Aug ’23
AI image generators threaten child safety investigations
I believe that generative AI, developed and deployed thoughtfully, has the opportunity to profoundly reshape the world for the better. Emphasis on developed and deployed thoughtfully.
When your classmates threaten you with felony charges
A few weeks ago, I was part of a talk at DEF CON 31 called The Hackers, The Lawyers, and the Defense Fund. I was asked to share my experience receiving a legal threat for good-faith security research from my classmates.
Dec ’21
Copyright trolls, inspect element, and the online abuse ecosystem
When you think of a state-sponsored online influence operation, you might picture large sprawling networks of high-follower accounts spreading disinformation. To give one canonical example, Russia’s Internet Research Agency impersonated the Tennessee GOP on Twitter in the lead-up to the 2016 election, amassing over 130,000 followers before being taken down.
Sep ’21
“It's open source! We’ll let our customers fix it.”
In general, open source maintainers owe you nothing. Despite maintainers often being volunteers, some users feel entitled to maintainers’ time, submitting feature requests and expecting the maintainers to implement whatever they want. This is wrong. I repeat, open source maintainers owe you nothing.
Jan ’21
Wait, did Kubernetes just reduce complexity?
In February, my Google Cloud free credits will expire, so yesterday I decided to migrate many of my Politiwatch projects to Microsoft Azure (where I have recurring free credits). I thought this process would take days—but thanks to Kubernetes, it only took about 45 minutes.
Aug ’20
Shynet had a security issue because I misunderstood CORS
When I built Shynet, my self-hosted analytics tool, one of my top priorities was making sure it didn’t require visitors to have JavaScript enabled. While Shynet will try to log visits using a JavaScript tracker, it will fall back to a 1x1 transparent tracking pixel if JavaScript isn’t enabled. Here is the Shynet tracking code for this site, for example:
Spot the error on the nutrition label...
I usually only write about my own mistakes, but here I’m going to be writing about a mistake I noticed an error on the nutrition label of Quaker Oatmeal Squares cereal. The error is extremely minor (at least as far as I can tell), but it made me think—this label has been printed and seen probably millions of times, and yet this error remains on the box to this day (as of mid-August 2020).
Jul ’20
I thought it’d be a good idea to establish scopes at parse time
Over the past week or so, I’ve been working on building my own simple interpreted programming language. My goal is to learn about language design, Lisp, and systems programming—all while building a language that is fun to use (and maybe, just maybe, one day I’ll find it useful for something).
Why a17t is meant to be used with Tailwind CSS
I designed a17t to be used in conjunction with Tailwind CSS. I never use a17t without Tailwind, and I never use Tailwind without a17t.
Shynet will never be a SaaS
Ever since I released Shynet, my open source web analytics tool, several people have asked me if I plan to offer some kind of managed version of the service (presumably as some kind of SaaS). While these requests are super exciting and I sympathize with them—not everyone wants to manage their own servers, after all!—it’s not something that I’m considering. Here’s why.
