Liam 🦆
@liamosaur.ragequ.it
Australian hacker.
Foghlaimeoir Gaeilge.
Tír Bundúchasach. Mar a bhí sí i gcónaí, beidh sí go deo.
Foghlaimeoir Gaeilge.
Tír Bundúchasach. Mar a bhí sí i gcónaí, beidh sí go deo.
In 2025 I read the Irish language books Dún an Airgid, Cath Fionntrá, a few chapters of Táin Bó Cúailnge (an ongoing project), and I'm halfway through Conaire Mór (only started a week ago!). My low stakes new year's resolution is to finish more than 3 Irish books in 2026
December 31, 2025 at 4:40 AM
In 2025 I read the Irish language books Dún an Airgid, Cath Fionntrá, a few chapters of Táin Bó Cúailnge (an ongoing project), and I'm halfway through Conaire Mór (only started a week ago!). My low stakes new year's resolution is to finish more than 3 Irish books in 2026
This is what happens when editors no longer have younger staff members to run headlines past before publishing. "'Bricked up' means the same thing as 'Bricked', right?" 😏
December 30, 2025 at 10:42 PM
This is what happens when editors no longer have younger staff members to run headlines past before publishing. "'Bricked up' means the same thing as 'Bricked', right?" 😏
What sort of irony is it when the age verification system doesn't work because of your long white beard?
December 26, 2025 at 11:16 AM
What sort of irony is it when the age verification system doesn't work because of your long white beard?
"no worries, I can chop all the salad" - the words of a man who thinks he's getting off Xmas meal prep lightly until he remembers that he's in a holiday rental and all the knives are blunt as a hammer
December 25, 2025 at 3:14 AM
"no worries, I can chop all the salad" - the words of a man who thinks he's getting off Xmas meal prep lightly until he remembers that he's in a holiday rental and all the knives are blunt as a hammer
Reposted by Liam 🦆
Wanna re-live the ✨kawaii ✨ magic? Well lucky ducks, guess what we have prepared!
All of the Kawaiicon 3 talks are up on YouTube! Check em out!
youtube.com/@kawaiiconnz
All of the Kawaiicon 3 talks are up on YouTube! Check em out!
youtube.com/@kawaiiconnz
Kawaiicon NZ
New Zealand's cute infosec con (& book publishers) ✨
youtube.com
December 23, 2025 at 7:47 AM
Wanna re-live the ✨kawaii ✨ magic? Well lucky ducks, guess what we have prepared!
All of the Kawaiicon 3 talks are up on YouTube! Check em out!
youtube.com/@kawaiiconnz
All of the Kawaiicon 3 talks are up on YouTube! Check em out!
youtube.com/@kawaiiconnz
"If you have a soft backpack, please place it under the seat in front of you"
With respect - fuck no. I took the time to check my larger bag. I'm 6'3". The only thing going under the seat in front is my feet. I'm not going to be punished because I didn't bring the biggest allowable cabin bag
With respect - fuck no. I took the time to check my larger bag. I'm 6'3". The only thing going under the seat in front is my feet. I'm not going to be punished because I didn't bring the biggest allowable cabin bag
December 21, 2025 at 2:30 AM
"If you have a soft backpack, please place it under the seat in front of you"
With respect - fuck no. I took the time to check my larger bag. I'm 6'3". The only thing going under the seat in front is my feet. I'm not going to be punished because I didn't bring the biggest allowable cabin bag
With respect - fuck no. I took the time to check my larger bag. I'm 6'3". The only thing going under the seat in front is my feet. I'm not going to be punished because I didn't bring the biggest allowable cabin bag
Stop trying to force AI into everything - web browser edition
December 17, 2025 at 10:09 PM
Stop trying to force AI into everything - web browser edition
Reposted by Liam 🦆
Don’t forget the Segway!
just a collection of "inevitable" multi-billion dollar tech that was going to be the future of everything until everyone in the audience who was supposed to just get on board said "lol no"
December 17, 2025 at 1:25 PM
Don’t forget the Segway!
Reposted by Liam 🦆
The funny thing is there are absolutely traits skills and characteristics that financially super successful people have and they are:
money
being born into money
knowing other people with money
money
being born into money
knowing other people with money
Michael C. Rockefeller got shipwrecked in 1963, washed up on an island, and was promptly eaten by cannibals.
December 13, 2025 at 7:38 PM
The funny thing is there are absolutely traits skills and characteristics that financially super successful people have and they are:
money
being born into money
knowing other people with money
money
being born into money
knowing other people with money
Just in case I'm kicked in the head by a horse in the future and decide I want to revisit the US, this is a pre-emptive declaration that the current administration is insane, harmful and is getting worse. Chilling effects on free speech can get fucked🖕 www.theguardian.com/us-news/2025...
