averagesecurityguy

Christian | Husband | Father | Security Engineering Manager | Developer

averagesecurityguy boosted:
2025-07-15

Nick: this work is harmful. Rather than just saying no, I will do some good faith work to point out in greater detail the specific ways that it's harmful to our shared goals.

[]: Thanks for pointing out the ways that this is harmful. There seems to be broad agreement that you are correct about those harms. We're still going to do it, of course, and not set any limits on it. But we do hope that you will expend lots of effort to maybe keep us from doing it in the most harmful ways. Best, []

averagesecurityguy boosted:
Jeff Sikesbox464
2025-07-15

How many parked (unused) domains do you own? I have an idea and want to know if my assumption is correct.

Boost generously, please.

2025-07-10

@singe Congrats.

2025-07-10

@zak The driver got hungry?

2025-07-01

@Sempf if you are doing it right, you only need one cup.

averagesecurityguy boosted:

Need help. Someone on here draws a webcomic where they're playing d&d, but some of the players are monsters in the d&d world, but actually playing. One of them is a giant floating eye that always speaks in fancy text, some weird font. I am in need of a link to them. #webcomic #artist

Edit: found!
alarminglybad.com/

2025-06-27

@b0rk take a look at github.com/asggo/wasp. Itโ€™s not a templating library but has a lot of boilerplate for building a basic, secure web app in Golang. It uses template/html in what I think is an easy way.

averagesecurityguy boosted:
Zak :1password:zak@infosec.exchange
2025-06-26

It's pretty rare that an ad ever gets through the various filters that I have set up, but when one does, it's almost always for a VPN. I'm sure that I don't have to tell most of you this, but unless you're dealing with regionally locked content, you almost certainly don't need a personal VPN.

#security #privacy

averagesecurityguy boosted:
Numoriannumorian
2025-06-26

We just kicked off the soft-launch of Cheksuite โ€” our SaaS web vulnerability scanner. We're onboarding early users now. API scanning and powerful AI features coming soon. Read more: blog.numorian.com/introducing-

averagesecurityguy boosted:
rgegriff (On a new server)rgegriff@masto.hackers.town
2025-06-25

"Incident Commander" is a really cool sounding title they give you to make up for the fact that your day is gonna SUUUUUUCK

averagesecurityguy boosted:
craque is icumen in ๐Ÿณ๏ธโ€๐ŸŒˆdtauvdiodr@c.im
2025-06-25

Hot take: If your company holds "lunch-n-learn" sessions, your company doesn't support learning on the company dime.

averagesecurityguy boosted:
Julia Evansb0rk@jvns.ca
2025-06-24

delighted to announce that my new zine "The Secret Rules of the Terminal" is out today!!

You can get it for $12 USD here: wizardzines.com/zines/terminal

The Secret Rules of the Terminal, by Julia Evans - The cover illustration depicts three people doing arcane terminal magic in a temple with a smoking censer in the background. Each of the three people has curly brown hair and light brown skin. They are all wearing dresses, billowing cloaks, and utility belts with keyboard symbols on them. The one on the left holds a palette of paints and a brush. The one on the right has a staff with a $ symbol on it and a starfish at the top. The one in the centre has a sword and is reading from a book whose cover says โ€œ>_โ€ and โ€œ./โ€, which rests on a lectern with a smiling snake wrapped around it.
averagesecurityguy boosted:
2025-06-24

Poll: Assuming you have no plans to leave the house that day ... at what percentage of battery level on your primary mobile device do you start to get uncomfortable, and think you should charge it?

Assume you will not have access to a charger or external power pack while away (If you do end up having to leave).

(If your number is somewhere in between, choose the next lower number)

(Please RT to improve sample size.)

averagesecurityguy boosted:
2025-06-23

EDIT: Thanks all!! I'm passing along your suggestions.

Anyone know an open-source project, even a small one, that needs API docs created or improved? Asking for a #technicalWriting pro who wants more experience with API documentation. #FOSS #techcomm (bonus points if it hits interests like politics, food, beer, auto racing, mapping/OSM, civil engineering, social good...)

averagesecurityguy boosted:
2025-06-23

I've now applied for 84 jobs since January. I've had two interviews. No offers.

Since tech jobs are thin and unemployment is running out, I've been applying for bartending jobs locally.

Today I left my resume at 7 breweries with tap rooms and offered home brew. Got one "maybe in a few weeks".

Here's my resume: docs.google.com/document/d/1Hg

#jobs #jobsearch #JobsForMastodon #GetFediHired

2025-06-23

There have been a number of times I said to myself, "I should build a web application that does some cool thing," and then I would realize that is easier said than done. First, I don't like complicated frameworks, whether it's a server framework, a JavaScript front-end framework, or a CSS framework. I got my start on the Internet when people were still writing HTML, CSS, and vanilla JS and using server-side rendering. I really miss the simplicity of those days.

I contemplated relearning PHP but I have spent a number of years using Go and really liked the simplicity of their web server. The idea of routers, handlers, and HTML templates was simple enough that I thought it may work for what I want. I've spent the last few months build out a simple Go based web application starter pack (WASP) that can serve as the basis for any number of web applications.

WASP is not a framework as much as it is a boiler plate server that can be extended with your own routes, handlers, and HTML templates. It includes password-based authentication, a simple authorization scheme with unauthenticated, authenticated, and admin users, and session management. It also includes tests that cover all of the core functionality and that can be extended to cover your new functionality.

If you are familiar with Go's web server concepts and want a good base to build your next web application, give WASP a try. github.com/asggo/wasp

#golang #webapp #security

2025-06-23

@Sempf it kinda sounds like you donโ€™t have a meeting on Teams in 15 minutes. ๐Ÿ˜‚

2025-06-22

There have been a number of times I said to myself, "I should build a web application that does some cool thing," and then I would realize that is easier said than done. First, I don't like complicated frameworks, whether it's a server framework, a JavaScript front-end framework, or a CSS framework. I got my start on the Internet when people were still writing HTML, CSS, and vanilla JS and using server-side rendering. I really miss the simplicity of those days.

I contemplated relearning PHP but I have spent a number of years using Go and really liked the simplicity of their web server. The idea of routers, handlers, and HTML templates was simple enough that I thought it may work for what I want. I've spent the last few months build out a simple Go based web application starter pack (WASP) that can serve as the basis for any number of web applications.

WASP is not a framework as much as it is a boiler plate server that can be extended with your own routes, handlers, and HTML templates. It includes password-based authentication, a simple authorization scheme with unauthenticated, authenticated, and admin users, and session management. It also includes tests that cover all of the core functionality and that can be extended to cover your new functionality.

If you are familiar with Go's web server concepts and want a good base to build your next web application, give WASP a try.
github.com/asggo/wasp

averagesecurityguy boosted:
Gina HรคuรŸgefoosel@chaos.social
2025-06-22

I rarely subtoot, but when I do just to say: if an open source project that your commercial project depends on breaks something in your software stack, causing you trouble, no matter how much, that's your problem and your problem alone.

"The software is provided as is" is a part of OSS licenses for a reason, and unless we have a contract that says otherwise, I'm not part of your bloody "supply chain".

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst