Posts by darrenpmeyer@infosec.exchange
(DIR) Post #AK6PehQuBlghpq71Iu by darrenpmeyer@infosec.exchange
2022-06-03T04:06:10Z
0 likes, 0 repeats
@nasser @alcinnz openID was almost a reasonable solution, except that the standards folks working on it desperately needed a UX expert to advise them.
(DIR) Post #AK76SliAkfQ1etkJlI by darrenpmeyer@infosec.exchange
2022-06-03T13:59:56Z
0 likes, 0 repeats
@matt @nasser @alcinnz it was absolutely a UX question. "Login with FB" let a user sign up or log in with a couple of clicks. People used that. People liked that. It leveraged something many people already used.OpenID had you typing in a URI after signing up with a provider that only did OpenID, and which people didn't know if they could trust. The UX sucked. No one wanted to jump through the setup hoops. It was badly designed. …
(DIR) Post #AK76SnIiqGFWaXr1N2 by darrenpmeyer@infosec.exchange
2022-06-03T13:59:56Z
0 likes, 0 repeats
@matt @nasser @alcinnz … Lots of places had OpenID *and* one of those at first. Basically, the "Login with <big company>" stuff won because it was a massively lower-friction solution, so users actually used it.
(DIR) Post #AK7F0qF7D4z3BvufmC by darrenpmeyer@infosec.exchange
2022-06-03T15:35:49Z
0 likes, 0 repeats
@matt @nasser @alcinnz actually what I said was that the standards folks clearly needed advice from UX designers; or in other words, it failed largely because it wasn't designed with any kind of consideration for UXNot sure how you got "it's designers' fault" from "clearly no one consulted a designer"
(DIR) Post #AK7FFyccL57tWS7gdU by darrenpmeyer@infosec.exchange
2022-06-03T15:38:32Z
0 likes, 0 repeats
@matt @nasser @alcinnz and we let it fail because we tried fixing the problems but the standards bodies were at a transition between technical folk who are bad at human factors and corporate influencers who have conflicts of interestOr more to the point: it failed because we were collectively obsessed with the "right" solution instead of understanding that a solution no one will use will help no one.
(DIR) Post #AK7VCYQor8K4gzzii0 by darrenpmeyer@infosec.exchange
2022-06-03T18:37:14Z
0 likes, 0 repeats
@matt it was badly designed. Because there wasn’t a UX designer involved. I think you’re reading a lot more into what I said than what’s actually there.
(DIR) Post #AKllDeAffK92s9B9pA by darrenpmeyer@infosec.exchange
2022-06-23T04:45:16Z
0 likes, 0 repeats
@drq @davidrevoy @alcinnz I'm convinced most drivers are proprietary so there's no smoking gun demonstrating their slapdash construction
(DIR) Post #AMzyP0RmRrr9BteOno by darrenpmeyer@infosec.exchange
2022-05-30T13:48:21Z
1 likes, 0 repeats
@crashglasshouses@kolektiva.social @rysiek important exceptions: if you have control over others' compensation, the org can prohibit you from discussing your ownthe org can prohibit you from discussing *other people's* compensation without their consentBut aside from those? YES, talk about compensation. Being quiet about it generally only benefits your employer
(DIR) Post #AP8dahz6WmPhGIDZxo by darrenpmeyer@infosec.exchange
2022-10-31T21:06:14Z
0 likes, 1 repeats
A fine #cortado (1:1 #espresso and foamed milk) from Little Joy today
(DIR) Post #APDQgDyKhO9cIsxNUO by darrenpmeyer@infosec.exchange
2022-11-02T21:40:15Z
0 likes, 1 repeats
Orgs: we can’t give useful error messages, people could use that to enumerate valid email addresses!Also orgs: all our addresses are first-initial and last name @ourcompany, and we encourage everyone to be on LinkedIn
(DIR) Post #APKtXVdEqEI0wupCD2 by darrenpmeyer@infosec.exchange
2022-11-06T18:59:37Z
1 likes, 0 repeats
Today’s #espresso posting: a simple #cappucino18.8g ⊢ 44g Roots Roasting Classic Espresso, 100mL 2% milk. I messed up the starting point while pouring the art, but it still came out ok, even if it’s kinda scrunched up against the edge of the cup
(DIR) Post #AQZxnc1VgOEoaqeeI4 by darrenpmeyer@infosec.exchange
2022-12-13T23:21:41Z
0 likes, 0 repeats
I have a friend who’s an awesome offensive sec person (app focus), and a good leader. I’ve worked with her and can vouch. Anyone hiring someone like that?
