devever.net/~hl
[Computing] The Bootstrapping Exam: Escaping from “Trusting Trust”
[Hμblog] 37C3 talk recording: Adventures in Reverse Engineering Broadcom NIC Firmware
[Hμblog] Libreboot 10-year anniversary
[Computing] I'll be speaking at 37C3 (and have some spare tickets)
[Hμblog] Towards Greater Accountability: A Proposal for CA Issuance Decision Logs
[Hμblog] Stop deploying web application firewalls
[Computing] Expect-CT Lite: A humble proposal for minimal CT enforcement in TLS certificates
[Computing] Mitigating the Hetzner/Linode XMPP.ru MitM interception incident, part 2: XMPP-specific mitigations
[Computing] Mitigating the Hetzner/Linode XMPP.ru MitM interception incident
[Hμblog] Make the web great again
[Computing] Why even let users set their own passwords?
[Computing] The problem with federated web apps
[Hμblog] I don't trust Signal
[Computing] Web-based cryptography is always snake oil
[Computing] Writing a KVM hypervisor VMM in Python
[Computing] Modern CPUs have a backstage cast
[Hμblog] Thoughts on Apache, .htaccess and the hackish state
[Hμblog] That people produce HTML with string templates is telling us something
[Computing] Patterns in register map design
[Computing] Binary formats and protocols: LTV is better than TLV
[Computing] Memoirs from the old web: IE's crazy content rating system
[Computing] Client certificates aren't universally more secure
[Computing] Memoirs from the old web: The KEYGEN element
[The World] Heterogenous v. homogenous manufacturing
[Computing] On numbering hegemonies and namespace monopolies
[Hμblog] Chicken Scheme's internal data representation
[Computing] Memoirs from the old web: server-side image maps
[Computing] The inscrutable nature of UK rail ticketing
[Computing] Against risk-based authentication (or, why I wouldn't trust Google Cloud)
[Computing] Netheads vs. bellheads redux: the strange victory of SIP over the telephone network
[Computing] Producing HTML using string templates has always been the wrong solution
[Computing] Memoirs from the old web: The GateKeeper access control system
[Hμblog] Pushup, a framework for mildly dynamic websites
[Computing] Let's Encrypt now supports ACME-CAA: closing the DV loophole
[Computing] The Talos II, Blackbird POWER9 systems support tagged memory
[Computing] Computers are an inherently oppressive technology
[Hμblog] Webrings
[Computing] The Demise of the Mildly Dynamic Website
[Computing] Website redesign and editorial changes
[Hμblog] mynoise.net (noise generator)
[Hμblog] Dialog (language)
[Hμblog] Inform 7 is now open source
[The World] Requiem for Strawberry
[Computing] How the K-line got its name: history of IRC daemon configuration
[Computing] Freenode commits suicide, is no longer a serious IRC network
[Computing] I have now been banned from Freenode
[Computing] Why the GDPR is a threat to a free internet and should be ignored by those outside the EU
[Computing] A thought experiment: High-Availability IRC
[Computing] Freenode IRC operators perform mass seizure of channels for mentioning Liberachat
[Computing] Freenode IRC operators now engaging in routine abuses of power
[Computing] Having a bank account without having a phone number
[Computing] Live feed of the HN Top 30 as an IRC Channel
[Computing] Patterns in application-layer protocol design
[Computing] A taxonomy of I/O architectures
[Computing] Attributes of configuration languages
[Computing] How secure boot and trusted boot can be owner-controlled
[Computing] In the future, even your RAM will have firmware; and the subject of POWER10 blobs
[Computing] Modifying and running a binary by recompiling a reverse engineered disassembly
[Computing] The different kinds of authentication protocols
[Computing] Serial Attached SCSI (SAS) is a circuit switched computer network
[Computing] USB Mass Storage and USB-Attached SCSI... are both SCSI
[Computing] A brief introduction to SCSI
[Computing] Myths about USB NKRO and how USB HID works
[Fiction] Kolmogorov's AI
[Computing] Mis-fitted USB ports, an epidemic
[Computing] Total Advertising Denial
[Computing] XML is almost always misused
[Computing] The evolution of the web, and a eulogy for XHTML2
[Computing] Cloudflare considered harmful
[The World] Lifeforms
[Computing] The PowerPC AS Tagged Memory Extensions
[Computing] On the opening of the Power ISA, and the chilling effects of proprietary ISAs
[Computing] The i.MX8 cannot be deblobbed
[Computing] Rethinking the filesystem as global mutable state, the root of all evil
[Computing] Rethinking files
[Computing] Extended Validation certificates have always been useless
[Computing] Adventures in reverse engineering Broadcom NIC firmware
[Computing] Running Baldur's Gate 2 in windowed mode at high resolutions
[Computing] Grow-up and grow-down technologies
[Computing] Why Intel will never let owners control the ME
[Computing] Legal Analysis of the “Admiral” Anti-Adblocker DMCA Incident
[Computing] Phone numbers must die
[Computing] Rackmount Improv HSM
[Computing] Let's Encrypt for IRC Networks: A Deployment Guide
[Computing] The Cultural Defeat of Microsoft
[Computing] Microsoft has stopped making Windows
[Computing] Why I will never use Windows 8 or Windows 10
[Computing] Psychological effects of coding style
[Computing] Death to the Win32 console subsystem
[Computing] Why I don't like smartphones
[Computing] The Normativity Manifesto
[Computing] Zero-G Programming
[Computing] The Bourne Ambiguity
[Computing] Nexuses Redux: Nativity
[Computing] Embedding of binary data into programs
[Computing] There are no secure smartphones.
[Computing] TLS and the Policy MitM Armageddon
[Computing] Why the AGPL is often unenforceable
[Computing] Linux's GPLv2 licence is routinely violated
[Computing] Why I don't like smartcards, HSMs, YubiKeys, etc.
[Computing] The Straight Line Principle
[Computing] On Nexuses
[Computing] On Normativity in Configuration Management
[Computing] Insyde BIOS Issues
[Computing] Coroutines in C
[Computing] A usable Linux desktop
[Computing] Notes on building lexers