On Mortality đź”—
Content Warning: This post is about mortality. This morning, I awoke from a dream. I’d just discovered a ticking time bomb was a fake, and the dream e [...]
text/plain
Posts
Mark-of-the-Web: Real-World Protection đź”—
Two years ago, I wrote up some best practices for developers who want to take a file’s security origin into account when deciding how to handle it. Th [...]
My New Desktop đź”—
After a frustrating morning with my troublesome P1 Gen 7 laptop, I decided it was time to bite the bullet and stop working off laptops full-time, a ha [...]
Fiddler – My Mistakes 🔗
On a flight back from Redmond last week, I finally read Linus Torvalds’ 2002 memoir “Just For Fun.” I really enjoyed its picture of Linux (and Torvald [...]
Parallel Downloading đź”—
I’ve written about File Downloads quite a bit, and early this year, I delivered a full tech talk on the topic. From my very first days online (a local [...]
Security Software – An Overview 🔗
I’ve spent nearly my entire professional career in software security: designing software to prevent abuse by bad actors. I’ve been battling the bad gu [...]
Best Practices for SmartScreen AppRep đź”—
Last year, I wrote about how Windows integrates SmartScreen Application Reputation to help ensure users have a secure and smooth experience when runni [...]
Defensive Technology: Controlled Folder Access đź”—
Most client software’s threat models (e.g. Edge, Chrome) explicitly exclude threats where the local computer was compromised by malware. That’s becaus [...]
On Politics đź”—
I do not come from an especially political family. One parent has not voted in decades, and the other votes regularly, but is not an enthusiast and va [...]
Lenovo P1, Gen7: Meh đź”—
I’ve been a loyal user of Thinkpads for over twenty-five years now, and I currently own four (with another on loan from Microsoft). In July, the scree [...]