Episode 48

Security and Cryptography with Nadim Kobeissi


August 7th, 2020

47 mins 6 secs

Your Hosts
Special Guest

About this Episode

Hello and welcome to Sustain! On today's episode, we have special guest, Nadim Kobeissi, who runs a small company in Paris called Symbolic Software. We are going to find out how Nadim got into doing security and cryptography and all about his new project called Verifpal. We will also learn more about PEPP-PT effort, RustTLS's code, Cure53, and we discuss the effectiveness of the Code of Conduct. Download this episode to find out all this and much more!

[00:00:45] Nadim tells us what Symbolic Software does and how he got into doing security and cryptography. He also tells us he's working on another project called Verifpal.

[00:06:28] On the topic of Verifpal, Nadim tells if he plans on building services around that with his consultancy or if it's strictly use it at your own discretion.

[00:08:45] Richard asks Nadim to talk about what's been going on in the world of cryptographically analyzing contract tracing apps and how they deal with privacy and what his thoughts are. He explains the PEPP-PT effort.

[00:19:47] Richard talks about contact apps being very useful for authoritarian regimes and privacy issues with Zoom. Nadim has a story about what they are doing in China with drones.

[00:25:20] Justin wants to know what Nadim did for RustTLS, how did he get paid, and what is Cure53?

[00:31:02] Nadim tells us his thoughts of the effectiveness of COC (Code of Conduct).

[00:40:17] Nadim has a great story about being approached while walking on the street by a Green Peace guy and Red Cross.

[00:42:32] Nadim talks about technology and it doesn't have to be tribal and maybe it could be political.

[00:43:40] Nadim lets us know where we could find him on the internet.


  • [00:44:17] Justin's spotlight Youper-a pocket AI therapist.
  • [00:44:35] Eric's spotlight is the resume.io.
  • [00:45:00] Richard's spotlight is Moxie Marlinspike's website, specifically his yacht stories.
  • [00:45:58] Nadim's spotlight is a book called, Database Internals: A Deep Dive into How Distributed Data Systems Work by Alex Petrov.


Richard Littauer

Justin Dorfman

Eric Berry


Nadim Kobeissi


[00:02:41] "What government told you…no, no, no, I was just poking fun at the fact that we had really severe security vulnerabilities and the Australian government at one point issued an advisory."

[00:18:29] "It confirms a lot of my worst fears in a way that's very visceral and dramatized with a multimillion-dollar budget behind it."

[00:18:48] "There's a saying at Google that in order to get promoted at Google you have to create a chat app."

[00:19:58] "A friend of mine was saying it looks like China has been particularly good at dealing with their population and COVID, and I'm like yeah, it's been really good at dealing with it if you only qualify certain amounts of people as citizens."

[00:29:00] "Personally, I don't think I could have written code this good myself."

[00:31:32] "The code of conduct, I don't think there's anything bad about them."

[00:33:55] "As a maintainer of my own open source project, I would love to have a code of conduct for contributors."

[00:35:38] "Putting a code into your repo doesn't do anything by itself most of the time."

[00:39:53] "One final thing I feel that is a bit problematic is that you find yourself in a position where by simply having any criticism at all, you already have to defend yourself as not being morally in a gray area or criticizing some sort of greater good."

[00:42:48] "There's a lot of tribalism that's entering open source software."

*Links: *

Nadim Kobeissi-Website


Symbolic Software


DP3T-Decentralized Privacy-Preserving Proximity Tracing

Pan-European Privacy-Preserving Proximity Tracing

Exposure Notification




Moxie Marlinspike Stories-Website

Database Internals: A Deep Dive into How Distributed Data Systems Work by Alex Petrov

Black Mirror-Netflix

Support Sustain