Show more

ohai infosec nerds

The Grugq is now on tootsite.



"I tell my students, ‘When you get these jobs that you have been so brilliantly trained for, just remember that your real job is that if you are free, you need to free somebody else. If you have some power, then your job is to empower somebody else."

- Toni Morrison

Somebody stop me! I got my personal @nextcloud instance up and running, and now I am installing too many apps

This is so cool 😍

I’m thinking about becoming the type of person who has a really long list of customizations for their beverage at the boba tea counter.

Spun up another server because I want to try to run my own @nextcloud instance.

Was not trying to learn the differences between `useradd` and `adduser` today, but it happened.

You should probably use `adduser`. It's built on `useradd` but takes care of more initial setup: it prompts you to set a login password, sets bash instead of sh as the default shell, creates a home directory, etc.

I got a job offer! I plan to accept. It will be my first developer role. :partyparrot:

Will have a chance to work in React/TypeScript, Node.js , Rust :rust:, and a few languages I haven't even tried.

What a wonderful way to start the weekend!

Wrote some vanilla today to keep sharp. It's amazing how much you can do without any libraries. I'm going to make a more consistent effort to avoid `npm install [bloat]` when it's not necessary.

Watching Sneakers (1992). Robert Redford as a physical pentester and social engineer before red teams got cool.

Did you know you can click an iPhone’s power button 5x, and it will disable fingerprint and facial recognition until you enter the password?

I respect Shoshana Zuboff’s work on . I am nearly finished with her book and share many of her concerns. But HOLY MOLY she likes to hold forth. I hope her work will continue to find popularizers who know how to get to the point.

The EconTalk interview:

In-depth instructional videos on identity (in a digital/auth context) from Vittorio Bertocci at Auth0:

Evidently this is the same material the company uses to train new hires!

I aim to get through all of them in the coming week.

"What both the right and left attacks on [the Communications Decency Act, Section 230] share is a willingness to use whatever excuses resonate--saving children, stopping bias, preventing terrorism, misogyny, and religious intolerance--to ensure more centralized control of online speech."

I don't know when I'll have time to run through it, but I'm really excited that made a free, 15-hour course on ethical hacking. No ads!

I spent a couple of hours on a Rust :rust: function. Drafts ran 20 lines long. The final result is 7 lines long. 🦀

The final result looks really simple and easy to think up!

Another thing I struggle with: watching pots boil (figuratively). Long download in progress? Complex computing process underway? Expecting an email? If I don’t catch myself, I’ll sot there watching and call it “busy”.

It’s a trap! Get away from it, physically if necessary!

I think got it right by allowing "Delete & re-draft" instead of "Edit" for toots.

With Edit, I don't know how you'd keep trolls from posting Thing A 😇, getting lots of boosts and favorites, then editing the toot to Thing B 😈 and claiming its popularity.

There could be an indicator that the toot was edited, but would it show which historical version of a toot each user liked? Could users unfavorite a historical version and favorite the new one, or vice versa?

It gets messy quickly.

Show more

Welcome to, an instance of the free, open source, and decentralized microblogging network Mastodon.