Scraps #6
A bunch of scrappy notes from 2025-07-18 to 2025-07-25, posted on
What are the haps?
We're rushing through July and things aren't slowing down. The weather here is... variable, shall we say. Gone are the days of consistency, we're getting high winds, blazing sun, heavy rain, calm overcast skies and lightning in a single day.
It's unreliable! But hey, at least I've got the consistently high quality of the human web to keep me feeling positive, and the consistently poor state of information security to keep me feeling negative. They balance out, right?
Spotlight
- I have had the legendary Pierre Carrier's website bookmarked for many moons, and keep coming across his awesome stuff. He just posted that he has, via xmit.dev, launched Let It Be Known, which is a service that offers free subdomains for anyone that wants 'em, and it's super easy to manage to boot. There's another thing from him down in the Tech section but I wanted to spotlight libk.org and encourage you to check out his website and writing because he is top tier
- Luke emailed me about his new /blank page, a delightfully blank page (except for the wonderful addition of some flowers) which I have added to my Intentionally Left Blank post!
Indieweb, Fediverse & Social Media - people stuff
My list of posts to read and websites to browse grows faster than I can consume them. At this rate I'm going to need to employ a content curator!
- Will has a chop - a personal seal - that is used to stamp art he creates. But he had a thought... Why can't this apply to digital stuff, too?
- Moderating a community hard work, as highlighted by Mark. Support your mastodon instance team if you can!
- The privacy of Firefox has been a given for a long time, perhaps you shouldn't trust it though? Evan doesn't think so
- David thinks people should surf the web again! You know, instead of living inside the corporate web. And he has three quick guidelines to make it a more enjoyable and meaningful experience
- @hyde has a great series of interviews called Over/Under, where he seeks out the opinions of a specific web denizen regarding particular things. This time around he's asked Elizabeth Tai about digital gardens, social media, rss, books and tea
- Alan Levine gets nostalgic for one of the earliest html tutorials on the web, something he himself put together back in 1994!
- And on internet nostalgia, who still uses text based (ascii) smileys o.O ? I do :D and so does Adële!
Infosec, sysadmin & code - tech stuff
It's been a busy week on the tech front, with some pretty significant infosec-related events.
- MDN (Mozilla development network) celebrates 20 years with cake, a tradition from browser vendors during the nostalgic early Firefox days
- Pierre (that brainbox from today's spotlight) has been digging into mouse latency recently. He then dug into it some more, which included building a tool to get even better data, and has gotten deep into USB land.
- Some SharePoint admins struggled to sleep over the weekend as ToolShell was used to compromise on prem instances across the internet
- An outsourced, third party tech support org allowed credential resets without verifying identity. Yikes.
- I was playing around with some HTML & CSS stuff, trying to prevent LLMs from scraping website content for an upcoming post the other day. I discussed some of the experiments on the 32bit.cafe discord server and Lera took an idea that emerged and built an online obfuscator tool which automates this for you!
- When it comes to pissing off LLM scrapers, @ache has written up how to build and serve a HTML zip bomb
- Google launches OSS Rebuild, a project that builds open source packages and compares the resulting resource with the published one, enabling automated confidence that a package is what it says it is
- Using OSINT, researchers have put together the structure of a Russian SIGINT unit, using their commemorative badges
- Of course we can't go a week without hardcoded creds in a widely used product, can we? This week it's HPE Access Points
- I love peeking behind the curtain of a big organisations technical infrastructure. Netflix has just posted part 1 of how they got live TV to work
- Yorick is dealing with the frustratingly loose HTTP spec
That's Scraps #6 concluded for this week. Keep posting awesome stuff, peeps!