I wrote JS regularly for ~20 years.

Now when I see other people committing to it seriously for new projects, everything I feel about it sounds like when people talk about their former relationship partner.

I hope they find happiness with someone else I guess.

Won't be me!

Apple loves to market themselves as privacy friendly while quietly disabling critical features like universal VPN support.

I also assume they lose 0 users over this too.


If the RIAA issues a request to remove this beautiful artwork, I will of course be forced to comply.

I wonder however what would happen if there were many many copies?

I guess they would have to hire a lot more people.

Job creation opportunity?

Show thread

"We have filed a separate Sensitive Data takedown request of this file: /widevine-l3-decryptor as it contains the secret Widevine RSA private key, which was extracted from the Widevine CDM and can be used in other circumvention technologies."


When a corporation as hostile to user freedom as Apple starts producing the silicon that their software runs on, we should all be concerned. Expect them to use it as leverage for even further control on what users can and can't do with their own computers. #appleevent

In case you need a refresher, here are just a few of the facepalm bad bugs fellow security researchers and I have found with zoom.


Never install their apps. Only use the webapp and only if all attempts to recommend alternatives fail.

Show thread

As someone with over a dozen egregious confirmed security bugs with Zoom I can't discourage their products strongly enough.

They are one of the most security negligent companies I have ever interacted with.

Good to see FTC is calling them out on it.


The GitHub identity story is still a mess.

I agree with their recent suggestions to use commit signing but it is important to note they still forge signatures and break enforcement in non obvious ways.


C-levels often defend bad security practices to me with "well XYZ fortune 500 companies think it is good enough".

Not long ago every hospital in the world didn't bother washing hands or tools between surgeries.

It is best not to assume conformity is evidence of sufficiency.

Next time we try to find bugs in democracy, let's test in staging.

Doing it in production proved a bit too disruptive last time.

Show thread

Donald Trump served as a valuable pentester for democracy, finding every hole no one else thought to exploit.

We have a lot of patches to write.

Expectation: The United States is "...one nation, indivisible, with liberty and justice for all."

Reality: We can't even get the states "united" in accepting that science is real and fascism is bad.

I have been researching trusted hardware for years, and all practical roads point to RISC-V on FPGAs.

It was really validating seeing a team not only reach the same conclusion but also present a plan to ship user verifiable hardware platform.


Show thread

Do you sometimes wish we could rewind to the 90s and start over with a new generation of tech that provably respects our freedom and privacy?

You can vote for that path with your wallet today.


First egg from my pet chickens today. For some reason it was laid in the guinea pig hutch they like to hang out in.

Just in time to help offset the limited supply chains resulting from the post election chaos.

GitHub is now threatening bans for users involved in DMCA trolling.

Good thing I started working on a HA and hardened Gitea image/pod to make it as easy as possible for people to get reliable independent git stacks up and running quickly.


Everyone says "Well I would never have the skill to repair this myself anyway".

What happens when it is out of warranty and first party repair costs more than it did stock?

Just toss it? These same companies claim to be "green".

Show thread

This behavior is why you will never see me accept products by Tesla or Apple even for free, let alone pay for them.

An entertainment device is one thing, but I won't allow myself to rely on tools that I can't actually own, alter, or repair as I please.


Show older

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!