ramkumar
@ramenhost.dev
Security Software Engineer. Forever toggling between being a jack of all trades and a master of one.
Blog: https://ramenhost.dev
Blog: https://ramenhost.dev
Pinned
ramkumar
@ramenhost.dev
· Nov 8
looking to find people involved in:
cybersecurity
capture the flag
rust
systems programming
reverse engineering
malware analysis
network protocols
performance tuning
anything linux
cybersecurity
capture the flag
rust
systems programming
reverse engineering
malware analysis
network protocols
performance tuning
anything linux
Just published. I think everyone who uses git would benefit from this information. While git reflog by itself is a simple log, it takes a lot to understand its output.
Credits to the amazing Git zine from @b0rk.jvns.ca
ramenhost.dev/posts/gittin...
Credits to the amazing Git zine from @b0rk.jvns.ca
ramenhost.dev/posts/gittin...
Gitting to know git reflog
A deep dive into git reflog with examples
ramenhost.dev
March 9, 2025 at 4:52 PM
Just published. I think everyone who uses git would benefit from this information. While git reflog by itself is a simple log, it takes a lot to understand its output.
Credits to the amazing Git zine from @b0rk.jvns.ca
ramenhost.dev/posts/gittin...
Credits to the amazing Git zine from @b0rk.jvns.ca
ramenhost.dev/posts/gittin...
Reposted by ramkumar
Learning about zizmor, a static analysis tool for GitHub Actions from @yossarian.net github.com/woodruffw/zi...
February 1, 2025 at 5:04 PM
Learning about zizmor, a static analysis tool for GitHub Actions from @yossarian.net github.com/woodruffw/zi...
Side Quests in the Grand Line
The dilemma of Mastery vs Exploration
ramenhost.dev
January 28, 2025 at 3:55 AM
Reposted by ramkumar
what's involved in getting a "modern" terminal setup? jvns.ca/blog/2025/01...
January 11, 2025 at 4:49 PM
what's involved in getting a "modern" terminal setup? jvns.ca/blog/2025/01...
Reposted by ramkumar
I am convinced 99% of websites should use magic links + passkeys.
It bypasses all (debatable) portability objections to passkeys, it’s at least as secure as email-based recovery, as fast as a password manager, it’s available to all users… and importantly, no passwords!
It bypasses all (debatable) portability objections to passkeys, it’s at least as secure as email-based recovery, as fast as a password manager, it’s available to all users… and importantly, no passwords!
I wrote about how magic links (emailed one-time login links) frustrate me while explaining that they radically accept some fundamental truths. I argue that websites should layer passkeys on top of magic links to provide a seamless authentication experience for everyone. rmondello.com/2025/01/02/m...
Ricky Mondello » Magic Links Have Rough Edges, but Passkeys Can Smooth Them Over
rmondello.com
January 2, 2025 at 3:26 PM
I am convinced 99% of websites should use magic links + passkeys.
It bypasses all (debatable) portability objections to passkeys, it’s at least as secure as email-based recovery, as fast as a password manager, it’s available to all users… and importantly, no passwords!
It bypasses all (debatable) portability objections to passkeys, it’s at least as secure as email-based recovery, as fast as a password manager, it’s available to all users… and importantly, no passwords!
Reposted by ramkumar
"rules" that terminal programs follow jvns.ca/blog/2024/11...
December 12, 2024 at 4:58 PM
"rules" that terminal programs follow jvns.ca/blog/2024/11...
Reposted by ramkumar
Life tip: you can insert USB cables correctly the first time most of the time by ensuring the USB symbol is facing up (or to the right if it's on its side).
December 8, 2024 at 12:27 PM
Life tip: you can insert USB cables correctly the first time most of the time by ensuring the USB symbol is facing up (or to the right if it's on its side).
Incredible attack vector with shell injection in branch name to compromise deployment CI and deliver cryptocurrency miner in published PyPI packages.
December 7, 2024 at 6:45 PM
Incredible attack vector with shell injection in branch name to compromise deployment CI and deliver cryptocurrency miner in published PyPI packages.
Started a new microblog series of some small things I've learned about programming and computers in general. Inspired by @b0rk.jvns.ca
Today I Learned
Microblogs of some small things I’ve learned.
ramenhost.dev
December 3, 2024 at 4:52 AM
Started a new microblog series of some small things I've learned about programming and computers in general. Inspired by @b0rk.jvns.ca
Reposted by ramkumar
Repeat after me:
NEVER USE EMPLOYER DEVICES OR SERVICES FOR ANYTHING PERSONAL
At Google I bought my own Chromebook, had it enterprise provisioned, and kept anything personal in a separate profile. I also verified that the company policies supported this separation.
www.semafor.com/article/12/0...
NEVER USE EMPLOYER DEVICES OR SERVICES FOR ANYTHING PERSONAL
At Google I bought my own Chromebook, had it enterprise provisioned, and kept anything personal in a separate profile. I also verified that the company policies supported this separation.
www.semafor.com/article/12/0...
Employee lawsuit accuses Apple of spying on its workers | Semafor
The suit alleges Apple forces employees to give up their personal privacy rights and surveils them through iCloud accounts and non-work devices.
www.semafor.com
December 2, 2024 at 5:13 PM
Repeat after me:
NEVER USE EMPLOYER DEVICES OR SERVICES FOR ANYTHING PERSONAL
At Google I bought my own Chromebook, had it enterprise provisioned, and kept anything personal in a separate profile. I also verified that the company policies supported this separation.
www.semafor.com/article/12/0...
NEVER USE EMPLOYER DEVICES OR SERVICES FOR ANYTHING PERSONAL
At Google I bought my own Chromebook, had it enterprise provisioned, and kept anything personal in a separate profile. I also verified that the company policies supported this separation.
www.semafor.com/article/12/0...
Reposted by ramkumar
This was my tenth(!) year building 25 days of puzzles for #AdventOfCode. You can solve them all for free! Most people write code to solve them, but you can solve them however you like. I hope they help people become better programmers. 🌟
The first puzzle comes out in two hours: adventofcode.com
The first puzzle comes out in two hours: adventofcode.com
Advent of Code 2024
adventofcode.com
December 1, 2024 at 2:57 AM
This was my tenth(!) year building 25 days of puzzles for #AdventOfCode. You can solve them all for free! Most people write code to solve them, but you can solve them however you like. I hope they help people become better programmers. 🌟
The first puzzle comes out in two hours: adventofcode.com
The first puzzle comes out in two hours: adventofcode.com
If you add a branch protection rule on a forked repo and try to do "Sync fork" on web, github acts confused.
December 1, 2024 at 10:19 AM
If you add a branch protection rule on a forked repo and try to do "Sync fork" on web, github acts confused.
Reposted by ramkumar
Me: My calves are really tight
Masseuse: Honey, your entire body is tight. Are you sitting at a computer all day?
🥲
Masseuse: Honey, your entire body is tight. Are you sitting at a computer all day?
🥲
November 30, 2024 at 4:45 PM
Me: My calves are really tight
Masseuse: Honey, your entire body is tight. Are you sitting at a computer all day?
🥲
Masseuse: Honey, your entire body is tight. Are you sitting at a computer all day?
🥲
I am sick of all apps becoming a Webview. Browser is the only OS many need now.
November 30, 2024 at 7:31 AM
I am sick of all apps becoming a Webview. Browser is the only OS many need now.
Reposted by ramkumar
Some of you never closed a single browser tab on your phone and when you give it to a friend they can see what you googled for the last 5 yrs of your life
November 29, 2024 at 3:47 PM
Some of you never closed a single browser tab on your phone and when you give it to a friend they can see what you googled for the last 5 yrs of your life
For a RAG chat prototype, I used rust instead of python for no specific reason. Now I am about to present it to colleagues and how do I justify my choice of language?
November 29, 2024 at 1:19 PM
For a RAG chat prototype, I used rust instead of python for no specific reason. Now I am about to present it to colleagues and how do I justify my choice of language?
Documented Windows DDNS setup for Plex remote access
gist.github.com/ramenhost/9d...
gist.github.com/ramenhost/9d...
