Michael Weissbacher
@mweissbacher.bsky.social
Securing Block (Square) infrastructure. Previously security research at Northeastern University. Internationally acclaimed Schnitzel expert 🇦🇹 mweissbacher.com NYC 🗽
Reposted by Michael Weissbacher
I wrote a thing! Really I just took dictation as Ben Toews dictated to me and Tim, and then added a muppet to the diagram. But still: this is a neat system, I'm a little proud of it, and so here you go: YET MORE MACAROON CONTENT.
fly.io/blog/operati...
fly.io/blog/operati...
Operationalizing Macaroons
The Integral Principles of the Structural Dynamics of Macaroons
fly.io
March 27, 2025 at 10:22 PM
I wrote a thing! Really I just took dictation as Ben Toews dictated to me and Tim, and then added a muppet to the diagram. But still: this is a neat system, I'm a little proud of it, and so here you go: YET MORE MACAROON CONTENT.
fly.io/blog/operati...
fly.io/blog/operati...
Reposted by Michael Weissbacher
The Onion is aggressively on sale.
Subscribing helps us hire comedy writers who get health insurance and even food to eat, with their mouths. That food is converted into energy which allows them to make sentences that make the government sad.
Sign up to let this continue:
membership.theonion.com
Subscribing helps us hire comedy writers who get health insurance and even food to eat, with their mouths. That food is converted into energy which allows them to make sentences that make the government sad.
Sign up to let this continue:
membership.theonion.com
March 27, 2025 at 5:15 PM
The Onion is aggressively on sale.
Subscribing helps us hire comedy writers who get health insurance and even food to eat, with their mouths. That food is converted into energy which allows them to make sentences that make the government sad.
Sign up to let this continue:
membership.theonion.com
Subscribing helps us hire comedy writers who get health insurance and even food to eat, with their mouths. That food is converted into energy which allows them to make sentences that make the government sad.
Sign up to let this continue:
membership.theonion.com
Reposted by Michael Weissbacher
GREAT news everyone!
The Onion is hiring! For a bunch of new positions.
Sports Editor (yes, we're bringing it back): jobs.gusto.com/postings/the...
Entertainment Editor (going harder here too): jobs.gusto.com/postings/the...
And a Staff Writer (!): jobs.gusto.com/postings/the...
Apply or die!
The Onion is hiring! For a bunch of new positions.
Sports Editor (yes, we're bringing it back): jobs.gusto.com/postings/the...
Entertainment Editor (going harder here too): jobs.gusto.com/postings/the...
And a Staff Writer (!): jobs.gusto.com/postings/the...
Apply or die!
Careers at The Onion
jobs.gusto.com
March 25, 2025 at 9:49 PM
GREAT news everyone!
The Onion is hiring! For a bunch of new positions.
Sports Editor (yes, we're bringing it back): jobs.gusto.com/postings/the...
Entertainment Editor (going harder here too): jobs.gusto.com/postings/the...
And a Staff Writer (!): jobs.gusto.com/postings/the...
Apply or die!
The Onion is hiring! For a bunch of new positions.
Sports Editor (yes, we're bringing it back): jobs.gusto.com/postings/the...
Entertainment Editor (going harder here too): jobs.gusto.com/postings/the...
And a Staff Writer (!): jobs.gusto.com/postings/the...
Apply or die!
