After spending the past several days working on my NSF GRFP application, seeing this screen is worth all the candy in the world.

I'm giving a talk on this at WOOT '18 on Tuesday. Spoiler: in the process of making a demo video yesterday, I ended up doubling the attack's bandwidth from what's quoted in the paper, from 3,000 URLs/sec to 6,000 😅

Wheeeee. I'm super happy to see that people are not only reading the paper but also making sense of our explanations!

@spinda Even better: this gives you control without breaking existing apps (like web games) that depend on being able to do this. Unlike Chrome, which just disabled it completely and broke web games all over the place and basically said tough cookies.

Firefox Nightly now asks for permission before autoplaying media with sound. Awesome.

Apparently I'm going to Black Hat this year, too!

Our paper—my first—was accepted to USENIX WOOT (Workshop On Offensive Technologies) 2018. 4 out of 4 reviewers approved! So I'll be giving a talk in Baltimore in August, and then the paper will be published in their proceedings.

Oh, yeah, I graduated. Woo! My undergrad education ended in June... and grad school begins in September. I'll be doing my PhD, again at UCSD.

Technically I still have one more required (major) course to complete to graduate on time with my bachelor's in CS. I have no reason to believe I'll fail it, but if I did, it'd throw off all my current plans for the future. The mere possibility of this happening is generating an unreasonable amount of anxiety.

(Maybe one day we'll all learn our lesson and migrate to something like Fossil, with its integrated, decentralized, version controlled issue tracking and wikis integrated into the repository itself. But network effects seem to be against that.)

Now that Microsoft's bought out GitHub, I plan on migrating my active projects over to when I get the chance. I actually registered one of the earliest account over there ( way back in 2012.

Looking forward to when they eventually get federation support ( Gogs and Gitea are investigating this too. Cool to see they're all talking about doing it with ActivityStreams.

I don't think I own a computing device that I don't have root on—even my watch. Quite pleased with that.

Submitted a research paper to a conference. Today, technically. We had a 5am deadline which we made, and then slept.

On browser security, or lack thereof. I have a CVE under my belt now (CVE-2018-6137). I guess this makes me an official, uh, security person. Woot.

My first Firefox Addon: rewrites requests to the mobile Wikipedia website to the standard desktop one:

It's 100% functional on both desktop and android versions of Firefox (the latter being my main motivation). Writing web extensions is awesomely easy.

Hard-reset/pruned my various profiles toward something I can feel I've got a grip on, including wiping Mastodon. Something I've been wanting to do for a while and was reminded of today by a friend's comment.

Tiny Tilde Website

ttw is the unofficial Mastodon instance of We're only smol, but we're friendly. Please don't be a dick.