RSS Advisory Board announcements, the current specification and Really Simple Syndication news.

There are a number of cool RSS-related tools and resources on this page, which serves as the home of the RSS Advisory Board.

Fetch all the URLs that the Wayback Machine knows about for a domain - tomnomnom/waybackurls

Domainr is the only ICANN-accredited domain status API provider.

With direct, privileged access to domain registry data, the Domainr API instantly checks if a domain is available—with no false positives. In milliseconds, your customers will know if a domain is available, premium-priced, or for sale in any major aftermarket.

If you’re a security provider or manage a software supply chain, the Domainr API can help you monitor critical domains, alert you to any changes to their status, and uncover at-risk domains before they change hands.

A look back at the past year as the first Safety & Security Engineer for the Python Package Index.

Adding custom domains to your Bear blog

🐻 This includes info on using A or CNAME records for your Bear blog.

It's always DNS.

Add Nx to an Astro project

«Un libro necesario en tiempos de tecnofobia moralista e interesada. El espacio común de Internet, que nació generosamente libre, ha sido ocupado por unicornios monstruosos bajo la mirada cómplice del statu quo. Ha llegado el momento de recuperar lo que es de todxs. Alguien tenía que decirlo». —Simona Levi

/Applications/Python\ 3.11/Install\ Certificates.command

alternately:

uv  pip install --system --upgrade certifi

Killed by Google is the Google Graveyard. A full list of dead products killed by Google in the Google Cemetery.

🔗 See the source.

Ransomware is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access. Attackers may also steal an organization’s information and demand an additional payment in return for not disclosing the information to authorities, competitors, or the public. This Cybersecurity Framework (CSF) 2.0 Community Profile identifies the security objectives from the NIST CSF 2.0 that support governing management of, identifying, protecting against, detecting, responding to, and recovering from ransomware events. The Profile can be used as a guide to managing the risk of ransomware events. That includes helping to gauge an organization’s level of readiness to counter ransomware threats and to deal with the potential consequences of events. This Profile can be leveraged in developing a ransomware countermeasure playbook.

The public comment period on this draft is open.

A virtual teacher who reveals to you the great secrets of Base64

Encoding and Decoding site. e.g. HTML Escape / URL Encoding / Base64 / MD5 / SHA-1 / CRC32 / and many other String, Number, DateTime, Color, Hash formats!

Download the 2024 Environmental Report. This report charts our progress and methodology, and shares knowledge and insights for others.

LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113 - SafeBreach-Labs/CVE-2024-49113

This bulletin was prepared by the Bureau of Justice Statistics of the U.S. Department of Justice.

In the business world, they say that culture eats strategy for breakfast—meaning that the people implementing the strategy, and the skills, attitudes, and assumptions they bring to it, will make more difference than even the most brilliant plan. In government, culture eats policy.

This article is also a story about the importance of domain knowledge and why it's difficult (and risky) to push back against the norms, especially when it's the right thing to do. As I say: the process is not the point.

I have always been interested in how folks talk about sunsetting services.

"There are seldom technical solutions to behavioral problems."

• Ed Crowley

Just like any great idea Pitt students have, the school’s most beloved tradition of singing “Sweet Caroline” was born at Hemingway’s Cafe.

I have participated in this tradition without knowing the history of it!

Cloudflare recently shipped improved upload speeds across our network for clients using HTTP/2. This post describes our journey from troubleshooting an issue to fixing it and delivering faster upload speeds to the global Internet.

Magic links, those emailed one-time login links, are annoying and inconvenient for folks who use a password manager, but they radically accept some fundamental truths about signing in for everyone else. By layering passkeys on top of magic links, websites can provide a seamless authentication experience for all users.

Talkback is a smart infosec resource aggregator, designed to help security enthusiasts, practitioners and researchers be more productive.

An online tool which evaluates if a website will be archived correctly by web archives, such as the Internet Archive.

A personal list of great free software that I use in my daily life

Python Module for Tabular Datasets in XLS, CSV, JSON, YAML, &c. - jazzband/tablib

The ultimate favicon generator. Design your icons platform per platform and make them look great everywhere. Including in Google results pages.

Govee API to control LED light strips and bulbs with LaggAt/python-govee-api

Key principles using modern CSS, fluid type, fluid space, flexible layout and progressive enhancement will help you to build better front-ends that work for everyone.

A developer-friendly code rendering library for Python web applications

For over two decades the iPod was the portable music player, just as big as the Walkman was before it. In 2022 Apple announced that the iPod will be discontinued, this is a trip down memory lane of the most iconic iPods.

Installing software can become overwhelming, requiring hours of research and painstaking attention to detail. However, there’s a tool that can make this process not only easier, but also enjoyable. In this article, we will guide you through installing Ansible, a powerful automation tool.

Stronger proposals may also see private sector applying for a payment 'license'

uv run --python 3.12 --with pandas python

U.S. schools rely on information technology for many operations. But cybersecurity incidents, like ransomware attacks, could significantly affect...

