can look forward to:

• Chunked AEAD: XChaCha20-Poly1305 with 16 KiB chunks. This change has several benefits - for example, errors are detected early, and the file only has to be processed once rather than twice, meaning improved performance.

• Fixed Argon2 parameters: A memory size of 256 MiB and 12 iterations. This is equivalent to about 1-1.2 seconds of delay, depending on the machine. I’m hoping I can get away with 256 MiB of RAM since most machines have at least 8 GB nowadays.

• Faster folder encryption: The new design uses a KEK/DEK model, meaning much faster folder encryption since password-based key derivation only occurs once for an entire folder. Each file gets encrypted with a random key.

• Authenticated asymmetric file encryption: Unlike in age, the asymmetric (technically hybrid) encryption is going to be authenticated. This means that an attacker can’t replace the ciphertext, but the sender can’t decrypt the encrypted file. The downside of this approach is that user input is more complicated, but authentication is important. Note that age is probably still preferable for multiple recipients since you have to encrypt the same file multiple times to send it to multiple people with Kryptor.

• Masked password entry: Password entry is now hidden like on Linux. Passwords are also stored in char arrays instead of as strings, allowing the password to be cleared from memory. You can leave the password entry blank to randomly generate a random passphrase.

• File signing: Kryptor uses a simplified Minisign format for detached signatures. You can specify a public key as a string or a file, whereas private keys can only be specified as a file.

• Private key encryption: XChaCha20-Poly1305 and Argon2id are used to protect generated private keys with a password.

• Exporting key pairs: When you generate a new key pair, the public key is displayed as a Base64 string in the terminal as well as being exported to a .public file. The encrypted private key is exported to a .private file.

• Code improvements: I have rewritten most of the program. I’ve reorganised the folders, made more classes, split up subroutines, and improved the performance of certain portions. I’ve also switched to .NET 5. All of this means better performance and more readable, maintainable code. It’s not perfect, but it’s a lot better.

• GitBook documentation: I’m rewriting the documentation on GitBook. This will make the documentation a lot easier to read and save me some money if I stop paying for Neocities. However, I’m not sure what I’d do about this blog if I did that.

Now for the bad news. I don’t intend to continue developing the GUI version. I know, I know. The GUI version is where it all started, and it’s also pretty easy to use. Plus, Windows users love a good GUI, and I understand why. Here’s my reasoning:

1. The new functionality is very tricky to implement with a GUI. Things like offering file encryption using asymmetric keys becomes complicated when you can enter the public key as a string or select a public key file.

2. The GUI version isn’t cross-platform. Windows Forms makes it very easy to produce a GUI program for Windows. By contrast, cross-platform GUI development is a lot more difficult - e.g. you need to learn another language just to write the GUI! I don’t know why there aren’t more drag and drop solutions.

3. I don’t want to have to work on two projects at once. I could make a code library for the main code, but this wouldn’t completely solve the problem (see point 2). It’s a lot easier to just work on one version of the program.

4. Having different versions makes downloading the program a bit more confusing. A minor point but still worth a mention.

That will wrap up this blog post. If you’re interested in the technical details, then you can check out the GitBook documentation here. Note that some of these details aren’t final; I’m still changing certain things. Feel free to email me with any feedback on the design or documentation.

Despite my concerns based on the gameplay, I once again preordered Cyberpunk 2077 ready for the launch in November. Real stupid, I know. When the game got delayed until the 10th of December, I suspected there were going to be lots of bugs and issues, but I didn’t cancel my preorder this time. The hype got me again, and I was hoping that CD Projekt Red would pull through. Boy, was I wrong.

I only have about 10 hours in game so far, but I can say with confidence that there are a lot of problems with the game at present. Some of these are fixable (like bugs and crashes), whilst other things probably won’t be changed much (like the NPCs).

If you haven’t bought or started playing the game yet, then I suggest you wait at least 6 months before playing to allow the main issues to be ironed out. Don’t be fooled by the positive reviews; this game has a lot of flaws, as I will explain below.

Hype

Before the launch, some people were claiming that the hype was a positive thing for CD Projekt Red since it resulted in lots of preorders. That’s a fair point, but it’s clear that the hype has come back to bite them, and I expect there have been quite a few refunds now too.

CD Projekt Red hyped the game up for two years with gameplay videos and promises, and then they released a buggy game that doesn’t even meet realistic expectations like having a game that doesn’t crash, contains few bugs, and fulfils what was promised.

Besides the reports of developer crunch, I used to think CD Projekt Red was one of the good guys, but their handling of the current fallout and very dodgy marketing practices deserve to be heavily criticised. I hope their reputation goes down because of this as they don’t deserve to be on a pedestal any longer after this abysmal launch.

With that said, the gaming community also played a large role in overhyping the game on forums and social media. I hope people have learnt a few lessons. For example, just because a company produced a good game before doesn’t mean they’ll do it again. I know I certainly have and won’t be preordering a game again.

Bugs

I have been lucky enough not to encounter too many bugs so far after about 10 hours of playing. The main things I’ve noticed include:

• Horrible low resolution, delayed textures (on PC with Ultra settings).
• Flickering textures.
• Overexposed lighting when it’s sunny.
• Multiple phone calls happening at the same time, with character voices overlapping.
• No lip sync for some characters.
• Some people/objects clipping through the environment.
• NPCs popping into/out of existence in the background.
• Punching NPCs seems to deal no damage.
• Police spawning out of nowhere to attack you.
• Police forgetting about a crime after you walk into a building.
• A floating car in the prologue.
• Jackie’s hands didn’t move when the steering wheel turned.
• Weird black loading screens at the start of the game.
• The audio for the electronic flash effects when the company logos are displayed isn’t synced with the video.

The situation is a lot worse for many others, especially console players, with many people experiencing crashes, terrible performance, lots of clipping, and texture issues according to Reddit. Sony is even refunding Cyberpunk 2077 on PlayStation, which is something they don’t normally allow. They’re also apparently filing a business complaint to CD Projekt Red, assuming that source is to be believed.

The game is a mess from a stability standpoint. This is the buggiest game I’ve ever played, and I haven’t even experienced most of the issues other people are having. CD Projekt Red really screwed themselves over by having unrealistic release dates and delaying the game several times. I hope they learn their lesson, but I fear that they won’t because these game developers never do.

All new games will have bugs, but they shouldn’t have this many, things should be optimised so that performance isn’t an issue, and there shouldn’t be crashing. The state of the game on the previous gen consoles is especially unacceptable. Why even release the game on last gen consoles if it’s practically unplayable? It’s as if they didn’t bother testing the game at all.

Gameplay

Let me start with the good things because there aren’t many. At times, the graphics are very nice on Ultra settings, although I haven’t tried any other settings. The game feels kind of cool and can be enjoyable despite the flaws. The gunplay is all right, with the weapons having some recoil and sounding good. Finally, the fact that you can change settings without having to restart the game is great.

Now for the bad. Firstly, the difficulty level implementation makes enemies really bad bullet sponges. Instead, it should increase the number of enemies. I’ve noticed people on Reddit using ‘it’s an RPG’ as an excuse, but that’s rubbish. There’s no sense of realism when it takes several clips of ammo or multiple headshots to kill someone. Enemies sometimes fall over but still have health and start getting back up after you’ve shot them half a dozen times. It reminds me of The Division. I’ve turned down my difficulty from Hard in an attempt to make things better. I hope it gets better with improved gear as well.

Another issue is that the street NPCs are lifeless. They’re bland, there’s no point talking to them, they almost always tell you to ‘f*** off’, they often get stuck in a crouched position after you start shooting, some are unresponsive to you fighting, they move weirdly (e.g. sliding), they sometimes repeat the same actions (e.g. a waitress coming over to the same table with a clipboard about 10 times), and you see the same character models over and over again. The NPCs are significantly worse than in some other AAA games like Red Dead Redemption 2, but it makes sense since The Witcher 3 NPCs were also terrible.

In terms of immersion, as well as the NPCs being poor, there aren’t many buildings you can go into. The world looks decent a lot of the time, but it isn’t interactive and feels fake. CD Projekt Red made it sound like you could go into loads of buildings to do things, but they’ve just placed vending machines, some noodle stands, and lots of locked doors around the city instead. What a missed opportunity.

Then there’s the police wanted system, which causes the police to teleport to you and give up immediately if you go into a building. Fighting the cops isn’t fun either like it can be in GTA V. The police system is completely broken and worse than the implementation in GTA V in every possible way. The game would be better off without it, but this could be fixed down the line.

There’s an excessive number of phone calls from the people who give you missions. Going almost anywhere causes you to be spammed with calls about nearby missions. For example, Delamain (the AI for a luxury cab company) won’t shut up and keeps reciting the same thing after I agreed to collect some cars as a side mission. Popups are constantly appearing. It’s overwhelming and distracting.

The driving feels floaty rather than the car being firmly on the ground. When you turn around corners, the rear of the car slides all over the place as if you’re trying to drift all the time. There’s no weight to the vehicles, and you can do some really dumb parkour on the bikes. The other cars on the road are also a facade and completely unresponsive - e.g. they stop in the middle of the road, they sometimes completely disappear, and they don’t react to your driving.

There’s too much loot. Everywhere you go, there are these icons telling you that you can loot things. I want to pick up things to sell because I’m poor, but my inventory gets full very quickly. It’s ridiculous having so much loot everywhere, and it ruins the flow of the fights/stealth on missions if you feel the need to pick everything up like I do.

The gunplay is ok at best if you ignore the bullet sponge enemies. There’s something off about the guns, and the AI during fights could be better. I’m hoping some of the higher quality weapons will be better. There are also too many weapons, making it more difficult to sort through which ones you should keep and which ones you should sell/dismantle. Furthermore, getting ammo is a mess. For example, you’re only able to buy ammo from the gun dealers some of the time, so it seems you have to rely on ammo crates you find.

The melee combat is outright bad. There’s no weight to it at all, and you deal basically no damage. Furthermore, weird melee weapons can deal more damage than swords, which makes no sense.

There’s not as much customisation as CD Projekt Red promised. Why can’t we get a haircut? Why is there no body size customisation? Why are there only a few options for certain character aspects? Why is there no vehicle customisation?

The game isn’t an RPG like it was originally advertised as being. What’s funny is that CD Projekt Red agrees since they recently changed the description to ‘Action-Adventure game’. For instance, the skill tree doesn’t seem to do much, and you don’t get enough perk points to upgrade skills sufficiently. The life paths apparently don’t matter besides some missions at the start of the game and a few extra lines of meaningless dialogue. Then the dialogue options appear to force you into taking a scripted path rather than allowing for choice.

Finally, I haven’t been a fan of any of the side quests so far, although I haven’t played that many at the time of writing. It’s not very clear what you have to do for a few of them. However, some people have been saying that a lot of them are enjoyable, so perhaps there’s hope.

Story

The prologue was definitely rushed, and the driving portion was painfully scripted. Parts of that first year of friendship with Jackie should have been playable rather than just being given a cutscene.

The main quests I’ve done so far have mostly been talking and also felt scripted, but people say the story gets better as you go on. I should also mention that I’m not a fan of the braindance mechanic so far because it’s unexpectedly boring having to rewatch portions of the same video over and over. On the other hand, the voice acting has certainly been good so far besides Keanu Reeves, who is very robotic and often delivers his lines poorly.

I’m not even far into the game though, and it’s already confusing who everyone is. You do jobs for all these different people without much explanation. I don’t really know what is going on. Plus, some of the dialogue isn’t that understandable, especially the life path dialogue, which is essentially pointless. However, I expect who’s who and what’s what will be cleared up as I progress. I’ll perhaps update this section once I’ve finished the game because I realise that this is an unfair evaluation of the story.

Verdict

I’m going to keep playing and hope that things get better along the way, but there are so many issues that I doubt much will improve any time soon. Furthermore, my opinion of the game has only become worse the more I’ve played, so who knows how I’ll feel after some more hours.

If I had to rate the game in its current state, I’d probably give it a 5/10. It can be enjoyable and looks beautiful at times, but Cyberpunk 2077 is objectively worse in many ways than some games that came out years ago (e.g. GTA V, which was released in 2013). The quality of Rockstar’s recent games is the benchmark for an open-world game like this. Shame on you CD Projekt Red for not even coming close.

Update - 31/01/21

I’ve reached the point of no return in the main story now, and I’ve completed a fair number of side missions. I will admit that I have enjoyed parts of the game, but it feels strange saying that considering just how flawed Cyberpunk 2077 is.

The patches seem to have made some things worse. I’ve experienced plenty of bugs, with the slow texture loading being one of the most irritating considering I’m playing on Ultra. There have been side missions that I couldn’t complete because of glitches. The police still instant kill you during certain side missions and if you get up to a high enough number of stars.

