Reposted by Vincent Lu
I wrote about Oura's security and privacy practices earlier this year for this.weekinsecurity.com, and found:
• Oura rings *don't* end-to-end encrypt users' health data;
• Oura *can* access its users' data;
• Oura told me that the company *has* received U.S. government demands for users' data.
• Oura rings *don't* end-to-end encrypt users' health data;
• Oura *can* access its users' data;
• Oura told me that the company *has* received U.S. government demands for users' data.
November 28, 2025 at 3:15 PM
I wrote about Oura's security and privacy practices earlier this year for this.weekinsecurity.com, and found:
• Oura rings *don't* end-to-end encrypt users' health data;
• Oura *can* access its users' data;
• Oura told me that the company *has* received U.S. government demands for users' data.
• Oura rings *don't* end-to-end encrypt users' health data;
• Oura *can* access its users' data;
• Oura told me that the company *has* received U.S. government demands for users' data.
Reposted by Vincent Lu
A commonly-misunderstood aspect of computer security is that you are battling computers.
No. That is not right at all. Computers are barely involved.
You are battling humans who eat apathy and coordination problems.
No. That is not right at all. Computers are barely involved.
You are battling humans who eat apathy and coordination problems.
November 19, 2025 at 3:30 AM
A commonly-misunderstood aspect of computer security is that you are battling computers.
No. That is not right at all. Computers are barely involved.
You are battling humans who eat apathy and coordination problems.
No. That is not right at all. Computers are barely involved.
You are battling humans who eat apathy and coordination problems.
Reposted by Vincent Lu
Code comments that explain why you did it that way are good.
Code comments that explain why you *didn't* do it a different way are GREAT.
Code comments that explain why you *didn't* do it a different way are GREAT.
February 18, 2025 at 7:01 PM
Code comments that explain why you did it that way are good.
Code comments that explain why you *didn't* do it a different way are GREAT.
Code comments that explain why you *didn't* do it a different way are GREAT.
Reposted by Vincent Lu
Software engineers of the world, I beg you.
Stop disabling copy and paste in password fields.
Sincerely,
Someone with non-human memorable 20+ character passwords generated by a password manager.
Stop disabling copy and paste in password fields.
Sincerely,
Someone with non-human memorable 20+ character passwords generated by a password manager.
January 9, 2025 at 12:47 AM
Software engineers of the world, I beg you.
Stop disabling copy and paste in password fields.
Sincerely,
Someone with non-human memorable 20+ character passwords generated by a password manager.
Stop disabling copy and paste in password fields.
Sincerely,
Someone with non-human memorable 20+ character passwords generated by a password manager.
Reposted by Vincent Lu
I ran into an obnoxious engagement hack today: a spammer used a subject line that was engineered to be a likely subject line in my e-mail history, thereby spoofing Apple Mail into threading it together with a discussion with a trusted colleague. It took me a second to realize what had happened.
January 6, 2025 at 9:06 PM
I ran into an obnoxious engagement hack today: a spammer used a subject line that was engineered to be a likely subject line in my e-mail history, thereby spoofing Apple Mail into threading it together with a discussion with a trusted colleague. It took me a second to realize what had happened.
Reposted by Vincent Lu
I love this explanation.
The difference between misinformation and disinformation:
• MISinformation = MIStake
• DISinformation = DIShonest
Misinformation is incorrect or misleading information.
Disinformation is intentionally dishonest and meant to spread falsehoods to mislead, confuse, and hurt others.
• MISinformation = MIStake
• DISinformation = DIShonest
Misinformation is incorrect or misleading information.
Disinformation is intentionally dishonest and meant to spread falsehoods to mislead, confuse, and hurt others.
December 28, 2024 at 1:48 PM
I love this explanation.