(DIR) Post #ASM6CkEryO2mgJWB3g by darrenpmeyer@infosec.exchange
2023-02-05T02:22:38Z
0 likes, 0 repeats
A couple of people, upon learning that I’m focused on software #supplychain security now, have responded with “you should do a talk!”I would love to, but I also don’t want to waste people’s time. So maybe you’ll help me out here: what topic or theme related to supply chain security / software comp analysis/ #SBOM would you love to hear a talk about?
(DIR) Post #ASRa88v6kYeiCEnPiS by darrenpmeyer@infosec.exchange
2023-02-07T18:02:19Z
0 likes, 0 repeats
Finally got around to a straight #espresso pull of the Hot Shot. 20g ⊢ 43g in 28s (need to dial that in a bit, but it still tasted ok: just a touch under-extracted)
(DIR) Post #AWasygfxhkdXw4Hqzo by darrenpmeyer@infosec.exchange
2023-06-11T20:23:53Z
0 likes, 1 repeats
Do I know anyone here that does Accessibility consulting for web apps (and maybe would consider for an IDE plugin too)? Independent or works for a company that does a good job. If so, please DM me rates/typical engagement costs —I’m trying to build out a sketch of a budget for this sort of thing
(DIR) Post #Abqq2yBHXC62YkCfho by darrenpmeyer@infosec.exchange
2023-11-15T02:03:49Z
0 likes, 0 repeats
How much do you want to bet that stuff like Copilot and other LLMs trained on copyrightable materials will be ruled entirely fair use on an argument like “if you train a human on code, and they write new code, that’s novel and not a violation of copyright; so if you train a computer, the same should apply?”I can see how judges would find that compelling and how difficult it would be to make a clear argument about how it’s different.
(DIR) Post #AcVick7uQsP7F8Wuwq by darrenpmeyer@infosec.exchange
2023-12-05T20:26:28Z
0 likes, 0 repeats
Possibly unpopular opinion: You’re not ready for 1.0 until you have a clear, simple update mechanism that aligns with how your users work. That means self-updating capabilities and/or deployment via package managers in most cases.
(DIR) Post #ArrxkX75TBcOQKJoBc by darrenpmeyer@infosec.exchange
2025-03-08T23:17:24Z
0 likes, 0 repeats
Margaret Hamilton is one of my personal heroes. One of the early programmers, coiner of the term “software engineering”, and lead for the Apollo guidance program software project that got humanity to the moon. Many of the core programming principles we use come from her teams. Never let anyone tell you programming isn’t for women! (And yes, sadly I still hear people say that from time to time)
(DIR) Post #AtZ20xYPv9X4znOy3c by darrenpmeyer@infosec.exchange
2025-04-28T22:03:21Z
0 likes, 1 repeats
I know I'm increasingly in the minority, but I can't stand learning most things from videos. If you must share information by making a video, please *please* also make it available to read.
(DIR) Post #AwjpeQZnL6msXbkdPM by darrenpmeyer@infosec.exchange
2025-08-01T13:41:12Z
0 likes, 0 repeats
@unixroot @alcinnz you can also use `!$` in whatever place you want the last argument to the previous command to be for the current command. So you could do ```vim a-file.txtmv !$ ~/```this will edit a-file.txt and then move it to your home directory. Bash/Zsh have other ! expansions for other arguments including `!!` for the entire last command. (`sudo !!` gets typed a lot…)