Profile avatar
v0max.bsky.social
Scientist. Dir. of Usable Security & Privacy at the International Computer Science Institute (icsi.berkeley.edu). Founder, AppCensus (appcensus.io). All opinions are those of his employer(s), and not his own. https://www.guanotronic.com/~serge/
647 posts 1,479 followers 831 following
Regular Contributor
Active Commenter
Posts 13 Comments 37

Movie you’ve seen more than six times, no Star Wars or Trek or LOTR

submitted 19 hours ago • 0 comments

Apropos of nothing, Aqualung was a great fucking album (not the song—the song is fine, but not the highlight—the rest of the album). That is all.

submitted 21 hours ago • 1 comment

Another flight, another credit card chargeback…

submitted 1 day ago • 0 comments

as a person who knows that banishing evil spirits by swearing at them is a common thing in multiple Slavic traditions, i am DELIGHTED by this tip

submitted 1 day ago • 11 comments

Really like this new feature where PreCheck/Global Entry now just silently expires without any sort of notification, so you only find out upon showing up at the airport.

submitted 1 day ago • 0 comments

PhD Timeline xkcd.com/3081

submitted 2 days ago • 600 comments

It's the year of our lord 2025 and more than half the websites I interact with are unable to handle forms being automatically filled via password managers.

submitted 3 days ago • 1 comment

I’m always confused by the phrase “half-assed”…is the goal to do something full-assed or no ass at all?

submitted 3 days ago • 1 comment

Well, well, well, the CT AG released a new report on the CT Data Privacy Act and look what it says about data minimization! Full report: portal.ct.gov/-/media/ag/p...

submitted 9 days ago • 0 comments

Does…does this mean I can hold off on doing annual reports??

submitted 9 days ago • 1 comment

What the fuck? legiscan.com/CA/text/SB69... A proposed amendment to the California Invasion of Privacy Act (CIPA), SB 690, would redefine wiretapping to specifically exempt non-consensual surveillance so long as there's a "commercial business purpose." This is nuts.

submitted 13 days ago • 2 comments

Can we please take a break from all the winning? Maybe just like for a week or two? I really have a lot of shit that I need to get done.

submitted 17 days ago • 0 comments

This is horrible, but there’s a possible mitigation: author it anonymously with a cryptographic hash with your name. You need a “salt”: prior to hashing concatenate the name with a string of random characters (you likely need >30 to make guessing attacks intractable). 1/2

submitted 28 days ago • 1 comment