Alun Jones

@[email protected]
136 Followers
54 Following
1.8K Posts
Father, Husband, Cancer survivor, Information Security Guy. Former Microsoft Security MVP. Loves XSS and "-alert(1)-">'-prompt(2)-'><marquee/
Alun JonesMar 19
VeeMar 18
Alun JonesMar 19
Show threadDavid Chisnall (*Now with 50% more sarcasm!*)Mar 19

@ghostinthenet @hacks4pancakes

As a child, the only time I ever heard someone say Zee when they meant Zed was Sesame Street. This built a strong subconscious bias that anyone who said Zee was probably a muppet.

Alun JonesMar 14
JA WestenbergMar 14
every open plan office was designed by someone with a corner office
Alun JonesMar 7
BillMar 6

Uhyup

#claude #orly

h/t @SheHacksPurple

Alun JonesMar 3
BrianKrebsMar 3

Oh goodie: Daylight Savings Time again this weekend! For most of my life I've been a night person. But almost like clockwork when I turned 50, my body clock started waking me up when the sun comes up, which I resisted at first but have grown used to (it's actually my fav part of the day now). But I basically have to start going to bed an hour earlier after this Sunday because then I will be wide awake an hour earlier. I would be very happy if the US followed British Columbia's lead in permanently adopting daylight time. All this moving clocks and body clocks around is just silly in 2026.

https://www.cbc.ca/news/canada/british-columbia/b-c-adopting-year-round-daylight-time-9.7111657

Reactions mixed as B.C. to end time changes, adopt year-round daylight time | CBC News

Reactions range from applause to concern as March 8 will be the last time most British Columbians have to change their clocks, B.C. Premier David Eby announced Monday.

CBC
Alun JonesMar 2

RE: https://infosec.exchange/@haveibeenpwned/116157029325192018

Wow. I wonder what comics people are asking AI to draw for them. Having seen what they ask human artists to draw for them, I am afraid.

Alun JonesFeb 24
Simon B. StøvringFeb 24

Hypocrites.

You built an industry on scraping the internet and now you’re shocked someone scraped you. You normalized the idea that anything publicly accessible is fair game for training. That’s the precedent you set. I don’t want to hear you bitch about it now.

Alun JonesFeb 13
Tagir ValeevFeb 12
Today we had a fire alarm in the office. A colleague wrote to a Slack channel 'Fire alarm in the office building', to start a thread if somebody knows any details. We have AI assistant Glean integrated into the Slack, and it answered privately to her: "today's siren is just a scheduled test and you do not need to leave your workplace". It was not a test or a drill, it was a real fire alarm. Someday, AI will kill us.
Alun JonesFeb 11
Olga Lovick (she/her)Feb 11

Happy International Day of Women and Girls in Science to those who celebrate.

Especially to those of us who get up extra-early to have an hour of research time before all the admin and teaching work kicks in.

And to those with caregiver responsibilities. And those who are struggling with mental health.

To all of us, really.

#academia #WomenAndGirlsInScience #science

Alun JonesJan 29
Beady Belle FanchannelJan 28

> As mentioned earlier, if a website doesn't include a SameSite attribute when setting a cookie, Chrome automatically applies Lax restrictions by default. However, to avoid breaking single sign-on (SSO) mechanisms, it doesn't actually enforce these restrictions for the first 120 seconds on top-level POST requests. As a result, there is a two-minute window in which users may be susceptible to cross-site attacks.

https://portswigger.net/web-security/csrf/bypassing-samesite-restrictions