The minimap is ridiculously small/zoomed in, meaning you miss every turn. I tried switching the minimap off, but then I just spent more time getting lost than actually doing missions. Most of the vehicles have atrocious handling, and you can’t see out of the windscreen in the cars. Bikes are the way to go.

Finally, there’s the story. It’s mediocre. Don’t believe all the praise. The main story is far too short, some of the main characters could have been better, and a lot of story seems to take place in side missions. The story side missions have been better than the main missions. It feels like I’ve played 8 main missions, with a fair chunk being dialogue. In reality, I’ve apparently played around 20 without realising since they’re so short. Don’t skip the side missions.

In sum, a rating of 5/10 is fair. When the bugs are fixed, Cyberpunk 2077 has the potential to reach 6/10. I recommend watching the review by AngryJoeShow because it’s funny and hits the nail on the head.

I’ve installed Windows 7 and Windows 10 far more times than the average person since I’ve had lots of virtual machines. I also typically reinstall Windows after a while to give the system some new life. In other words, I have had a decent amount of experience running Windows.

This year I became more invested in privacy and free and open source software (FOSS). Windows 10 is a privacy nightmare due to all the data collection that can’t be turned off, and it’s also a proprietary operating system (OS), meaning the source code isn’t publicly shared. So I decided to switch to Linux as my main OS.

I’ve tried Linux before but not properly. After watching Mr Robot, I installed Kali Linux alongside Windows. I actually did do a little on there because I was looking at an online ethical hacking course at the time, but I never even considered not using Windows. I also tested Ubuntu once, but that was out of curiosity. In sum, I lack Linux experience. I’m a noob.

My first stop was Manjaro. Manjaro is recommended by a lot of people online, most notably Linus Tech Tips. I wanted a ‘gaming distro’ because I play games on my PC, and I went for the KDE Plasma version after hearing good things about KDE. In retrospect, both of these choices were bad moves.

I don’t remember having any issues with the installation, but it didn’t take long for problems to arise. It has been eight or so months since I used Manjaro, but I remember that the system froze randomly, I had issues with pacman, there were graphical issues, setting up the ordering of multiple monitors was glitched, I had a problem with 144Hz, and KDE was glitchy (e.g. the GUI became completely unresponsive). Not exactly a smooth experience compared to Windows, which was working fine. I can’t recall experiencing any serious issues (e.g. frequent crashing/freezing) on Windows in the last two years.

Manjaro is often recommended as a ‘beginners distro’ on Reddit despite it being Arch based. Frankly, it shouldn’t be recommended at all since it sits in a category of being worse than Arch whilst being less user friendly and stable than Ubuntu based distros like Linux Mint. Not to mention some of the lazy practices and scummy attitudes of the Manjaro developers. Oh how I love the Linux community.

After I ditched Manjaro, I went back to Windows 10 for a while because stability is great. I eventually decided to try Pop!_OS since it’s also recommended as a gaming and beginner distro, with lots of people claiming that it’s a better version of Ubuntu.

Pop!_OS does look great out of the box, but it was annoying having no minimise button and not being able to click on icons on the panel to minimise them by default. Unfortunately, I have experienced my fair share of issues and have since switched distro.

The first issue I ran into was not being able to access Windows 10 on my other drive. Installing Pop!_OS hid Windows 10 from the BIOS boot options, and there was no option to boot to Windows when booting Pop!_OS. I somehow managed to resolve this issue after running some tools and reinstalling Pop!_OS, but I still had to use the BIOS to boot into Windows 10 because I never configured the EFI partition. Ideally, this isn’t something that should have to be done as a beginner to dual boot.

The main issue I had with Pop!_OS was freezing. Sometimes the OS froze 3-10 times a day. Each time, I was forced to hard reset, which probably corrupted my VeraCrypt drive since it wasn’t being dismounted properly. I luckily didn’t lose any work as a result of this freezing.

Freezing/crashing is one of the most severe issues you can experience, and the Pop!_OS team doesn’t know what’s causing the problem at the time of writing. This is an issue that other users are facing as well, although perhaps not for the same reason. I hope they manage to fix it down the line because Pop!_OS has potential to be the best Ubuntu based distro, but there are obviously stability problems based on my issues and the bugs being reported on GitHub and Reddit.

