grimmware

@[email protected]
51 Followers
99 Following
135 Posts

Allegedly a cybersecurity professional.

Linux container primitives, eBPF and attestation, secure architecture, threading the needle.

Follow my main for computational occultism

Less professional main@[email protected]
PronounsHe/Him
grimmwareMay 20, 2025
daniel:// stenberg://May 20, 2025

Allow us to block Copilot-generated issues (and PRs) from our own repositories on #github

https://github.com/orgs/community/discussions/159749

Allow us to block Copilot-generated issues (and PRs) from our own repositories · community · Discussion #159749

Select Topic Area Product Feedback Feature Area Issues Body I find the following two news items on the front page: https://github.blog/changelog/2025-05-19-creating-issues-with-copilot-on-github-co...

GitHub
grimmwareApr 29, 2025
Hello #dc4420 people I am bad at socialising.
Show threadgrimmwareJan 17, 2025

I'm working on a project to try to mitigate some of these risks and I affectionately call it the "loaded footguns" project.

All this risk that Google put paying customers through that frankly just boggles my mind. It's like they made it bad on purpose to drive you toward something but that other something just doesn't exist...

All I want is to be able to configure blocks and rules in an API. I would happily write the terraform provider myself.

Show threadgrimmwareJan 17, 2025
I feel like Google left space for a product upsell here and then the project got cancelled.
Show threadgrimmwareJan 17, 2025

Want to quarantine emails, block senders or create content compliance rules? Is there an API for that? No, go fuck yourself.

You have to click around in their *awful* inconsistent web interface, so obviously you can't do any configuration review.

We nearly had a fuckup the other day because the compound conditionals on the content compliance rules have to be selected from a drop-down and ANY looks a whole lot like AND and nobody could review the change before it went out.

grimmwareJan 17, 2025

Periodically I have to use Google Admin to deal with phishing reports and hot damn is it actively combusting refuse.

I tell people about the "rough edges" and they honestly don't believe me.

Here's a fun one - if you view a message in the investigate tool, and you want to inspect an attachment, it will warn you that the attachment may be dangerous but because it's a javascript button you can't right click and "save as", it will literally just yolo open the potentially malicious pdf in your browser.

How do you get around this? Go search for the same fucking email in Google Vault and export it.

grimmwareDec 13, 2024
I’ll be at BSides LDN tomorrow, hmu!
grimmwareSep 21, 2024
Also, I probably have the most neatly soldered #44CON badge because I brought all the parts home and did my first ever non-stencilled hotplate surface mount soldering with some of the equipment I’ve accumulated for it. It’s much more zen than fighting with a soldering iron and going cross-eyed.
grimmwareSep 21, 2024
Well that went pretty well #44CON
grimmwareSep 19, 2024
My #44CON talk has been pushed forward to 1600 today!