Monday is a holiday here in the US, meaning that today is one of the best days of the year to push your untested vibe code to production. Just remember, if the code would have worked when tested, it would work in production, so there's basically no risk.

Till we meet again, de minimis tariff exemption.

Yes, there’s another phishing campaign contacting fediverse users to fill out a form to avoid being suspended or whatever. Stay calm and just report them and be sure to check the option to inform their home instance so the account gets suspended for everyone. Also, please consider enabling moderated signups if you don’t already have them. I get it - signups dropped by >90% when I did it, but there’s very little capability for dealing with bad actors proactively once they have an account. I know it’s not a foolproof way to keep the scammers out, but it is an improvement.

Two days away from the start of a long weekend here in the US. Hopefully everyone is queuing up their untested code changes to go live on Friday. Bonus points if you store your secrets in code hosted on a public GitHub repo.

First day back on the elliptical machine in weeks after the stair monster - mean stair master messed up my knee.

I upgraded infosec.exchange, .space, and convo.casa to the latest glitch-soc code a few minutes ago. I always look forward to the kind and even tempered comments I get when something has changed on the mastodon interface after an upgrade. I have changed into my fire proof undergarments and await the messages of thanks.

So that was pretty cool

A photographer friend of mine had one of her sd memory cards die after a photo shoot. She’s tried Easeus and it can recover about 1300 of 1600 files, but she’s asking if there are other tools/tricks anyone knows from the forensics community that might be able to get the rest. I have a feeling there may just be some dead memory cells, but if there’s any chance to help, I’d like to. Thanks.

It’s about to be a rainy day at the beach

Getting tired of all the LLM-written emails recommending various “cyber experts” to be on the DefSec podcast. It feels like someone recently started an “agency” for wannabe experts to get them on podcasts. 🚮