Another issue I experienced was horrible lag when deleting VirtualBox snapshots. Everything just stopped working for minutes at a time besides being able to move the cursor, and deleting a snapshot took longer than it should have. Other issues I’ve experienced include games freezing the OS, not being able to interact with the panel, the Files application crashing whilst trying to search, the screenshots tool not always working with full screen windows (e.g. videos), the night light not turning on/off, and Pop Shop updates never going away.

I know some of these are minor issues and not necessarily Pop!_OS issues, but they’re still bugs that wouldn’t exist in an ideal world. The freezing and lag were quite serious problems. It’s sad that I’ve experienced so much freezing on the Linux distros I’ve tried so far.

I decided I needed to switch from Pop!_OS in an attempt to find something more stable. However, I’m not a fan of most of the distros based on reported stability issues, their default appearance, application support, etc. Windows 10 has problems, but it also does some things right. There are lots of Linux distros, but it seems like most of them aren’t great.

Most Linux distros for desktop don’t seem as stable or polished as Windows and macOS despite lots of Linux users going on about how stable Linux is. Some of them should also be more beginner friendly and pleasant out of the box rather than requiring customisation. Then there’s the issue of the often toxic and unhelpful community who blames you for experiencing a problem and brags about how superior they are because they use Linux. It makes you wonder why bother leaving Windows or macOS at all.

Update #1

I’ve switched to Ubuntu 20.10 now, but that could have gone smoother. I tried to install 20.04, but the installer crashed 4 times. I tried Etcher, Rufus, and two different USB sticks. I also tried installing Linux Mint twice but encountered the same installer crashes (two separate errors). Installing the minimal version of 20.10 worked though. It only took me half a day to install Ubuntu. What a great use of my time.

So far I’ve experienced one serious freeze that forced me to restart and severe lag on 4 or 5 occasions for seconds to minutes when copying files. I’m talking about not being able to interact with programs, sometimes not being able to even move the cursor. The same thing happens when deleting VirtualBox snapshots (like I mentioned about Pop!_OS). God knows what’s up with Ubuntu. It looks like it’s more than just a Pop!_OS issue.

With that said, Ubuntu is proving to be more stable than Pop!_OS, but there’s obviously room for improvement. Things have been better since I selected the latest GPU driver and upgraded my kernel to 5.9, but I haven’t tried copying lots of files or deleting a VirtualBox snapshot yet. I still can’t get any Steam games to run at the moment on NTFS or ext4. The claim that Linux is just as good as or better than Windows for gaming is bogus. There are lots of hurdles you need to go through, the stability of games is worse, and fewer games are supported.

I want to like Linux, but it hates me. Linux wants me to go back to Windows, and I expect the r/Linux and r/Linux Gaming communities do too because I complain about Linux far too much. Linux is perfect and Windows 10 is trash remember. However, I’m going to keep using Linux as my main OS for the time being because I want to support open source software and get some privacy back. However, I won’t be removing Windows 10 because it’s the perfect backup system for gaming and when Linux decides to break. Who knows whether I’ll end up returning to Windows completely; PC gaming, Visual Studio, and Microsoft Office are all great reasons to use Windows rather than Linux.

Update #2

It’s been a few weeks, and I’m unfortunately still experiencing some freezing on Ubuntu. I’ve tried several different versions of the kernel and am now using 5.9.12-xanmod1. Changing the kernel doesn’t seem to have done anything. The system still sometimes freezes when creating or deleting VirtualBox snapshots and copying files on the system drive. Sometimes my left monitor goes completely purple for some reason. SPSS also often causes the whole system to glitch out after doing analyses, but that might just be SPSS being crap. I might end up switching to Solus over the Christmas holiday because it’s the only alternative I like the look of.

Update #3

I did look at Solus, but I couldn’t even run the installer because my graphics card wasn’t supported. I’ve ended up going back to Windows 10 full time and just used some privacy tools and a firewall to try and tackle the telemetry issues. Dual booting honestly isn’t worth the hassle in my opinion, and Linux simply hasn’t been stable enough for me. Furthermore, the program support isn’t there. It’s all well and good saying ‘use FOSS alternatives’, but some of them aren’t as good. For example, I certainly can’t live with VSCode/VSCodium instead of Visual Studio. Don’t even get me started with gaming on Linux.