Tourists to US would have to reveal five years of social media activity under new Trump plan
Plan would apply to countries not currently required to get visas to the US, including Britain and France
www.theguardian.com
December 12, 2025 at 1:00 AM
Just in case I'm kicked in the head by a horse in the future and decide I want to revisit the US, this is a pre-emptive declaration that the current administration is insane, harmful and is getting worse. Chilling effects on free speech can get fucked🖕 www.theguardian.com/us-news/2025...
Reposted by Liam 🦆
We’ve seen other orgs attempt 3rd party bug bounties, thinking it will help their ecosystem become safer. Inevitably, the safety of software depends more on the maturity of the org producing it than how many bugs are reported to it. Bug foie gras isn’t the safest path to maturity
When I started Microsoft Vuln Research in 2008, we found out just how few orgs were ready for vuln disclosure. When I started Microsoft’s 1st bug bounty in 2013, I never imagined it would grow to paying for 3rd party bugs. I hope the 3rd parties were warned & OSS gets tested patches supplied to them
As announced by Tom Gallagher, VP of Engineering, MSRC, on stage at Black Hat EU, we’re evolving our bug bounty program. Now, high-severity vulnerabilities that directly impact Microsoft online services are eligible for bounty awards, whether the code is Microsoft-owned, third-party, or open source.
December 11, 2025 at 6:42 PM
We’ve seen other orgs attempt 3rd party bug bounties, thinking it will help their ecosystem become safer. Inevitably, the safety of software depends more on the maturity of the org producing it than how many bugs are reported to it. Bug foie gras isn’t the safest path to maturity
Reposted by Liam 🦆
Requiring foreign visitors to hand over 5 years of social media isn’t “security,” it’s unchecked government control.
All-seeing surveillance systems don’t make us safer. They are in direct opposition to our civil liberties.
www.nbcnews.com/politics/tru...
All-seeing surveillance systems don’t make us safer. They are in direct opposition to our civil liberties.
www.nbcnews.com/politics/tru...
Foreign tourists could be required to disclose 5 years of social media histories under Trump administration plan
The Customs and Border Protection proposal would apply even to countries that don't require visas to enter.
www.nbcnews.com
December 10, 2025 at 7:23 PM
Requiring foreign visitors to hand over 5 years of social media isn’t “security,” it’s unchecked government control.
All-seeing surveillance systems don’t make us safer. They are in direct opposition to our civil liberties.
www.nbcnews.com/politics/tru...
All-seeing surveillance systems don’t make us safer. They are in direct opposition to our civil liberties.
www.nbcnews.com/politics/tru...
I am sad to inform you that Calibri is now officially woke
December 10, 2025 at 2:20 AM
I am sad to inform you that Calibri is now officially woke
"GenAI images look like shit hurr" isn't a great argument to make. Not because AI slop doesn't look like shit (it does), but because as soon as the tech incrementally improves and looks less like shit, your main complaint has been refuted. GenAI images are shit because they're built on theft
December 9, 2025 at 8:32 AM
"GenAI images look like shit hurr" isn't a great argument to make. Not because AI slop doesn't look like shit (it does), but because as soon as the tech incrementally improves and looks less like shit, your main complaint has been refuted. GenAI images are shit because they're built on theft
Reposted by Liam 🦆
Developer attempts to replicate "Liquid Glass" in CSS, and once finished realizes what she'd actually created is an exploit for a fundamental, previously unknown, and rather serious browser vulnerability
lyra.horse/blog/2025/12...
"CSS hack accidentally becomes regular hack"
lyra.horse/blog/2025/12...
"CSS hack accidentally becomes regular hack"
SVG Filters - Clickjacking 2.0
A novel and powerful twist on an old classic.
lyra.horse
December 5, 2025 at 2:03 AM
Developer attempts to replicate "Liquid Glass" in CSS, and once finished realizes what she'd actually created is an exploit for a fundamental, previously unknown, and rather serious browser vulnerability
lyra.horse/blog/2025/12...
"CSS hack accidentally becomes regular hack"
lyra.horse/blog/2025/12...
"CSS hack accidentally becomes regular hack"
ASD's social media team launch an attempt to get another category added to the #hacklore "this is not a realistic threat, please stop worrying about this" list 😔
I find this advice inexplicable and hard to align with any real-world threats
I find this advice inexplicable and hard to align with any real-world threats
December 1, 2025 at 1:04 AM
ASD's social media team launch an attempt to get another category added to the #hacklore "this is not a realistic threat, please stop worrying about this" list 😔
I find this advice inexplicable and hard to align with any real-world threats
I find this advice inexplicable and hard to align with any real-world threats
Reposted by Liam 🦆
While US venture capitalists were buying monkey jpegs, and DOGE coins, and figuring out how to get Black women fired, and tweeting about white birthrates, and trying to mandate which bathroom trans kids should use, China was making progress on climate change and taking the lead in a real industry.
