Show more

With Spaces in both Synapse and Element now, I've created one for my various projects to hold rooms for support in each one.

ajmartinez.com/tech/posts/2021

To that end, I've also started posting in each of these rooms when I update my various projects and am likely to discontinue doing so here.

The root cause of this failwhale is truly impressive. I deal with a lot of surprises on a regular basis, but social security numbers in html attributes may take the cake since I’m going to go ahead and guess those are the plaintext sort keys in the backend.

Missouri vows to prosecute journalist who found security flaw in state website - npr.org/2021/10/14/1046124278/

Honeymoon complete. Back to NL now for a few more weeks before we move back home to TX.

I heard FB was down for a long time from friends on IRC and Matrix. Even my wife didn’t really notice because we were busy hiking around the Scottish highlands all day. Perhaps if the outage resulted in an increase in quality of life it’s wise to just stay off those platforms entirely…

Always perplexed by “director of security” folks who shoot off emails that this request was blocked by me personally for its dependencies on Open Source tooling, only to follow up with a list of Enterprise Solutions that are Open Source Inside through and through.

Done did the deed. The weather was typical Scottish fall weather though the rains cleared for a few minutes just in time. Had a lovely wedding with a few of my closest friends and family. Now for a honeymoon in the Highlands.

About six months ago I reserved a crate name for a job execution framework in Rust. Over the last three weeks I've managed to cut away a little time and actually get an initial release cut. There is undoubtedly work yet to be done, and there's plenty of room to grow but this project has given me a lot of opportunities to learn Rust even better.

crates.io/crates/rtj

I don't dispute that jails are hard to break into, but they are even harder to break out of. How many of us would choose to live in a prison in real life? Instead we make risk assessments that balance personal freedom and security, and the digital world should be no different.

Show thread

The security industry has largely failed to build security measures without reducing a user's freedom more than attackers. It's not only harder to build security solutions that give users control, it reduces dependence on the vendor. This is why vendors just build jails.

Welp guess my fiancée is officially Dutch now. Her bike was stolen last night.

Today was not what one might call fun.

Email detailing what was certain to be an exploitable service thanks to extremely bad php and other regrettable decisions. This was followed by our M2M ISP breaking their firewall and taking out *global* communications for almost all of my remote devices.

On the plus side, I’ll hit 40hrs very quickly this week and I’m in no mood to violate my local labor laws by working a second more than that.

Knitting on the train always helps the time fly by.

Pulled into a meeting with a backend provider because “we sent your system a message and you rejected it!”

In the “proof” from their logs was a Java UnknownHostException.

My stay in the meeting was short.

You may be laughing now, but after the zombie apocalypse wipes out the grid and you are calculating cryptocurrency with pencil and paper, I'll be laughing (and cranking) all the way to the (probably by then barter-based) bank!

I dusted off my limited Python skills and modified Nitrokey's "Qubes OEM" installer to add support in anaconda for changing your LUKS passphrase at first boot. With that in place, we can now offer Qubes as a preinstall option: puri.sm/posts/qubes-now-a-prei

@gina we went to the other side of NL today and found hills! Amazing.

Aruba I make ya sudo gonna take ya to a root prompt I wanna own ya pretty momma. Key escrow I now know baby why don't we go. Oh I want to take you down to Ring0 we'll get there fast and then we'll take it slow. That's where we want to go way down to Ring0. threatpost.com/hpe-sudo-bug-ar

Show more
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml