Seth Larson

@sethmlarson
1.9K Followers
407 Following
962 Posts

Security and Fellow at the Python Software Foundation 🐍 Trans rights, BLM, Minnesoootan, retro gaming, he/him



Blog: https://sethmlarson.dev

Bloghttps://sethmlarson.dev
Signalsethmlarson.99
Seth Larson5h ago
Received the #Lego #Gameboy as a gift! My chances of doing https://buildaboy.co have suddenly increased astronomically.
Seth Larson1d ago
alexwlchan1d ago

Creating a personalised bin calendar: https://alexwlchan.net/2026/bin-calendar/

I wrote a quick post about how I create my a fridge calendar that tells me about bin day.

Python stdlib + CSS = 🚮 💚

Creating a personalised bin calendar

Every year I use Python and a bit of CSS to create a fridge calendar that tells me about bin day.

Show threadSeth Larson1d ago

My write-up on the feature after a year of using Lockdown Mode:

https://sethmlarson.dev/ios-lockdown-mode

Lockdown Mode for Apple devices

Back in September 2023 the libwebp vulnerability (also known as BLASTPASS) was being actively exploited to target a journalist's mobile device. After reading the report from Citizen Lab I learned a...

sethmlarson.dev
Seth Larson1d ago

I've been an #iOS Lockdown Mode user (and iCloud Advanced Data Security) for ~3 years now, it breaks a few things but... might be worth it to be Cellebrite and zero-day proof these days?

https://techcrunch.com/2026/03/27/apple-says-no-one-using-lockdown-mode-has-been-hacked-with-spyware/

#security #iphone

Apple says no one using Lockdown Mode has been hacked with spyware | TechCrunch

The tech giant's claim that it has not seen any successful spyware attacks targeting Apple devices with Lockdown Mode enabled comes amid a leak of hacking tools targeting users running devices with older software.

TechCrunch
Seth Larson1d ago
Show threaddaniel:// stenberg://1d ago
"researchers" can go to extreme lengths to argue for and claim there are vulnerabilities in code, but yet almost none of them ever works on actually fixing the issue. Whatever the assessment of the issue is.
Seth Larson1d ago
Happy #FediDonutFriday ! 🍩🍩
Seth Larson2d ago
Brett Cannon2d ago

RE: https://fosstodon.org/@jni/116287554201659198

I said digital attestations and `pylock.toml` would have helped with the litellm attack. People asked for more details, so I wrote a blog post explaining why. It also hopefully acts at motivation for people to use:

- Trusted publishing
- Digital attestations
- Lock files, and `pylock.toml` specifically

https://snarky.ca/why-pylock-toml-includes-digital-attestations/

So yes, @jni , I have a "human-readable intro" because I wrote one for you (and the other folks asking me questions on the subject). 😁

Seth Larson2d ago
Cleaning up hundreds of spam issues on the urllib3 issue tracker before bed. Just another day maintaining open source software :)
Seth Larson3d ago
Jon Banafato3d ago
Why is it that I keep seeing "everyone should pin their GitHub Actions versions to a SHA because that's the secure way to do it" and not "GitHub should build tooling that creates and manages Actions lockfiles by default"? Am I just missing that version and only seeing the former one boosted?
Seth Larson4d ago
Seth Larson4d ago

 LAN Party Calculator for Mario Kart, Kirby Air Ride, and F-Zero

https://sethmlarson.dev/lan-party-calculator-for-mario-kart-kirby-air-riders-and-f-zero

#gaming #mariokart #kirbyairriders #fzero #nintendo

LAN Party Calculator (Mario Kart, Kirby Air Riders, F‑Zero)

Nintendo has multiple popular racing franchises, including Mario Kart, Kirby Air Ride, and F-Zero. Each of these franchises spans multiple titles and consoles and have ways to play with more than o...

sethmlarson.dev