A bunch of scrappy notes from 2025-12-01 to 2025-12-19, posted on
Oh, December. The Seasonal Affective Disorder kicks into it's fullest of swings, things get colder and darker and greyer... But hey, I get to keep the fireplace on. Ahh, cozy!
what are the haps?
Hey! I haven't kept on top of the indieweb+infosec goings on as much as I like to this month, hence the delay in posting Scraps #12. As we reach the end of the calendar year in my part of the world, (most) people at work tend to... slow down a little. Which is good for me, because it means fewer distractions in the workplace, so I end up being more productive. The pattern held true again this year! However due to that productivity, I did uncover several... let's call them "issues"... which required much attention.
First off, identifying and fixing several (minor!) data breaches at work is always fun (despite being frustrating that they exist in the first place) and an opportunity to both learn something new as well as prevent future damage by applying lessons elsewhere.
Secondly, I identified a disgustingly simple but very severe breach in a third party platform... a platform whose sole purpose is to securely record data breaches! Eek. Thankfully the company was very receptive to my report, and rolled a fix out after about an hour. Pretty good for a fairly niche product!
Thirdly, and most importantly for me, the 'merger' of the organisation I work with into another org is still planned for next year. I've referenced it here and there but haven't written anything up about it as yet, so here's a stream of consciousness about it! There's a good chance I'll lose my job through this merger, however the work to get from merging to merged will be pretty intense. I'm not one to be sour about this - in fact, I think the merger is a good thing. I am looking forward to this work, because it'll be super interesting. And hard, I'm sure, but as someone who takes pride in their work I aim to make this a very smooth technological transition regardless of if I am dropped at the end of it. I want to point at this event as say "I made that slick." Maybe even use the new Org management for a reference or two if I do need to find another job.
The financial anxiety surrounding this uncertainty sure is kicking my butt though. I am preparing for the worst. We run pretty frugal at home anyway, but I'm already starting to put feelers out for roles elsewhere (not a great job market right now though!) and I am also considering other ways to generate a little side income to take the edge off a little. Something I've never really done before. I am considering having a ko-fi and/or LiberaPay link on this site on a /support page or something, but I haven't done that as yet purely because I really don't want to be holding my hat out to the crowd, as it were. But I might. We'll see.
The best way for me to deal with this anxiety is, according to my brain, stare at my budget spreadsheet for ages. This doesn't often work though, so instead I've been reading some cool stuff on the internet when I've had a bit of time to catch up! Here's some of that cool stuff:
- Lyra has a new take on clickjacking with a very interesting svg technique
- Robert writes about discovering the indieweb in a calmer way
- If you want to learn both the intricacies of HTML/CSS as well as how forgiving it can be, there's no better method than reading a bunch of website source. This is exactly what Alex has done. Back in May, she wrote about what she learned building an archive of over 2000 pages
- Icons are in menus everywhere now - Jim has posted about this trend and I am in agreement! It's something I had (perhaps subconciously) noticed. This post brought it straight into my awareness and now I can't help but sigh every time I see yet another menu stacked with icons
- And speaking of things you don't know you know (or don't conciously acknowledge you know...) did you know that Google Maps algorithmically shows you restaraunts? I mena, yes. Probably, you did. This is obvious if you think about it - of course it does, same as everything else Google fires into your eyeballs! But honestly... I hadn't considered it when using Maps. What impact does that have? What does, say... the london food map look like de-Googled? Lauren did the heavy lifting and figured it out. The result? Way better results, if you're looking for more fair results looking for a restaraunt in London anyway!
- The legendary Soatok has built out a reference implementation for the public key directory server:
This software implements the Key Transparency specification I've been working on since last year, and is an important stepping stone towards secure end-to-end encryption for the Fediverse
- Being a solo self-hosted-platform-maintainer-plus-developer isn't easy, as Kayla wrote about following an outage. Love the openness of this writeup, and it's interesting to see some of the problems solo folk face given the resource limitations (time, energy, money) plus the restrictions on their environment (solar powered server in a closet) (note: despite what the website says, this is a thing used by one person, it's not a company with paying customers)
- Jyn is just havin' fun and findin' out
- Our personal sites can be abused in interesting ways to generate profits for malicious folk. Ibrahim experienced this recently with their search page!
- Taggart has taken the idea of webrings and wants to evolve it to the next step by adding reasonable trust. The concept is called Ringspace, and it's a mighty interesting idea!
- A new (old) web browser to test your websites on - A load of Sega Genesis DLC (yep) have been recovered, including a web browser (yep again!) called the Sega Channel Genesis Web Blaster
- Jake got hit with a crypto miner thanks to the recent next.js exploit, except they weren't running next.js! ...or were they...? Be aware of the dependencies used by the stuff you run, folks!
Bonus
I have a long list of stuff to consume - videogames, books, tv shows, movies, blog posts, web serials... the list goes on. One list I fail to maintain anywhere sensible and instead keep in my brainspace (that eroded, pitted, leaking mass of nuerons that somehow keep me conscious) is a list of Tools I Wanna Try Out. Some I remember, most I forget. Maybe I should start putting them here?
- I love kanban, it changed the way I manage my work and I will wax lyrical about it to anyone who can't get away fast enough - Kanban MD is a neat little application that builds a kanban board from a simple markdown file. Looks super slick!