135 reads

Ian Goldberg, the Cypherpunk Who Hacked Netscape for Fun

by ObyteMay 19th, 2025
Read on Terminal Reader
Read this story w/o Javascript

Too Long; Didn't Read

Ian Goldberg is a Canadian computer scientist and privacy advocate. He broke Netscape's security in 1995, in a few hours. His most important work is the Off-the-record (OTR) messaging protocol.

People Mentioned

Mention Thumbnail
Mention Thumbnail

Companies Mentioned

Mention Thumbnail
Mention Thumbnail

Coins Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - Ian Goldberg, the Cypherpunk Who Hacked Netscape for Fun
Obyte HackerNoon profile picture
0-item

Ian Goldberg has been one of the cypherpunks who have appeared on the TV news —and no, not in a massive legal issue like Julian Assange. Born in 1973 in Canada, he stood out early in life for his talent in math, even earning gold, silver, and bronze medals in the International Math Olympiad as a teenager. He went on to study at the University of Waterloo, earning a degree in pure math and computer science, and then completed his Ph.D. at UC Berkeley, where he focused on anonymous communication online—a topic that would shape much of his later work.

Goldberg didn’t just stay in academia. He helped build teams and technology at Radialpoint, a Canadian company focused on privacy; took sabbaticals at top universities in Europe, and eventually became a professor at the University of Waterloo. Over the years, he’s earned several prestigious awards and published numerous papers on censorship resistance, anonymous messaging, and privacy-preserving systems—always with the goal of keeping our data and identity safe.

About the TV news, that was a thing with the most popular web browser in 1995. He kind of hacked it.

Netscape vs. Cypherpunks

Today, the name Netscape means little to us, and, likely, millennials and Gen Z members have never heard of it. However, it was like Google Chrome in its era, being the dominant web browser between 1994 and 1997. It later transformed into something more familiar to us now: Firefox. And Ian Goldberg, along with David Wagner, broke its security in 1995, in a few hours. That was quite a big deal back then.


Old Netscape browser logo

To add insult to injury, they did it for fun, basically. Just because someone in the cypherpunk mailing list asked how good Netscape’s random number generator was. As it turned out, it wasn’t very good and allowed Goldberg and Wagner to break their implementation of Secure Sockets Layer (SSL –the encryption system used for secure web communications). It was a major blow to Netscape’s reputation, especially since SSL was supposed to make online shopping and banking safe.

Everyone went crazy and even TV channels and major media brands swarmed Goldberg and Wagner immediately after publication of their discoveries. In an interview, Goldberg highlighted that the massive bug happened because it was corporate, closed code, and insisted that peer-reviewed code (open-source) is always better. A couple of years later, when Netscape lost its fight against Internet Explorer, they apparently heard that advice, because they founded Mozilla Foundation and went open-source to create Firefox.

Off-the-record Messaging

Although his most famous incident, Goldberg has also been very busy beyond Netscape. One of his most important works is the cryptographic protocol Off-the-record messaging (OTR), designed to provide confidentiality and authentication for instant messaging conversations. In other words, it hides your messages from outsiders, makes sure the person you’re talking to is really who they say they are, and even helps ensure that if someone gets access to your old data, your past conversations still can’t be decrypted. Think of it like a real-life whisper: secure, personal, and hard to trace later.

What makes OTR special is that it doesn’t leave behind a digital trail that can be used to prove who said what. That’s called “deniable authentication” — during a chat, both sides know who’s talking, but afterward, there’s no way to prove a message came from you. It also uses a feature called “forward secrecy,” which means each message has its own temporary key. If one key is compromised, earlier messages stay safe.

You’ve seen OTR’s influence even if you haven’t used it directly. The Signal Protocol, used in Signal, WhatsApp, Google Messages, and even Facebook Messenger’s “Secret Conversations,” builds from OTR. This was published in 2004 by Goldberg and Nikita Borisov, and it’s still available as free and open-source software on its own webpage.

Against Censorship

Goldberg has also been designing systems that challenge online censorship. His work tackles the problem from both technical and strategic angles—building tools that bypass restrictions while also studying the motivations of those who censor and those who resist. A key example is Telex, developed in collaboration with others, which is now part of the Refraction Networking.

Instead of relying on vulnerable external proxy servers, Telex embeds resistance directly into the network's backbone. By tagging encrypted traffic in a way that’s invisible to censors but recognizable to participating Internet Service Providers (ISPs), it silently reroutes users to censored content, making blocking efforts significantly harder and costlier for authoritarian regimes.

Telex Clients Working Sample

\Another notable project Goldberg co-developed is Lavinia, a system designed to preserve access to digital documents even under intense censorship. Lavinia uses cryptographic proofs and incentive structures to reward servers for honestly storing and serving files, ensuring content remains available even if its original publisher disappears or is silenced. This approach echoes the resilience of the historical printing press but adapts it to a decentralized, digital world.

Goldberg’s contributions span technical innovation, game-theoretic analysis, and economic modeling—all aimed at strengthening the ability of individuals to access and share information freely, regardless of political boundaries.

More Software

Goldberg has spent decades designing tools that protect online privacy, focusing especially on helping users stay anonymous and avoid surveillance or censorship. His research group has contributed improvements to anonymity networks, including innovations to make them faster and more scalable. For example, they’ve worked on systems that let users browse or communicate without revealing who they are or where they're located. Goldberg was also once the chairman of the Tor Project’s board, showing his deep involvement in the development of privacy-preserving Internet infrastructure.


He’s also developed or co-developed many privacy-focused software tools. These include systems for Private Information Retrieval (PIR), which lets people access data from databases without revealing what they’re looking for—even to the database itself. He has also worked on zero-knowledge proof systems that let users prove things (like knowing a password or owning a key) without revealing sensitive information. His software includes tools for detecting attacks on Tor, defending against censorship, and making anonymous communication and payments more practical.

A fun side note: before becoming famous for creating Ethereum, Vitalik Buterin worked as a research assistant under Goldberg at the University of Waterloo. That connection highlights Goldberg’s broader impact, not just in building privacy tools but in mentoring the next generation of innovators in cryptography and decentralized technologies.

Tools for Privacy and Freedom

We need tools for privacy and autonomy, more than ever. Some years ago, Goldberg commented: “The bad guys are already able to hide their actions by compromising other people’s computers. My goal is to give the good guys the tools to maintain their privacy when they go online.” That sentiment still holds true, but today we also face invasive and unethical corporate practices, along with massive government surveillance. Centralized parties are no longer trustworthy enough, and decentralization offers a strong alternative for Internet users around the world.

Obyte is a great option for people who want more privacy and control online without relying on centralized platforms. Unlike blockchains, Obyte doesn’t use miners or “validators”—no middlemen are deciding which transactions get processed. Instead, it uses a structure called a DAG (Directed Acyclic Graph), where every user helps secure the network simply by using it. This makes Obyte more decentralized and censorship-resistant than many other systems.

The platform is also incredibly versatile. You can trade digital funds, register information securely, create smart contracts, launch customized tokens, and even verify identities—all without giving up control. For those who care deeply about privacy, Obyte offers Blackbytes, a built-in private currency that hides transaction details. It’s a powerful ecosystem for people who want freedom and privacy in the digital world, quite in line with Goldberg’s ideology and cypherpunk values.



Read more from Cypherpunks Write Code series:

Featured Vector Image by Garry Killian / Freepik

Photograph of Ian Goldberg from University of Waterloo


Trending Topics

blockchaincryptocurrencyhackernoon-top-storyprogrammingsoftware-developmenttechnologystartuphackernoon-booksBitcoinbooks