EricLaw

@Ericlaw
515 Followers
122 Following
307 Posts

**MOSTLY ON BLUESKY**

Seek first to understand.

Impatient optimist. Dad. Zetetic. Author. Speaker. Made Fiddler & SlickRun. 18yrs @ MSFT on web/security. My words are my own.
he/him

BlueSkyhttps://bsky.app/profile/ericlaw.bsky.social
GitHub@ericlaw1979
Bloghttps://textslashplain.com
EricLawFeb 24
Don't laugh, Firebase servers only respond to CLIENT_HELLOs with 256 bytes of 0xFF when they are very stressed out!
EricLawJan 27
Not helpful, Google. Windows where? Why?
Show threadEricLawDec 13
Show threadEricLawDec 13
@sleevi While I'm skeptical of that repositioning in the individual domain case, I think it's especially inapplicable for TLD preloads.
EricLawNov 21

@sleevi Is there some reason that the .APPLE tld is not HSTS-preloaded?

I got an email about my Apple credit card that has a HTTP link to a site under the .apple TLD.

Show threadEricLawAug 25, 2025
@malwareminigun https://github.com/ericlaw1979/clipshield if you want it now
GitHub - ericlaw1979/ClipShield

Contribute to ericlaw1979/ClipShield development by creating an account on GitHub.

GitHub
EricLawAug 25, 2025
SMS-delivered phish abusing UserInfo spoofing and suggesting a user-interaction to disable link protection.
EricLawAug 21, 2025
A proposal: AMSI Scan browser clipboard updates
EricLawJun 6, 2025
Chromium 137 started closing all browser windows when asked to close one.
EricLawJun 4, 2025
Make it make sense