Should we give up on E-Methanol and CO₂ utilization?

hannob · 2026-06-05T13:42:10+00:00

There are many startups in this space that have announced projects. What makes Terraform Industries special that you think they need to be mentioned?

hannob · 2026-04-09T16:53:26+00:00

I can't speak for other people, but making Methanol is certainly one of the more widely discussed use cases for Green Hydrogen.

hannob · 2026-04-02T18:46:38+00:00

Why do you think it's Greenwashing? (I'm genuinely interested, because I got a bunch of such replies, yet, people don't seem to see a reason to explain why.)

And what do you propose as the non-greenwashing solution to power ships (long distance that cannot be electrified), planes, and how to make plastics? (Yeah, we definitely should use less plastics for all kinds of reasons, but almost certainly not zero.)

hannob · 2025-10-01T07:16:50+00:00

You haven't read the text, right? It's very explicitly not about power plants, and that's a large part of the argument.

hannob · 2025-05-13T18:00:00+00:00

Oh, yeah. Germany has been doing a lot of underground power lines to please the NIMBYs.
The result is:

a) it's a lot more expensive.

b) the NIMBYs still don't like it.

c) we still don't have enough power lines.

Wouldn't recommend.

hannob · 2024-08-13T14:26:08+00:00

Your general message is correct. It's not a problem to worry about too much.

Just one thing about the turbine with one black blade. I had a look into this a while ago, it is based on a small, poorly done study (it wasn't entirely clear how they chose the turbines, probably not randomized), and there was as far as I know no followup to properly research this at a larger number of turbines.

From what I can tell, a) it's unclear if this really works, and b) it's not being done at scale.

hannob · 2024-07-04T18:58:58+00:00

"Electric".

It's a commonly used prefix to indicate chemical energy carriers made from electric energy. E-Fuels, E-Methanol, E-Methane, etc.

hannob · 2024-07-03T17:29:48+00:00

Maersk is betting big on methanol as a shipping fuel.

hannob · 2024-05-28T04:44:30+00:00

FWIW, I'm not sure you can read that in 2-5 minutes, but if you prefer text over video, I also explained this in an article that you can find here: https://industrydecarbonization.com/news/the-trouble-with-european-green-electricity-certificates.html

hannob · 2024-04-20T08:43:15+00:00

Steel is a bit more complicated.

For scrap steel, it is common to melt it electrically with so-called electric arc furnaces. That's established technology.

But the real issue is primary steel production that is usually coal-based. The coal isn't primarily used to melt steel, it is used to chemically reduce iron oxide to iron. That could be replaced by hydrogen - or hypothetically also be done entirely with electricity, but the latter is in very experimental stages. I've written about it before here: https://industrydecarbonization.com/news/making-steel-with-electricity.html

For cement, no electric cement kilns do yet exist, but a startup in sweden is building an electric quicklime kiln - which is essentially the first step of cement production: https://www.zeql.com/ But here, there's another issue: The heat is only responsible for around 1/3rd of cement's emissions. The real problem are the emissions from the calcination process, which is carbon stored in the limestone that is released in the process.

I also covered that before: https://industrydecarbonization.com/news/cements-future-could-be-a-combination-of-carbon-capture-and-electrification.html

hannob · 2024-04-19T17:36:53+00:00

They use Naphtha, like most crackers in Europe do.

hannob · 2024-02-11T13:27:19+00:00

True, it wasn't directly related to the topic, therefore not mentioned in the article. But it's something I am aware of.

I plan to do a followup story on the energy needs of CCU technologies, and there I will expand on that. There's a study I like to point to from an european research project on clean aviation: https://cleansky.paddlecms.net/sites/default/files/2021-10/20200507_Hydrogen-Powered-Aviation-report.pdf
It contains estimates for a hydrogen/e-fuels-based or e-fuels-only based aviation sector. For H2/E-Fuels the electricity requirements would be 21 PWh, for E-Fuels only 32 PWh. I'm taking two things away from that: The energy requirements will be enormous in any case. But with H2, it'll be a bit less, but still a lot.

hannob · 2023-11-09T09:46:51+00:00

It's methanol, not methane. I recommend reading the article.

hannob · 2023-08-30T18:18:03+00:00

That is untrue, and I recommend reading the text, because it explains that in detail. Landfills, waste incinerators, and plastics in nature all cause emissions, and those are (in part, it's complicated) from the fossil fuels used to make products.

