I'm giving a talk on this at WOOT '18 on Tuesday. Spoiler: in the process of making a demo video yesterday, I ended up doubling the attack's bandwidth from what's quoted in the paper, from 3,000 URLs/sec to 6,000 😅
Wheeeee. I'm super happy to see that people are not only reading the paper but also making sense of our explanations! https://twitter.com/ManishEarth/status/1028697331552534529
Firefox Nightly now asks for permission before autoplaying media with sound. Awesome.
Apparently I'm going to Black Hat this year, too!
Our paper—my first—was accepted to USENIX WOOT (Workshop On Offensive Technologies) 2018. 4 out of 4 reviewers approved! So I'll be giving a talk in Baltimore in August, and then the paper will be published in their proceedings.
Oh, yeah, I graduated. Woo! My undergrad education ended in June... and grad school begins in September. I'll be doing my PhD, again at UCSD.
Day 15: four short stories, the knife, the port, the prison, and the boy
Technically I still have one more required (major) course to complete to graduate on time with my bachelor's in CS. I have no reason to believe I'll fail it, but if I did, it'd throw off all my current plans for the future. The mere possibility of this happening is generating an unreasonable amount of anxiety.
(Maybe one day we'll all learn our lesson and migrate to something like Fossil, with its integrated, decentralized, version controlled issue tracking and wikis integrated into the repository itself. But network effects seem to be against that.)
Now that Microsoft's bought out GitHub, I plan on migrating my active projects over to GitLab.com when I get the chance. I actually registered one of the earliest account over there (https://gitlab.com/michael) way back in 2012.
Looking forward to when they eventually get federation support (https://gitlab.com/gitlab-org/gitlab-ee/issues/4517). Gogs and Gitea are investigating this too. Cool to see they're all talking about doing it with ActivityStreams.
I don't think I own a computing device that I don't have root on—even my watch. Quite pleased with that.
Submitted a research paper to a conference. Today, technically. We had a 5am deadline which we made, and then slept.
On browser security, or lack thereof. I have a CVE under my belt now (CVE-2018-6137). I guess this makes me an official, uh, security person. Woot.
Introducing CoverMe: find the most called MediaWiki code lacking test coverage: https://blog.legoktm.com/2018/05/29/introducing-coverme-find-the-most-called-mediawiki-code-lacking-test-coverage.html
The tool itself: https://tools.wmflabs.org/coverme/ :)
My first Firefox Addon: rewrites requests to the mobile Wikipedia website to the standard desktop one: https://addons.mozilla.org/en-US/firefox/addon/skip-mobile-wikipedia/
It's 100% functional on both desktop and android versions of Firefox (the latter being my main motivation). Writing web extensions is awesomely easy.
https://en.wikipedia.org/wiki/Meltdown_(security_bug) time to start writing... #meltdown
Hard-reset/pruned my various profiles toward something I can feel I've got a grip on, including wiping Mastodon. Something I've been wanting to do for a while and was reminded of today by a friend's comment.