Mastodawn

Garva 🚀Sep 27, 2024

If we're gonna leak exploits and vulns ahead of a responsible disclosure schedule could we leak them on a Monday or something, not at the end of the work week? I'd much prefer to not be responding to the CUPS thing on a Friday.

Garva 🚀Jul 31, 2024

Nathan Jul 31, 2024

For someone with a plain old static website who literally just drags and drops the files to a plain old web server using my file browser, all of this #indieweb stuff seems so complicated!

Technology was a mistake...

Garva 🚀Jul 30, 2024

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

^ Some free underscores for #digicert certificate owners, fresh out of the oven! Get them whilst they're hot!

#infosec

(Btw you've got today to replace your digicert certificates if you're affected!)

https://www.digicert.com/support/certificate-revocation-incident

Certificate Revocation Incident | DigiCert

Garva 🚀Jul 28, 2024

Jan Jul 28, 2024

I've finally turned the talk I gave on #PragueJS in February to a blog post: https://www.bitoff.org/web-we-never-lost/
#SmallWeb

The Web We've (Never) Lost

Based on my talk for PragueJS meetup from February 2024

Garva 🚀Jul 20, 2024

Alice Averlong🏳️‍⚧️Jul 20, 2024

good lord. I pulled a microSD card out of a Raspi inside an IoT product and it appears they had some developer use a raspi to develop/test some software, and then they just yanked the SD card out of that machine and duped it on to all of their deployed products.

it's got .bash_history of the development process! there's git checkouts of private repos! WHY WOULD YOU DO THIS?

Garva 🚀Jul 11, 2024