EricLaw

@Ericlaw
515 Followers
122 Following
307 Posts

**MOSTLY ON BLUESKY**

Seek first to understand.

Impatient optimist. Dad. Zetetic. Author. Speaker. Made Fiddler & SlickRun. 18yrs @ MSFT on web/security. My words are my own.
he/him

BlueSkyhttps://bsky.app/profile/ericlaw.bsky.social
GitHub@ericlaw1979
Bloghttps://textslashplain.com
EricLawFeb 24
Don't laugh, Firebase servers only respond to CLIENT_HELLOs with 256 bytes of 0xFF when they are very stressed out!
EricLawJan 27
Not helpful, Google. Windows where? Why?
EricLawNov 21

@sleevi Is there some reason that the .APPLE tld is not HSTS-preloaded?

I got an email about my Apple credit card that has a HTTP link to a site under the .apple TLD.

EricLawAug 25, 2025
SMS-delivered phish abusing UserInfo spoofing and suggesting a user-interaction to disable link protection.
EricLawAug 21, 2025
A proposal: AMSI Scan browser clipboard updates
EricLawJun 6, 2025
Chromium 137 started closing all browser windows when asked to close one.
EricLawJun 4, 2025
Make it make sense
EricLawMar 26, 2025

Today registerProtocolHandler requires that the scheme name start with "web+" for the web platform to handle it.

Should we offer a new prefix, "local+" to signify that the web platform MUST NOT allow invoking a scheme?

EricLawMar 25, 2025
Peter GleickMar 25, 2025

Could Florida get any worse?

Florida: Yes.

https://edition.cnn.com/2025/03/25/business/florida-child-labor-laws

Florida debates lifting some child labor laws to fill jobs vacated by undocumented immigrants

Florida has been working for years to crack down on employers that hire undocumented immigrants. But that presented a problem for businesses in the state that are desperate for workers to fill low-wage and often undesirable jobs.

CNN
EricLawMar 25, 2025

Bisect is a super-power.
SysInternals' Tools are super-weapons.

https://textslashplain.com/2025/03/25/debugging-chromium/

Debugging Chromium

A customer recently complained that after changing the Windows Security Zone Zone configuration to Disable launching apps and unsafe files: The default is “Prompt” … trying to rig…

text/plain