The Indonesian National Data Center was hit by a significant ransomware attack with the ransomware identified as Brain Cipher, a new variant of LockBit 3.0.

Attribution of the December 2024 Rhode Island ransomware incident was linked to this group.

An Act providing for consumer data privacy, for duties of controllers and for duties of processors; and imposing penalties.

Pennsylvania Consumer Data Privacy Act

Automated decision-making systems contain hidden discriminatory prejudices. We’ll explain the causes, possible consequences, and the reasons why existing laws do not provide sufficient protection against algorithmic discrimination.

While this an interesting idea, note the source.

✨ Build AI interfaces that spark joy.

At best, making oncall the exclusive responsibility of an elite SRE class increases our tolerance for complexity.

See Simplicity.

Oncall is a form of toil – it needs to be done but it doesn’t leave our systems in a better state.

Stakeholders see high-profile incident response/oncall happening, and don’t demand clarity on what other work the group is undertaking.

To go further – incident command and management is a specific set of skills that you can definitely be good at, and where the business really, really needs a consistent and competent response, every time. At Twilio, we have a specific team that manages all incidents, follow-up actions, and operational insights around incidents company-wide. We’ve found that making sure that the data and insights around incidents and their followup flows back into the business is a full-time job. Relying on a rotation of variably interested volunteers to ensure this happens will get you mixed results.

It will be useful to have Chapter 11 (Being On-Call) from Google's SRE book available (it's one in a series).

DNS validation allows for certificate issuance requests to be verified using DNS records, rather than by serving content over HTTP. The acme-dns-certbot tool…

This project makes it easy to analyze the Python ecosystem by providing of all the code ever published to PyPI via git, parquet datasets with file metadata, and a set of tools to help analyze the data.

Thanks to the power of git the contents of PyPI takes up only 439.4 GB on disk, and thanks to tools like libcst every Python file can be analysed on a consumer-grade laptop in a few hours.

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal! - xnl-h4ck3r/waymore

Semantic Versioning spec and website

Don’t let your friends dump git logs into changelogs.

Preview, Edit, and Generate

OpenSSF Working Group on Securing Software Repositories - ossf/wg-securing-software-repos

i talk about how the idea of a humanity-saving tech revolution from the usual tech suspects is dead (for me).

MQTT Client Examples. Contribute to emqx/MQTT-Client-Examples development by creating an account on GitHub.

Store your data from all your accounts and devices in a single cohesive timeline on your own computer - timelinize/timelinize

Offboard your visitors the right way, say goodbye or thank them for their visit.

As we get closer to Debian Bookworm's release, I thought I'd share one change in Python 3.11 that will surely affect many people.

Python 3.11 implements the new PEP 668, Marking Python base environments as “externally managed”<sup id="fnref:kudos"><a class="footnote-ref" href="https://veronneau.org/python-311-pip-and-breaking-system-packages.html#fn:kudos">1</a></sup>.

Yes.

Jonathan Stark teaches solo consultants how to make more and work less without hiring

Changing one's behavior is not easy. There are some simple, universal truths. This article does a good job of walking through many of them.

Doing the best you can – with the resources you have, with the circumstances you’re in and with the mind you’ve inherited – at that moment is all you can ever do anyway.

• The 3-4-50 Framework suggesting that three behaviors contribute to 4 conditions that cause ~50 percent of deaths.
  • 3️⃣ behaviors: tobacco use, poor diet, sedentary lifestyle
  • 4️⃣ conditions: cancer, cardiovascular disease, chronic lower respiratory disease, diabetes
• The article references the six phases of change in the transtheoretical model of behavior change.
• The importance and impact of self-forgiveness and self-compassion are mentioned and supported in this article.

The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center.

A scourge.

Rhode Island said it’s being extorted after hack of Deloitte-run benefits system.

To date, 20 states have passed data privacy laws in the U.S. Other states have also introduced bills to keep up with the data privacy race.

CCPA (California Consumer Privacy Act) went into effect more than five years ago. I was in grad school when this legislation was signed into law. I distinctly remember being hopeful that it would be a good model that could be adopted at the federal level. Fast forward to 2025 and I am not actually surprised that this remains at the state level and has that classic patchwork approach vibe.

AI could make our human interactions blander, more biased, or ruder.

A good, quick, interesting read.

They don’t allow outside contributions.

All of the facts are interesting but the one above was especially of interest to me. 🦖 Fossil (a kinda fun VCS) is based on SQLite.

goblin.tools is a collection of small, simple, single-task tools, mostly designed to help neurodivergent people with tasks they find overwhelming or difficult.

😂 Ask me how I know about this!

That single GraphQL issue that you keep missing

This is one of the posts that inspired me to start this site. I'm a fan of Simon's and his description of link blogging resonated with me.

Subscription websites now like to use magic email links for login. They are extremely annoying.

One of the most potentially transformative shifts in mindset is becoming comfortable with the word “no.”

• View "no" as a redirection (and a continuation of the conversation).