uv run --python 3.12 --with pandas python

A virtual teacher who reveals to you the great secrets of Base64

Download the 2024 Environmental Report. This report charts our progress and methodology, and shares knowledge and insights for others.

The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center.

A scourge.

Rhode Island said it’s being extorted after hack of Deloitte-run benefits system.

To date, 20 states have passed data privacy laws in the U.S. Other states have also introduced bills to keep up with the data privacy race.

CCPA (California Consumer Privacy Act) went into effect more than five years ago. I was in grad school when this legislation was signed into law. I distinctly remember being hopeful that it would be a good model that could be adopted at the federal level. Fast forward to 2025 and I am not actually surprised that this remains at the state level and has that classic patchwork approach vibe.

AI could make our human interactions blander, more biased, or ruder.

A good, quick, interesting read.

They don’t allow outside contributions.

All of the facts are interesting but the one above was especially of interest to me. 🦖 Fossil (a kinda fun VCS) is based on SQLite.

goblin.tools is a collection of small, simple, single-task tools, mostly designed to help neurodivergent people with tasks they find overwhelming or difficult.

😂 Ask me how I know about this!

That single GraphQL issue that you keep missing

This is one of the posts that inspired me to start this site. I'm a fan of Simon's and his description of link blogging resonated with me.

Subscription websites now like to use magic email links for login. They are extremely annoying.

Encoding and Decoding site. e.g. HTML Escape / URL Encoding / Base64 / MD5 / SHA-1 / CRC32 / and many other String, Number, DateTime, Color, Hash formats!

U.S. schools rely on information technology for many operations. But cybersecurity incidents, like ransomware attacks, could significantly affect...

The Indonesian National Data Center was hit by a significant ransomware attack with the ransomware identified as Brain Cipher, a new variant of LockBit 3.0.

Attribution of the December 2024 Rhode Island ransomware incident was linked to this group.

An Act providing for consumer data privacy, for duties of controllers and for duties of processors; and imposing penalties.

Pennsylvania Consumer Data Privacy Act

I have always been interested in how folks talk about sunsetting services.

"There are seldom technical solutions to behavioral problems."

• Ed Crowley

Just like any great idea Pitt students have, the school’s most beloved tradition of singing “Sweet Caroline” was born at Hemingway’s Cafe.

I have participated in this tradition without knowing the history of it!

Cloudflare recently shipped improved upload speeds across our network for clients using HTTP/2. This post describes our journey from troubleshooting an issue to fixing it and delivering faster upload speeds to the global Internet.

Magic links, those emailed one-time login links, are annoying and inconvenient for folks who use a password manager, but they radically accept some fundamental truths about signing in for everyone else. By layering passkeys on top of magic links, websites can provide a seamless authentication experience for all users.

One of the most potentially transformative shifts in mindset is becoming comfortable with the word “no.”

• View "no" as a redirection (and a continuation of the conversation).

Changing one's behavior is not easy. There are some simple, universal truths. This article does a good job of walking through many of them.

Doing the best you can – with the resources you have, with the circumstances you’re in and with the mind you’ve inherited – at that moment is all you can ever do anyway.

• The 3-4-50 Framework suggesting that three behaviors contribute to 4 conditions that cause ~50 percent of deaths.
  • 3️⃣ behaviors: tobacco use, poor diet, sedentary lifestyle
  • 4️⃣ conditions: cancer, cardiovascular disease, chronic lower respiratory disease, diabetes
• The article references the six phases of change in the transtheoretical model of behavior change.
• The importance and impact of self-forgiveness and self-compassion are mentioned and supported in this article.

LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113 - SafeBreach-Labs/CVE-2024-49113

This bulletin was prepared by the Bureau of Justice Statistics of the U.S. Department of Justice.

In the business world, they say that culture eats strategy for breakfast—meaning that the people implementing the strategy, and the skills, attitudes, and assumptions they bring to it, will make more difference than even the most brilliant plan. In government, culture eats policy.

This article is also a story about the importance of domain knowledge and why it's difficult (and risky) to push back against the norms, especially when it's the right thing to do. As I say: the process is not the point.

Automated decision-making systems contain hidden discriminatory prejudices. We’ll explain the causes, possible consequences, and the reasons why existing laws do not provide sufficient protection against algorithmic discrimination.

While this an interesting idea, note the source.

✨ Build AI interfaces that spark joy.

At best, making oncall the exclusive responsibility of an elite SRE class increases our tolerance for complexity.

See Simplicity.

Oncall is a form of toil – it needs to be done but it doesn’t leave our systems in a better state.

Stakeholders see high-profile incident response/oncall happening, and don’t demand clarity on what other work the group is undertaking.

To go further – incident command and management is a specific set of skills that you can definitely be good at, and where the business really, really needs a consistent and competent response, every time. At Twilio, we have a specific team that manages all incidents, follow-up actions, and operational insights around incidents company-wide. We’ve found that making sure that the data and insights around incidents and their followup flows back into the business is a full-time job. Relying on a rotation of variably interested volunteers to ensure this happens will get you mixed results.

It will be useful to have Chapter 11 (Being On-Call) from Google's SRE book available (it's one in a series).