Reposted by Michael Weissbacher
Letting the MTA give out automated camera tickets to drivers blocking the bus route outside the bus lane has sped up buses. Who knew
March 24, 2025 at 3:20 PM
Letting the MTA give out automated camera tickets to drivers blocking the bus route outside the bus lane has sped up buses. Who knew
Reposted by Michael Weissbacher
A pie graph worth keeping in mind as the NIH budget plummets jamanetwork.com/journals/jam... for 356 new FDA drugs approved
March 23, 2025 at 4:17 PM
A pie graph worth keeping in mind as the NIH budget plummets jamanetwork.com/journals/jam... for 356 new FDA drugs approved
Reposted by Michael Weissbacher
Next.js dropped a CVSS 9.1 authentication bypass vulnerability (CVE-2025-29927) over the weekend. This flaw is trivially exploitable by sending the header `x-middleware-subrequest: true`. Over 300k hits in Shodan, find more at:
How to find Next.js on your network
How to find Next.js on your network
www.runzero.com
March 23, 2025 at 2:42 AM
Next.js dropped a CVSS 9.1 authentication bypass vulnerability (CVE-2025-29927) over the weekend. This flaw is trivially exploitable by sending the header `x-middleware-subrequest: true`. Over 300k hits in Shodan, find more at:
Reposted by Michael Weissbacher
A 6‑Hour Time-Stretched Version of Brian Eno’s Music For Airports. “The tonal field is the same, but now the notes are no attack, all decay.” [openculture.com]
A 6‑Hour Time-Stretched Version of Brian Eno’s Music For Airports: Meditate, Relax, Study
Robert Wyatt, Music for Airports started the idea of slow, meditative music that abandoned typical major and minor scales, brought in melodic ambiguity, and began the exploration of sounds that were designed to exist somewhere in the background, beyond the scope of full attention.
www.openculture.com
March 18, 2025 at 7:46 PM
A 6‑Hour Time-Stretched Version of Brian Eno’s Music For Airports. “The tonal field is the same, but now the notes are no attack, all decay.” [openculture.com]
Reposted by Michael Weissbacher
They're called public records for a reason. Starting today, WIRED will *stop paywalling* articles that are primarily based on public records obtained through the Freedom of Information Act, becoming the first publication to partner with @freedom.press to offer this for our new coverage.
Wired is dropping paywalls for FOIA-based reporting. Others should follow
As the administration does its best to hide public records from the public, Wired magazine is stepping up to help stem the secrecy
freedom.press
March 18, 2025 at 1:11 PM
They're called public records for a reason. Starting today, WIRED will *stop paywalling* articles that are primarily based on public records obtained through the Freedom of Information Act, becoming the first publication to partner with @freedom.press to offer this for our new coverage.
Reposted by Michael Weissbacher
If you haven't been tracking, RCS texting is rolling out end-to-end encryption using MLS. This is a huge triumph of the IETF and the collaborative approach to creating internet-grade protocols championed there.
arstechnica.com/gadgets/2025...
arstechnica.com/gadgets/2025...
RCS texting updates will bring end-to-end encryption to green bubble chats
Lack of encryption was one SMS shortcoming that RCS was created to solve.
arstechnica.com
March 16, 2025 at 5:46 AM
If you haven't been tracking, RCS texting is rolling out end-to-end encryption using MLS. This is a huge triumph of the IETF and the collaborative approach to creating internet-grade protocols championed there.
arstechnica.com/gadgets/2025...
arstechnica.com/gadgets/2025...
Reposted by Michael Weissbacher
Large epidemiologic studies have consistently shown an association between coffee and improved health outcomes. This may be one of the reasons: favorable changes to the gut microbiome 🏢🏢
www.scientificamerican.com/article/coff...
www.scientificamerican.com/article/coff...
Coffee Boosts Beneficial Gut Bacterium
Researchers found a strong connection between coffee and the gut microbiome
www.scientificamerican.com
February 20, 2025 at 2:58 AM
Large epidemiologic studies have consistently shown an association between coffee and improved health outcomes. This may be one of the reasons: favorable changes to the gut microbiome 🏢🏢
www.scientificamerican.com/article/coff...
www.scientificamerican.com/article/coff...
Reposted by Michael Weissbacher
Reposted by Michael Weissbacher
we need an associate to join the firm as soon as possible. various reasons inc. half the fed gov't being fired.
employment, civil rights, a bit of suing Elon Musk, some other stuff.
*Virginia* bar required.
I'll get around to posting something formal but email me a resume if you want to apply.
employment, civil rights, a bit of suing Elon Musk, some other stuff.
*Virginia* bar required.
I'll get around to posting something formal but email me a resume if you want to apply.
February 17, 2025 at 7:51 PM
we need an associate to join the firm as soon as possible. various reasons inc. half the fed gov't being fired.
employment, civil rights, a bit of suing Elon Musk, some other stuff.