China has made cheap, clean energy available in huge quantities. The world should take the win econ.st/4oqFszB
Photo: Eyevine
Photo: Eyevine
November 7, 2025 at 11:22 AM
While US venture capitalists were buying monkey jpegs, and DOGE coins, and figuring out how to get Black women fired, and tweeting about white birthrates, and trying to mandate which bathroom trans kids should use, China was making progress on climate change and taking the lead in a real industry.
Reposted by Liam 🦆
Bong Joon Ho hit me up for the squad you legend deadline.com/2025/11/bong...
November 29, 2025 at 12:49 PM
Bong Joon Ho hit me up for the squad you legend deadline.com/2025/11/bong...
Hot take about the updated OWASP Top10 - it's a great resource, but I have some concerns about the trend in categorisation. If the goal was "create categories that cover the top critical security risks to web applications", the new Top 10 would nail it. But the stated goal is slightly different...
November 27, 2025 at 5:54 AM
Hot take about the updated OWASP Top10 - it's a great resource, but I have some concerns about the trend in categorisation. If the goal was "create categories that cover the top critical security risks to web applications", the new Top 10 would nail it. But the stated goal is slightly different...
It seems the "X, but with computers" model needs to be tested with everything, including white-collar crime. As much as some people would like to believe otherwise, algorithms (inc AI), are not an accountability sink. Collusion is still collusion. Crime is still crime
BREAKING: RealPage is suing New York, challenging a new state law that bans landlords from using algorithms to set rents.
RealPage claims that its software, which landlords have used to collude on rents, is protected by the First Amendment.
RealPage claims that its software, which landlords have used to collude on rents, is protected by the First Amendment.
November 27, 2025 at 3:19 AM
It seems the "X, but with computers" model needs to be tested with everything, including white-collar crime. As much as some people would like to believe otherwise, algorithms (inc AI), are not an accountability sink. Collusion is still collusion. Crime is still crime
I got sick of meetings filling up my day around lunchtime, leaving me without a time to eat, so I wrote a Power Automate flow that detects when I'm close to having no time for lunch and auto-reserves a lunch slot in my calendar
November 25, 2025 at 1:29 AM
I got sick of meetings filling up my day around lunchtime, leaving me without a time to eat, so I wrote a Power Automate flow that detects when I'm close to having no time for lunch and auto-reserves a lunch slot in my calendar
I love everything about this letter - a list of things the general public should and shouldn't worry about when it comes to security www.hacklore.org/letter
The Letter — Stop Hacklore!
www.hacklore.org
November 24, 2025 at 10:25 PM
I love everything about this letter - a list of things the general public should and shouldn't worry about when it comes to security www.hacklore.org/letter
Before a certain year, Subarus have a 3-way light switch in the roof of the cargo space. It runs in line with the body of the car, so if you're say... unloading cargo (crazy), it's possible to accidentally flick the switch to light-always-on. If you don't notice the light, you flatten your battery.
November 23, 2025 at 8:39 AM
Before a certain year, Subarus have a 3-way light switch in the roof of the cargo space. It runs in line with the body of the car, so if you're say... unloading cargo (crazy), it's possible to accidentally flick the switch to light-always-on. If you don't notice the light, you flatten your battery.
Reposted by Liam 🦆
Our Call for Villages is officially OPEN, so if you’ve got a brilliant idea, a hands-on activity, or something totally wild you want to bring to the community… now’s the time to submit!
forms.gle/JNCA421jfxWj...
#BSidesMelb2026 #SecurityBSides #CFVillages
forms.gle/JNCA421jfxWj...
#BSidesMelb2026 #SecurityBSides #CFVillages
November 22, 2025 at 3:38 AM
Our Call for Villages is officially OPEN, so if you’ve got a brilliant idea, a hands-on activity, or something totally wild you want to bring to the community… now’s the time to submit!
forms.gle/JNCA421jfxWj...
#BSidesMelb2026 #SecurityBSides #CFVillages
forms.gle/JNCA421jfxWj...
#BSidesMelb2026 #SecurityBSides #CFVillages
Academic cryptography: "we need post-quantum cipher suites, which will solve everything"
Real world crypto: "key management is hard lol" www.nytimes.com/2025/11/21/w...
Real world crypto: "key management is hard lol" www.nytimes.com/2025/11/21/w...
Cryptographers Held an Election. They Can’t Decrypt the Results.
www.nytimes.com
November 21, 2025 at 11:09 PM
Academic cryptography: "we need post-quantum cipher suites, which will solve everything"
Real world crypto: "key management is hard lol" www.nytimes.com/2025/11/21/w...
Real world crypto: "key management is hard lol" www.nytimes.com/2025/11/21/w...