Tom

Malware Researcher - Security enthusiast - curiosity is not a crime. Locking up knowledge and culture however is.

Tom boosted:

I deleted my Strava account and switched to a self-hosted alternative called Geo Activity Playground. More about that in my blog post.

saukki.com/2025/07/i-deleted-m

#selfhosting #homelab #cycling #strava #geoactivityplayground #regel17

Strava logo behind a blocked sign
Tom boosted:
Electronic Frontier Foundationeff
2025-07-10

EFF is 35! 🎉
We've spent three+ decades defending your rights online—and we're not slowing down: eff.org/35years

Tom boosted:
2025-07-09

The Jumperless probe has some of the most interesting engineering solutions I've seen in a soldering kit.

patreon.com/posts/soldering-pr

#Jumperless #hardwareHacking @ArchiteuthisFlux

Tom boosted:
tetris nymph :tetris:rachaelspooky@cyberpunk.lol
2025-07-06

OH RIGHT

while yall are investgating alternate browsers, STAY AWAY FROM BRAVE

• run by homopobe and financial backer of other homophobes Brendan Eich

• crypto is all over the fucking thing. they drip feed users tiny amounts of crypto for unblocking certain ads and fill the home screen with crypto trackers and shit

• they "block ads" but inject their own affiliate links into sites you view

this is not the browser youre looking for

Tom boosted:
daniel:// stenberg://bagder
2025-07-06

The QUIC-in-kernel dream is still alive: marc.info/?l=linux-netdev&m=17

Tom boosted:
leo vriska :light2:leo@60228.dev
2025-07-04

decided to check jira to see why ao3 was down bc i remembered i'm in their atlassian org and can just do that

The last bookmark created on production has the ID 2147483647, which is the last ID you can use with an INT column.

lmao

Tom boosted:
2025-07-03

Debian looking for testers with Apple M1/M2 machines

lwn.net/Articles/1028224/ #LWN

Tom boosted:
2025-07-02

Just built a native arm64 ffmpeg and played around with AV1 and a random 1080p video I had laying around. First impressions:

  • libaom-av1 is unusably slow. Encoding speed of less than 0.002x on an M2 Ultra.
  • libsvtav1 is FAST. Got to an encoding speed of 12.5x on default quality, versus 4.5x for libx265 (and 2.0x for an Intel build of libx265 running under Rosetta).
  • With default settings, AV1 quality is comparable to H265.
  • AV1 file size is about 1.3x that of H265.
  • With -crf 39 (default 35) you get about the same file size as H265, but slightly worse quality.

So it looks like AV1 is kinda the zstd of video codecs. H265 still wins if you're trying to get the best quality per bit and have time/compute to spare, but AV1 gets you pretty close to that while being MUCH faster.

Tom boosted:
daniel:// stenberg://bagder
2025-06-29

Just for future reference and if anyone is curious: the seventeen AI slop security reports submitted to (so far):

gist.github.com/bagder/07f7581

Maybe this will come handy.

Tom boosted:
Linux Security Summit 🐧 LinuxSecSummit@social.kernel.org
2025-06-28
Stéphane Graber presenting Incus OS, a minimal image-based OS for deploying Incus at scale.
Slides: https://static.sched.com/hosted_files/lssna2025/24/LSSNA%202025_%20Incus%20OS.pdf
Tom boosted:
2025-06-27

The slides from our @recon talk, "Breaking Mixed Boolean-Arithmetic Obfuscation in Real-World Applications" (CC @nicolodev are now online!

Slides: synthesis.to/presentations/rec

Plugin: github.com/mrphrazer/obfuscati

Tom boosted:
Christian Brauner 🦊🐺brauner
2025-06-26

I love how Apple will now be repeating every security mistake by writing their own container runtime. I thought we're past all that but hey, let's have some more path lookup CVEs. @cyphar

github.com/apple/containerizat

Tom boosted:
Mark Holtom (aka Kingbeard)MarkHoltom@mastodonapp.uk
2025-06-23

"A cyclist is a disaster for the country's economy: he does not buy cars and does not borrow money to buy. He does not pay for insurance policies. He does not buy fuel, does not pay for the necessary maintenance and repairs. He does not use paid parking. He does not cause serious accidents. He does not require multi-lane highways. He does not get fat.
Healthy people are neither needed nor useful for the economy. They don't buy medicine. They do not go to hospitals or doctors. Nothing is added to the country's GDP (gross domestic product).
On the contrary, every new McDonald's restaurant creates at least 30 jobs: 10 cardiologists, 10 dentists, 10 dietary experts and nutritionists, and obviously, people who work at the restaurant itself."
Choose carefully: cyclist or McDonald's? It is worth considering.
P.S. Walking is even worse. Pedestrians don't even buy bicycles.
P.P.S. If you have read this far and still don't get it, this post is SATIRE. Reread it with this in mind.

a picture of several people cycling in a city street.
Tom boosted:
2025-06-23

Periodic call for volunteers: we'd love to see more enterprise-relevant topics. Things like red/blue/purple teaming companies, managing servers and endpoints, EDR log analysis, incident planning and response, etc. If you're interested in contributing, let us know at teach@ost2.fyi

Tom boosted:
2025-06-22

✨ new tech bingo ✨

Bingo card listing a bunch of common issues with newly-released technology. Squares include "destroys well-paying jobs", "horrifying military applications", "ceo is a real piece of shit". The free square in the middle is "ads!"
Tom boosted:
Filippo Valsorda (🏝️🔙 Aug 1)filippo@abyssdomain.expert
2025-06-22

Looks like the same poorly implemented Android CT library that broke a lot of apps a couple years ago... did it again 🤦‍♂️

github.com/appmattus/certifica

Tom boosted:
Electronic Frontier Foundationeff
2025-06-21

When you donate to EFF, you're supporting the engineers, lawyers, and skilled advocates that tend the path for technology users' rights to privacy, expression, and innovation online. eff.org/35years

Tom boosted:
Carlos O'Donellcodonell@fosstodon.org
2025-06-20

It is critical to the success of any project to build peer review into the process. Having one human reviewer isn't even about securing your supply chain, it's about teaching, showing, discussing and engaging. Review is the glue that holds the project together.

Tom boosted:
2025-06-20

Thanks @securelyfitz for not only supporting @blackhoodie with words but also donating **hardware** (all students got a hardware hacking kit which incl. Tigard, Bitmagic, and various cool tools) and helping us carry boxes, setting up the workstations, and cleaning up!!

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst