I write screen savers and sell beer. Impresario of @dnalounge, the world's greatest nightclub. Also wrote your parents' web browser and stuff.
Ishkur's Guide to Electronic Music. ...has returned from the grave with v3.0. And it is glorious. https://jwz.org/b/yjQB
Electric is so much better of an overall experience, in so many ways, that you begin to wonder: why did we ever do it that way? https://blog.codinghorror.com/electric-geek-transportation-systems/
I will never cease to be amused by the many, many articles bemoaning the fat web which inevitably serve 3 gigabytes of ad network dependencies
Let me present my rebuttal in the form of an Apple][ floppy flux scan
JOIN TWITTER TODAY. https://jwz.org/b/yjP6
"But fonts aren’t scripts. They can’t be executed to do malicious things. So the deeper question is, what’s the motivation behind this?" 🤔 http://schock.net/articles/2013/07/03/hosting-web-fonts-on-a-cdn-youre-going-to-need-some-cors/
Womp womp https://googleprojectzero.blogspot.com/2015/07/one-font-vulnerability-to-rule-them-all.html
I mean *sort of*. But mostly it seems like a convenient cover story for basic font DRM.
It may be that the DRM lobby likes this result, but that doesn't change the fact that YES ABSOLUTELY fonts are scripts and should be subject to same-origin restrictions.
I disagree that they are "scripts" in any of the sense that JavaScript is, though. I agree that there can be weird low-level "oops C++ did it again" exploits, but that's also true of bitmaps and JPGs.
SVG is a better argument here, and yeah, SVG gets hella weird.
Dude OTF fonts are literally PostScript
I mean look at how specific this is: https://security.stackexchange.com/questions/91347/how-can-a-font-be-used-for-privilege-escalation "Typically, exploits that target TTF and OTF vulnerabilities target drivers" which is massively OS specific
I gather that "Outlines are drawn using a Turing Complete language to manipulate the graphics state" does not give you pause but I'm here to tell you that this is exactly why same-origin was invented.
He Typeth. subzey: https://jwz.org/b/yjP5
RT @qrs: Two flash clips, a flash emulator, a flash programmer, surface mount soldered test points, oscilloscope probes, cat5 crossover cab…
I love that ping(8) has flag: -a Audible ping. Except that both my screen(1) and macOS Terminal app had visual bell enabled, so to actually get the sound I had to disable two layers of noise prevention. And then audible ping wasn't even satisfying. Not a sonar ping.
If ever there was an argument for adding sound to xscreensaver it is this. https://www.youtube.com/watch?v=XEL8g3qbthE
I just got to introduce someone to DANGER: DIABOLIK! and so I feel my work here is done for the day
Just deleted all of my twits older than 6 months because twitter won't let you scroll back that far anyway, so there's no upside to them existing
“anything your favorite computer can do, the Amiga can do better. And faster. And in stereo.” https://www.filfre.net/2015/04/the-68000-wars-part-3-we-made-amiga-they-fucked-it-up/
I had forgotten that I used to own this for my Amiga
I had one too! What an enormous pain in the ass!
Cathode Ray Fairy. Of course, "O'Blivion" was not the name I was born with. That's my television name. Soon, all of us will have special names -- names designed to cause the cathode ray tube to resonate. This is the hero we deserve. Henrico County, Va.... https://jwz.org/b/yjP1
This is not helping my paranoia. Hence why I never charge my devices on makes USB adaptors. Always use the AC charger. https://twitter.com/zackwhittaker/status/1161011899401682946
We are all Harry Call tearing down the wallpaper
Cherry Glazerr. https://jwz.org/b/yjP0
Boyfriend. https://jwz.org/b/yjPz
Adversarial Fashion. 4th Amendment Crop Top: The patterns on the goods in this shop are designed to trigger Automated License Plate Readers, injecting junk data in to the systems used by the State and its contractors to monitor and track civilians and... https://jwz.org/b/yjPy
Nevar Forget https://jwz.org/b/yjEg
DNA Lounge update, wherein it's "Best Of" time again. https://jwz.org/b/yjPv
Inside The Hidden World Of Elevator Phreaking: "I can dial into an elevator phone, listen in on private conversations, reprogram the phone so that if someone hits it in an emergency it calls a number of my choosing," Caruana told me in our first... https://jwz.org/b/yjPu
