(Also renamed this account as then it’s clearer in clients what’s happening, I think.)

Yeah, shame, would be nice to do it transparently. Mostly I kept forgetting to check Bluesky so figured if I could have everything in one place it would be nicer and aside from this bit it seems this should be possible.

I apparently don’t understand how Bluesky works, this account was @dgl.cx but I switched it to use @ap.brid.gy by changing the DNS records. However there doesn’t seem to be a Mastodon like way to migrate followers. So you might need to refollow this same handle @dgl.cx to get future updates.

You have a bash command line of "exec program ..." and you control "..." can you make it do something different? What if it is somewhat sanitised for shell metacharacters? If you can inject $[+] it will make bash error on that line and run the next. This is how dgl.cx/2025/10/bash... works.

Developers, the weakest link in the supply chain? BSides Canberra 2025 Supply chain security is a topic which has been raised in profile in recent years through events such as the xz backdoor. In the open source world trust matters a lot. While trust is mostly gained thr...

I'll be speaking at BSides Canberra: cfp.bsidescbr.com.au/bsides-canbe... -- this will cover my recent find of an RCE in Git (dgl.cx/2025/07/git-...) and how that and some other vulnerabilities could be used against developers.

New blog post: Ghostty 1.0.0 terminal security; dgl.cx/2024/12/ghos... (CVE-2024-56803)

That's some twisted spire.

Since Apple discontinued the iPhone mini. Because Apple define market segments…

Would be fun combined with the old style VT smooth scrolling… flak.tedunangst.com/post/termina...