EricLaw

@Ericlaw
515 Followers
122 Following
307 Posts

**MOSTLY ON BLUESKY**

Seek first to understand.

Impatient optimist. Dad. Zetetic. Author. Speaker. Made Fiddler & SlickRun. 18yrs @ MSFT on web/security. My words are my own.
he/him

BlueSkyhttps://bsky.app/profile/ericlaw.bsky.social
GitHub@ericlaw1979
Bloghttps://textslashplain.com
EricLawFeb 24
Don't laugh, Firebase servers only respond to CLIENT_HELLOs with 256 bytes of 0xFF when they are very stressed out!
EricLawJan 27
Not helpful, Google. Windows where? Why?
EricLawAug 25, 2025
SMS-delivered phish abusing UserInfo spoofing and suggesting a user-interaction to disable link protection.
EricLawAug 21, 2025
A proposal: AMSI Scan browser clipboard updates
EricLawJun 6, 2025
Chromium 137 started closing all browser windows when asked to close one.
EricLawJun 4, 2025
Make it make sense
EricLawMar 24, 2025
All of the AI bots very confidently assure me that it's not possible to send a TLS Alert before a ServerHello, but can't cite anything in the spec that directly forbids it?
EricLawMar 21, 2025
TIL: It's apparently legal to send a server_name inside a ServerHello although AFAICT most do not.
EricLawFeb 25, 2025
AMD Drivers trigger Controlled Folder Access
Show threadEricLawFeb 25, 2025
@RickByers @developers