Plex media server Windows remote access with public IPv6
Plex media server Windows remote access with public IPv6 - Plex-ipv6-ddns-windows.md
gist.github.com
November 28, 2024 at 8:52 AM
Documented Windows DDNS setup for Plex remote access
gist.github.com/ramenhost/9d...
gist.github.com/ramenhost/9d...
Reposted by ramkumar
1. Some people are not cut out to be leaders.
2. If you're a leader and have these people as subordinate leaders, it's your duty to replace them.
3. If you don't act, you're who is being described in #1.
2. If you're a leader and have these people as subordinate leaders, it's your duty to replace them.
3. If you don't act, you're who is being described in #1.
November 26, 2024 at 5:41 PM
1. Some people are not cut out to be leaders.
2. If you're a leader and have these people as subordinate leaders, it's your duty to replace them.
3. If you don't act, you're who is being described in #1.
2. If you're a leader and have these people as subordinate leaders, it's your duty to replace them.
3. If you don't act, you're who is being described in #1.
I created a dev drive of 50GB thinking it's enough for source code.
I am now running cargo clean everyday.
I am now running cargo clean everyday.
November 26, 2024 at 6:06 PM
I created a dev drive of 50GB thinking it's enough for source code.
I am now running cargo clean everyday.
I am now running cargo clean everyday.
Clicking 'Follow All' immediately on starter packs like I'm getting paid.
November 21, 2024 at 2:49 PM
Clicking 'Follow All' immediately on starter packs like I'm getting paid.
Few months ago, we had snapdragon dev kit.
Windows 365 Link is a $349 mini PC that streams Windows from the cloud
Windows 365 Link is a $349 mini PC that streams Windows from the cloud
It’s a mini PC that connects up to a powerful cloud PC.
buff.ly
November 19, 2024 at 3:13 PM
Few months ago, we had snapdragon dev kit.
I hope that 100 years from now, a day will not come when I have to worry about my thoughts being collected without my permission.
November 18, 2024 at 5:43 PM
I hope that 100 years from now, a day will not come when I have to worry about my thoughts being collected without my permission.
Reposted by ramkumar
i really need to write a guide for myself for how to import a library in Javascript (in vanilla JS, without NPM), every single time I try it takes me like 2 hours and sometimes I just give up completely
there are so many gotchas (which file to use? will the CDN file actually work? ESM or not?)
there are so many gotchas (which file to use? will the CDN file actually work? ESM or not?)
November 17, 2024 at 5:28 PM
i really need to write a guide for myself for how to import a library in Javascript (in vanilla JS, without NPM), every single time I try it takes me like 2 hours and sometimes I just give up completely
there are so many gotchas (which file to use? will the CDN file actually work? ESM or not?)
there are so many gotchas (which file to use? will the CDN file actually work? ESM or not?)
Reposted by ramkumar
Almost embarrassed to post this, but I've always used Fiddler or Burp for capturing things like this...
I didn't have admin rights and was trying to capture network traffic from a pop-up, so Dev Tools wasn't working
Apparently this is built into Chrome/Edge! So cool :)
edge://net-export/
I didn't have admin rights and was trying to capture network traffic from a pop-up, so Dev Tools wasn't working
Apparently this is built into Chrome/Edge! So cool :)
edge://net-export/
November 17, 2024 at 6:49 AM
Almost embarrassed to post this, but I've always used Fiddler or Burp for capturing things like this...
I didn't have admin rights and was trying to capture network traffic from a pop-up, so Dev Tools wasn't working
Apparently this is built into Chrome/Edge! So cool :)
edge://net-export/
I didn't have admin rights and was trying to capture network traffic from a pop-up, so Dev Tools wasn't working
Apparently this is built into Chrome/Edge! So cool :)
edge://net-export/
It's amazing how we manage to negate years of hardware evolution with software junk, except for network speeds which has drastically improved.
November 14, 2024 at 12:08 PM
It's amazing how we manage to negate years of hardware evolution with software junk, except for network speeds which has drastically improved.