Loading...

Tag trends are in beta. Feedback? Thoughts? Email me at [email protected]

What is an SBAT and why does everyone suddenly care

Client-side filtering of private data is a bad idea

SSH agent extensions as an arbitrary RPC mechanism

Why ACPI? (2023)

Digital forgeries are hard

Debugging an odd inability to stream video

Dealing with Weird ELF Libraries

Do we need to rethink what free software is? (2019)

Making SSH host certificates more usable

Why does Gnome fingerprint unlock not unlock the keyring?

Why ACPI?

Reconstructing an invalid TPM event log

Unix sockets, Cygwin, SSH agents, and sadness

Updating Fedora the unsupported way

Roots of trust are difficult

Booting Modern Intel CPUs

PSA: Upgrade your LUKS key derivation function

We need better support for SSH host certificates

PKCS#11. hardware keystores, and Apple frustrations

Build security with the assumption it will be used against your friends

Integrating Linux with Okta Device Trust

Asking ChatGPT to write my security-sensitive code for me

Blogging and Microblogging

Changing firmware config that doesn't want to be changed

End-to-end encrypted messages need more than libsignal

Making Unphishable 2FA Phishable

Making an Orbic Speed RC400L autoboot when USB power is attached

On-device WebAuthn and what makes it hard to do well

Trying to remove the need to trust cloud providers

Cloud desktops aren't as good as you'd think

More →