Following two previously-posted entries: …this is an index post with links to the day-by-day journal of my Kilimanjaro trip. I’ve split the posts up by day because the idea of summarizing the entire trip in a single post feels like an endeavor as overwhelming as the trek itself. Coda: I started publishing these posts onContinue reading “Kilimanjaro – Journal”
Author Archives: ericlaw
Kilimanjaro – Gear
This is the second post in my Kilimanjaro series. The index is here. When I was initially thinking about signing up for a trek up Kilimanjaro, I had two major areas to think about: my fitness, and all of the stuff I’d need for the trip. I knew that even if I didn’t ultimately takeContinue reading “Kilimanjaro – Gear”
Kilimanjaro – Overview
Writing about my Kilimanjaro trek will not be easy: How can I do justice in describing what was: … all at the same time? Nevertheless, I’ve been back for a few weeks now and I’m compelled to put fingers to keyboard before life keeps moving on and memories fade. First, Some Context At 19341 feet,Continue reading “Kilimanjaro – Overview”
Browser SSO / Automatic Signin
Last Update: 8 March 2024 Over the years, I’ve written a bunch about authentication in browsers, and today I aim to shed some light on another authentication feature that is not super-well understood: Browser SSO. Recently, a user expressed surprise that after using the browser’s “Clear browsing data” option to delete everything, when they revisitedContinue reading “Browser SSO / Automatic Signin”
Improving the Microsoft Defender Browser Protection Extension
Earlier this year, I wrote about various extensions available to bolster your browser’s defenses against malicious sites. Today, let’s look at another such extension: the Microsoft Defender Browser Protection extension. I first helped out with extension back in 2018 when I was an engineer on the Chrome Security team, and this spring, I was taskedContinue reading “Improving the Microsoft Defender Browser Protection Extension”
How do Random Credentials Mysteriously Appear?
One commonly-reported issue to browsers’ security teams sounds like: “Some random person’s passwords started appearing in my browser password manager?!? This must be a security bug of some sort!” This issue has been reported dozens of times, and it’s a reflection of a perhaps-surprising behavior of browser login and sync. So, what’s happening? Background EvenContinue reading “How do Random Credentials Mysteriously Appear?”
Detecting When the User is Offline
Can you hear me now? In the web platform, simple tasks are often anything but. Properly detecting whether the user is online/offline has been one of the “Surprisingly hard problems in computing” since, well, forever. Web developers often ask one question (“Is this browser online?”) but when you dig into it, they’re really trying toContinue reading “Detecting When the User is Offline”
New TLDs: Not Bad, Actually
The Top Level Domain (TLD) is the final label in a fully-qualified domain name: The most common TLD you’ll see is com, but you may be surprised to learn that there are 1479 registered TLDs today. This list can be subdivided into categories: Some TLD owners will rent domain names under the TLD to anyContinue reading “New TLDs: Not Bad, Actually”
A Beautiful 10K
This morning was my second visit to the Austin Capitol 10K race. Last year’s run represented my first real race, then two months into my new fitness regime, and I only met my third goal (“Finish without getting hurt“) while missing the first two (“Run the whole way“, and “Finish in 56 minutes“). Last year,Continue reading “A Beautiful 10K”
(The Futility of) Keeping Secrets from Yourself
Many interesting problems in software design boil down to “I need my client application to know a secret, but I don’t want the user of that application (or malware) to be able to learn that secret.“ Some examples include: …and likely others. In general, if your design relies on having a client protect a secretContinue reading “(The Futility of) Keeping Secrets from Yourself”
text/plain 