*Virginia* bar required.
I'll get around to posting something formal but email me a resume if you want to apply.
employment, civil rights, a bit of suing Elon Musk, some other stuff.
*Virginia* bar required.
I'll get around to posting something formal but email me a resume if you want to apply.
Reposted by Michael Weissbacher
hey for anyone who might want to actually own their kindle books instead of renting them, or who might be thinking of switching to kobo etc and will want to convert them to epubs, you now only have one week before amazon kills your ability to download its ebooks www.theverge.com/news/612898/...
Amazon’s killing a feature that let you download and backup Kindle books
It’s bad if you like to keep ebook backup copies.
www.theverge.com
February 16, 2025 at 6:08 PM
hey for anyone who might want to actually own their kindle books instead of renting them, or who might be thinking of switching to kobo etc and will want to convert them to epubs, you now only have one week before amazon kills your ability to download its ebooks www.theverge.com/news/612898/...
Reposted by Michael Weissbacher
Microsoft's own research confirms something that was already pretty obvious: relying on a text generating machine to come up with answers erodes critical thinking, and is a method favoured by those who never liked doing critical thinking in the first place
advait.org/files/lee_20...
advait.org/files/lee_20...
advait.org
February 9, 2025 at 10:15 AM
Microsoft's own research confirms something that was already pretty obvious: relying on a text generating machine to come up with answers erodes critical thinking, and is a method favoured by those who never liked doing critical thinking in the first place
advait.org/files/lee_20...
advait.org/files/lee_20...
Reposted by Michael Weissbacher
This supposedly complimentary story about one of Musk's greasy goons embodies one of the core problems of DOGE: they were so incompetent they didn't do basic version control or backups, and so lost all their work.
Such people are unfit to be anywhere near critical government infrastructure.
Such people are unfit to be anywhere near critical government infrastructure.
Their response to "he's violating the Constitution" is really "but bro is so sick at coding."
US rule of law in shambles. Tech ideology is really that kind of caricature of itself.
US rule of law in shambles. Tech ideology is really that kind of caricature of itself.
February 6, 2025 at 1:19 PM
This supposedly complimentary story about one of Musk's greasy goons embodies one of the core problems of DOGE: they were so incompetent they didn't do basic version control or backups, and so lost all their work.
Such people are unfit to be anywhere near critical government infrastructure.
Such people are unfit to be anywhere near critical government infrastructure.
Reposted by Michael Weissbacher
an unelected billionaire storming into US agencies, installing his unqualified and unapproved lackeys, purging civil servants, seizing access to sensitive data and payments, unilaterally eliminating federal agencies: fine
identifying the lackeys: illegal
identifying the lackeys: illegal
February 3, 2025 at 2:43 PM
an unelected billionaire storming into US agencies, installing his unqualified and unapproved lackeys, purging civil servants, seizing access to sensitive data and payments, unilaterally eliminating federal agencies: fine
identifying the lackeys: illegal
identifying the lackeys: illegal
Reposted by Michael Weissbacher
My favorite fact about the NYC subway is that there are way more daily riders (about 4 million) than the number of people who fly in the US out of all airports every day (~2.5 million). The scale is hard to get a grasp on.
Max capacity passengers per hour:
* Boring Co’s Vegas Loop: 4,500
* NYC subway 6 train: 105,000
* Boring Co’s Vegas Loop: 4,500
* NYC subway 6 train: 105,000
January 27, 2025 at 2:20 PM
My favorite fact about the NYC subway is that there are way more daily riders (about 4 million) than the number of people who fly in the US out of all airports every day (~2.5 million). The scale is hard to get a grasp on.
Reposted by Michael Weissbacher
And, there it is: Acting Secretary Benjamine Huffman is terminating "all current memberships on advisory committees within DHS, effective immediately." Including CISA cybersecurity advisory committee.
January 21, 2025 at 8:02 PM
And, there it is: Acting Secretary Benjamine Huffman is terminating "all current memberships on advisory committees within DHS, effective immediately." Including CISA cybersecurity advisory committee.
