Blackswan Docs

Announcing Mandatory Face Verification & The Callsign Protocol

We're rolling out face verification for every Zoom call, replacing real names with tactical callsigns, and more. Security has never been this serious.

Time: 6 minTags: security, authentication, announcement, verification

After months of security audits and several incidents we'd rather not discuss, we're announcing the most comprehensive identity verification overhaul in Null Fellows history. Starting today, every interaction on the platform — from logging in to joining a community call — will require multi-layered biometric and behavioral authentication.

We don't take security lightly. Neither should you.

Face Verification in Every Zoom Call

Let's start with the big one.

Every virtual meeting, workshop, and community call hosted through Null Fellows will now require continuous face verification. Not just at the start. Continuously. Every 45 seconds, our proprietary FaceLock engine will scan all participants and cross-reference their live facial geometry against our member identity database.

Face verification FaceLock v3 dashboard mid-meeting. Notice the real-time confidence scores per participant.

If your confidence score drops below 97.2% — say you tilted your head too far, or you blinked at an unusual frequency — you'll receive a gentle pop-up asking you to "re-verify your humanity." You have 10 seconds to look directly into the camera and hold still. Failure to comply disconnects you from the call.

We tested this internally for two weeks. Highlights include:

  • A community lead was kicked from his own workshop three times because his new glasses confused the model
  • One member was flagged as "potentially synthetic" after getting a haircut over the weekend
  • A community standup lasted 47 minutes instead of 15 because four people kept getting re-verification prompts simultaneously

We consider these acceptable tradeoffs for airtight meeting security.

The Callsign Protocol

Effective immediately, all Null Fellows members will be assigned tactical callsigns to replace their real names across all community systems. This is non-negotiable.

Real names are a security liability. If an attacker intercepts a Discord message that says "Hey John, can you review my PR?", they now know we have a member named John. That's already too much information. With callsigns, the same message becomes "Hey RAVEN-7, can you review my PR?" — completely opaque to outsiders.

Callsigns are generated by our proprietary algorithm which combines:

  • Your member ID hash
  • The SHA-256 of your mother's maiden name
  • A random NATO phonetic alphabet word
  • A number between 1 and 49 (prime numbers only)

Some examples from the community:

Old NameNew Callsign
██████PHANTOM-13
██████CONDOR-37
██████WHISKEY-3
██████FOXTROT-47

Your callsign will replace your name in Discord, community profiles, git commits, Zoom display names, and event badges. Legal has confirmed this is fine. Our community moderators have not responded to our emails about it, which we're interpreting as approval.

Discord conversation A sample Discord conversation under the new Callsign Protocol. Notice how impossible it is to tell who anyone is.

Keystroke Cadence Authentication

Passwords are dead. MFA is dying. The future of authentication is how you type.

We've deployed a browser extension for all Null Fellows members that continuously monitors your keystroke rhythm — the precise timing between each key press and release. Our model has learned each member's unique typing fingerprint with 99.97% accuracy.

If someone else opens your browser and starts typing on the platform, the system will:

  1. Lock your session immediately
  2. Sound an alarm (configurable: klaxon, air raid siren, or the Halo theme)
  3. Send a screenshot to the #security-incidents Discord channel
  4. Dispatch a strongly-worded automated DM to a community moderator

During beta testing, the system flagged one member 14 times in a single day because he switched from coffee to decaf and his typing speed dropped by 11%. He has since switched back.

Keystroke cadence dashboard The keystroke cadence dashboard. Each member's rhythm is as unique as a fingerprint, and considerably more annoying.

Mandatory Vibe Check Authentication

This is the one we're most excited about.

Before accessing any collaborative project or submitting code on the platform, members must now pass a Vibe Check — a 30-second AI-powered assessment of your current emotional state via webcam. The system analyzes micro-expressions, posture, and pupil dilation to determine if you are in the right headspace to contribute.

Acceptable vibes for platform access:

  • Calm
  • Focused
  • Mildly caffeinated
  • "Flow state"

Rejected vibes:

  • Frustrated
  • Sleepy
  • "Just came from a meeting"
  • "Trying to fix something before standup"
  • Hungry
  • "It's Friday afternoon"

If rejected, you'll be redirected to a mandatory 5-minute breathing exercise before you can retry. After three consecutive rejections, the system will auto-schedule a 1:1 with a community mentor titled "Let's talk about your vibes."

Vibe check A member being denied platform access due to "residual meeting energy." The system recommended a 10-minute walk.

Proof of Physical Presence (PoPP)

Remote collaboration has been great, but how do we really know you're where you say you are?

Starting next month, all Null Fellows members will be required to install our PoPP app — a lightweight mobile application that periodically verifies your GPS coordinates against your declared home address. If you drift more than 50 meters from your registered location during a community event, you'll receive a push notification asking for a selfie with a visible street sign.

We understand this may seem excessive. But consider: what if someone cloned your callsign, replicated your keystroke cadence, passed the vibe check, and was contributing from a slightly different coffee shop? We can't take that risk.

What's Next

We have several additional security measures on the roadmap for Q3:

  • Blood type verification via USB-C compatible finger prick sensors (hardware shipping in June)
  • Dream journaling integration — AI analysis of dream patterns to detect insider threat indicators among community members
  • Mandatory two-person rule for git push — a second member must be on a verified Zoom call and verbally confirm the push by reciting their callsign and the first 8 characters of the commit hash
  • Retinal scan for Discord access — preventing unauthorized shitposting

We believe these measures will make Null Fellows the most secure developer community in the world, if not the most productive.

Security isn't a feature. It's a lifestyle.

Happy authenticating.

— PHANTOM-13 (formerly known as [REDACTED])

PreviousWe Built a Self-Improving DecompilerNextStart here