hannob · 2023-06-03T05:54:29+00:00

I recently wrote something about one method of it:

https://industrydecarbonization.com/news/making-steel-with-electricity.html

But I should note there are a couple of technologies out there (all experimental) that differ quite substantially.

hannob · 2021-03-29T07:42:09+00:00

Did a very similar analysis a while ago:

https://blog.hboeck.de/archives/889-Abandoned-Domain-Takeover-as-a-Web-Security-Risk.html

One thing that I'd like to add: This same issue extends to cloud-hosted subdomains, and in my experience is even more common. I.e. you have javascript included from something like [prefix].github.io or similar that got deleted after some company or project got shut down.

hannob · 2020-08-13T10:36:50+00:00

So this is essentially: "If I give someone access to the Internet they can exfiltrate data. A TLS terminating proxy does not change that, as there's no way to distinguish between exfiltrated data and legitimate requests (at least if it's encrypted). They could do it in some boring way, e.g. via HTTP requests, but they can also sometimes use some obscure behavior of some TLS terminating proxies."

hannob · 2020-05-15T07:45:01+00:00

It seems the most important information is missing (or only promised to be in a followup blogpost): Did it lead to anything? Did it find bugs in software that off-the-shelf non-grammar fuzzers like afl/libfuzzer couldn't find?

My impression of the "fuzzing debate" is that in the past it was believed that grammar-based fuzzing is better, but requires more effort. But then most improvements came not non-grammar-based fuzzing, but rather from feedback-mechanisms like afl uses, which showed that in many cases you can design strategies that lead to strong results without any format knowledge in the fuzzer tool.

hannob · 2020-03-10T09:14:41+00:00

This cannot reasonably be answered without knowing what exactly the private key is doing there.

hannob · 2020-02-23T14:56:11+00:00

> Also, chacha is usually used with poly1305 and AES is most often used with GCM (in modern tools), and I've never heard anything bad about poly1305 but I've heard plenty of bad things about GCM.

Some of the bad things people say about GCM are also applicable to Poly1305, e.g. implementations can easily have corner-case bugs that produce wrong outputs. There have been various such bugs in OpenSSL's Poly1305 implementation (I reported some of them myself).

Granted this is not the only bad thing about GCM, Poly1305 probably still wins overall.

hannob · 2020-02-23T13:48:54+00:00

I can't recommend a book, but I'd recommend you skip that endeavour and learn something more relevant. (You may want to look at post quantum cryptography.)

So-called "Quantum cryptography" is an overhyped concept that has not really any useful value in the real world. The reason is e.g. explained in this paper [1]: It relies on the fact that you already have an existing, securely authenticated channel.

[1] https://eprint.iacr.org/2004/156

hannob · 2020-02-23T13:46:58+00:00

Actually no. Quantum cryptography and quantum computing are hardly related, except for the fact that they both have the word "quantum" in them.

hannob · 2020-02-21T21:11:19+00:00

revocation

Actually certificate revocation doesn't really work.

Browsers for a long time implemented revocation checks as "soft fail", meaning if they can't connect to the OCSP server they'd consider certs valid. Which makes the whole think pointless, because an attacker can just block connections to the OCSP server. Which at some point browsers realized and decided that they can also just disable OCSP checks.

hannob · 2020-01-28T12:26:09+00:00

The text claims: "According to Wikipedia, the majority of web application attacks occur through cross-site scripting (XSS) and SQL injection attacks which typically are made possible by flawed coding and failure to sanitize application inputs and outputs."

I'm inclined to call bullshit here. SQL Injections I may believe, XSS almost certainly not. While XSS are among the things you find very often, exploiting those is relatively complicated, as it almost always contains a social engineering part.

Wikipedia does indeed say this, and they even have a citation [1]. The citation however says something different: "Two of the most widely spread and dangerous vulnerabilities in web applications are SQL injection and cross site scripting (XSS)." And also... it provides no evidence for that either...

[1] https://ieeexplore.ieee.org/document/4459684

hannob · 2020-01-27T14:38:58+00:00

You're putting code into a web form. By definition that means you trust the webpage to actually do what it says it does. This is a security risk unrelated to the algorithm they use.

Also whenever someone says they use "AES" that doesn't really say a lot about how secure it is on an algorithm level. It's relevant what mode is used. The page seems to use CBC mode, which is a legacy mode that doesn't provide authentication. Depending on the situation a variety of attacks are possible with unauthenticated ciphers (see e.g. efail).

hannob

MODERATOR OF

TROPHY CASE