Mastodawn

Royce Williams

3.5K Followers

3.8K Following

14.9K Posts

Just doing my undue diligence.

ISP vet, password cracker (Team Hashcat), security demi-boffin, YubiKey stan, public-interest technologist, AK license plate geek. Husband to a philosopher, father to a llama fanatic. Views his.

Day job: Enterprise Security Architect for an Alaskan ISP.

Obsessed with security keys:
techsolvency.com/mfa/security-keys

My 2017 #BSidesLV talk "Password Cracking 201: Beyond the Basics":
youtube.com/watch?v=-uiMQGICeQY&t=20260s

Followed you out of the blue = stole you from someone I respect.

Blocked inadvertently? Ask!

Am I following a dirtbag? Tell me!

Suggestions welcome!

Photo: White 50-ish man w/big forehead, short beard, & glasses, grinning by a display of Alaskan license plates.

Boosts not about security ... usually are.

Banner: 5 rows of security keys in a wall case.

#NonAIContent

#hashcat #Alaska #YubiKeys #LicensePlates

P.S. I hate advance-fee scammers w/heat of 400B suns

❤️:⚛👨‍👩‍👧🛡🙊🌻🗽💻✏🎥🍦🌶🍫!

Stuff	https://www.techsolvency.com/roycewilliams/mastodon
Keybase	https://keybase.io/royce
GitHub	https://github.com/roycewilliams
LinkedIn	https://www.linkedin.com/in/roycewilliams
Gravatar	https://gravatar.com/tychotithonus
Not "dehashed"!	https://www.techsolvency.com/passwords/dehashing-reversing-decrypting/

Royce Williams 1m ago

BleepingComputer 20m ago

F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on unpatched devices.

https://www.bleepingcomputer.com/news/security/hackers-now-exploit-critical-f5-big-ip-flaw-in-attacks-patch-now/

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

BleepingComputer

Royce Williams 46m ago

Seths.blog 2h ago

Redundancy and resilience

If it's important, don't ask the team to try harder. Instead, create the conditions for ordinary effort to produce redundant outputs that reduce crises. If quality is a problem, look at the system, not the people.

https://seths.blog/2026/03/redundancy-and-resilience/

Redundancy and resilience

If it’s important, don’t ask the team to try harder. Instead, create the conditions for ordinary effort to produce redundant outputs that reduce crises. If quality is a problem, look at…

Seth's Blog

Royce Williams 49m ago

Dan Luu 3h ago

Interesting to see Copilot injecting ads into PR descriptions. Although there are a handful of older instances of this, if GitHub search is working properly, it looks like this started happening at scale around 10 days ago with more than 1k injections of this particular ad per day since then (if you search for other ad strings, you can find the rate of other ads)

https://github.com/search?q=%22%E2%9A%A1+Quickly+spin+up+copilot+coding+tasks+from+anywhere+on+your+macOS+or+Windows+machine+with+Raycast%22&type=pullrequests&s=created&o=asc&p=1

What will they think of next?

Royce Williams 19h ago

David Reamer 2d ago

Downtown Anchorage damage shortly after March 27, 1964 Good Friday Earthquake. This is looking south. K St to left, L St to right, 4th Ave at bottom. Bottom right is the Snow City building, which survived. #alaskahistory #alaska #anchoragehistory

Royce Williams 19h ago

404 Media 1d ago

“It’s known by Minnesotans as a place where executives and CEOs live,” Parr the man behind a project get the neighborhood on Google Maps told 404 Media. “Famously Walter Mondale is from North Oaks, but also like United Healthcare executives and Target executives.”
https://www.404media.co/mapping-googles-unmappable-city/

Mapping Google's Unmappable City

How filmmaker Chris Parr put North Oaks, Minnesota on the map.

404 Media

Royce Williams 19h ago

ekr 1d ago

This week on the newsletter: "How not to mandate device-based age assurance"

https://educatedguesswork.org/posts/device-based-age-assurance/

In this post, we examine a number of enacted or proposed requirements for device-based age assurance and some of the ways they can go wrong.

How not to mandate device-based age assurance

Software design by legal mandate

Royce Williams 19h ago

Show thread

Kevin Beaumont 2d ago

Really good research from Rapid7 here, where they’ve found multiple new versions of BPFdoor which do things like listen and backdoor on extremely uncommon 4G and 5G signaling protocols - it strongly suggests BPFDoor has been placed far inside telcos for surveillance.

They provide a tool to check for the new implant - I would strongly suggest telcos look for this on their Linux systems, including call infrastructure.

https://www.rapid7.com/blog/post/tr-bpfdoor-telecom-networks-sleeper-cells-threat-research-report/

BPFdoor in Telecom Networks: Sleeper Cells in the backbone

A months-long investigation by Rapid7 Labs has uncovered evidence of an advanced China-nexus threat actor placing stealthy digital sleeper cells in telecommunications networks, in order to carry out high-level espionage – including against government networks. Read more in a new blog.

Rapid7

Royce Williams 2d ago

Watching Judge Judy, it occurs to me that the People's Court was sort of early reality TV. 🤯

And then of course it reminds me of the Bloom County punchline, "Rusty [the bailiff], kick these two nuts in the butt"

Royce Williams 2d ago

My sister in driving, I know that navigating a high-school parking lot right after school gets out can be trying. But as a middle-aged person, flipping off a teenager is never a good look.

Royce Williams 3d ago

David Reamer Mar 23

As winter lingers so cruelly, I decided to look into the origins of the idiom "cabin fever." It is a more recent term than I expected, with surprising turns including President William Henry Harrison and hard cider. Below is a cabin in 1898 Beaver City. https://www.adn.com/alaska-life/2026/03/22/a-condition-born-of-cold-snow-darkness-and-distance-the-history-of-cabin-fever/