Matthew Garrett

Way back in the day a friend had to move an Apple Xserve across London to get it racked, and because massively rich South Africans are stingy with money he couldn't expense a cab so took it on the underground and someone looked at him, looked at the Xserve, looked back at him and said "That's a fucking big iPod"

My job as a senior developer with a team of juniors is to figure out what to write, sketch a PoC as guidance, and then delegate the actual implementation to them. I'm going to look at that, explain misunderstandings or poor style choices, and guide them into implementing something that meets our standards.

I don't think LLMs can do my job yet. But I think we're getting shockingly close to them being able to do the other part. And I'm worried how we're going to get more senior developers.

I will be speaking at BSides SF in a couple of weeks! It is nominally about git but in reality of course it's going to involve SSH certificates because I have a brand to look after here: https://bsidessf2026.sched.com/event/2E1g3/practical-and-impractical-git-commit-signing-nulb

If I were ordered by a court to stop doing something on pain of potentially being sent to prison, I would simply not continue doing the thing

Hello! Because I clearly hate myself I have written about some of the tradeoffs involved in allowing non-free blobs of code to be updated at runtime and published it on the internet: https://www.codon.org.uk/~mjg59/blog/p/to-update-blobs-or-not-to-update-blobs/

I have two eeros (A and B) connected with a set of amazon.com/dp/B09XWD61JB, with eero A connected to my wired infrastructure. eero B believes it's connected to my wired infrastructure. This is all fine, except if the wireless bridge goes down B transitions to wireless backhaul, and when the bridge comes back up there's now a network loop and why after fixing that did I just have to ping every address on my network to get broadcasts working properly again

Every single ACPI vs Device Tree argument needs to start with the observation that I can boot a modern Linux kernel on an arbitrary x86 board from 1998 and it will probably suspend and resume correctly, and I can't do that with an arbitrary Arm board from 2026

It's a good thing that people running a non-profit dedicated to secure messaging are well-paid, actually

18 years of the Linux fork that refuses to load the microcode that mitigates a range of CPU vulnerabilities

https://faultlore.com/blah/c-isnt-a-language/ deserves a fucking record for managing to trigger people into being extremely upset while also demonstrating that they don't understand the actual point being made

Nice, can confirm that https://github.com/Foxboron/attezt works to allow the foss version of Smallstep to issue TPM-backed certificates. Now I just need a PKCS#11 module which uh hrm

Ugly thought: is the best way to verify that software projects aren't deliberately backdoored just to get everyone involved drunk enough that they'd admit it if they were