Reposted by Michael Weissbacher
And we're up, our first episode of this year, this time with video (thankfully not of me): Carole House and the Biden Cybersecurity Everything Bagel.
youtu.be/Pqw0W2crQiM
securitycryptographywhatever.com/2025/01/20/b...
youtu.be/Pqw0W2crQiM
securitycryptographywhatever.com/2025/01/20/b...
Biden’s Cyber-Everything Bagel with Carole House
YouTube video by Security Cryptography Whatever
youtu.be
January 21, 2025 at 12:23 AM
And we're up, our first episode of this year, this time with video (thankfully not of me): Carole House and the Biden Cybersecurity Everything Bagel.
youtu.be/Pqw0W2crQiM
securitycryptographywhatever.com/2025/01/20/b...
youtu.be/Pqw0W2crQiM
securitycryptographywhatever.com/2025/01/20/b...
Reposted by Michael Weissbacher
COMPUTER SCIENTISTS: "k" means one thousand and twenty-four
STORAGE MANUFACTURERS: "k" means one thousand
DISPLAY MANUFACTURERS [thinking hard]: "K" means nine hundred and sixty
STORAGE MANUFACTURERS: "k" means one thousand
DISPLAY MANUFACTURERS [thinking hard]: "K" means nine hundred and sixty
January 17, 2025 at 10:34 PM
COMPUTER SCIENTISTS: "k" means one thousand and twenty-four
STORAGE MANUFACTURERS: "k" means one thousand
DISPLAY MANUFACTURERS [thinking hard]: "K" means nine hundred and sixty
STORAGE MANUFACTURERS: "k" means one thousand
DISPLAY MANUFACTURERS [thinking hard]: "K" means nine hundred and sixty
Reposted by Michael Weissbacher
Mark Cuban is ready to fund a TikTok alternative built on Bluesky’s AT Protocol
Mark Cuban is ready to fund a TikTok alternative built on Bluesky’s AT Protocol
Entrepreneur and investor Mark Cuban is ready to fund a TikTok alternative built on Bluesky’s AT Protocol, he shared in a TikTok video posted on Wednesday. In anticipation of the coming U.S. TikTok ban, which will go through on Sunday unless paused by the…
tcrn.ch
January 16, 2025 at 6:44 PM
Mark Cuban is ready to fund a TikTok alternative built on Bluesky’s AT Protocol
Reposted by Michael Weissbacher
We blogged again! This time about our Data Safety Levels framework, which was inspired by the CDC/WHO Biosafety Levels system and Laboratory Biosafety Manuals. Like biological agents, we also don't want sensitive data to be exposed to humans or escape.
code.cash.app/dsl-framework
code.cash.app/dsl-framework
Data Safety Levels Framework: The foundation of how we look at data in Block
Block uses the Data Safety Levels (DSL) Framework to evaluate data sensitivity.
code.cash.app
January 16, 2025 at 10:00 PM
We blogged again! This time about our Data Safety Levels framework, which was inspired by the CDC/WHO Biosafety Levels system and Laboratory Biosafety Manuals. Like biological agents, we also don't want sensitive data to be exposed to humans or escape.
code.cash.app/dsl-framework
code.cash.app/dsl-framework
Reposted by Michael Weissbacher
I've decided to do a little live-streamed #curl presentation on twitch next week:
"curl from start to end". For free of course, no signup. Just show up.
daniel.haxx.se/blog/2025/01...
"curl from start to end". For free of course, no signup. Just show up.
daniel.haxx.se/blog/2025/01...
Presentation: curl from start to end
On Tuesday January 21st 2025, at 16:00 CET (15:00 UTC) I will do a presentation titled as per above. I have not done this one before. The talk will be a detailed explainer and step-by-step going throu...
daniel.haxx.se
January 16, 2025 at 8:05 PM
I've decided to do a little live-streamed #curl presentation on twitch next week:
"curl from start to end". For free of course, no signup. Just show up.
daniel.haxx.se/blog/2025/01...
"curl from start to end". For free of course, no signup. Just show up.
daniel.haxx.se/blog/2025/01...