Aaron Parecki

Barrett Shepherd 📦🚀 https://twitter.com/BarrettShepherd • Mar 4
I use DoorDash too often probably and feel like I can spot a cloud kitchen from the name/image. I’ve never had a solid experience from a cloud kitchen. Glad they’re adding an indicator!

I'm not a big customer of food delivery apps but I did order a burrito this week on DoorDash from a place that I assumed was a ghost kitchen by the name, but it turns out it was a food truck!

Portland, Oregon • 40°F

1 like

Fri, Mar 3, 2023 8:50pm -08:00
Brandon Trebitowski https://brandontreb.com • Mar 3
True, but it would be tricky.

Wouldn’t the attacker have find a way to extract the code_verifier from local storage and pass it along with the hijacked redirect?

They would have to somehow have the ability to write custom js code on the path they are redirecting to. I guess this is possible on sites that don’t sanitize user inputs.

I was thinking the attacker makes up their *own* `code_verifier` and injects that into the first open redirect

Portland, Oregon • 42°F

1 reply

Thu, Mar 2, 2023 4:16pm -08:00
Brandon Trebitowski https://brandontreb.com • Mar 2
Could using PKCE fix this issue?

Yep! This is exactly the kind of thing PKCE prevents! With PKCE, even if the open redirect were in place, the attacker wouldn't have been able to do anything with the stolen authorization code.

Although now I'm thinking this through and if the open redirects are really open enough, you could probably still pull something off even while using PKCE.

Portland, Oregon • 42°F

1 reply

Thu, Mar 2, 2023 4:03pm -08:00
Charlotte Brandhorst-Satzkorn https://inuh.net/@catzkorn • Mar 2
Ever wanted to use your own choice of OIDC IdP with @tailscale? I'm looking for private alpha testers - new and existing users welcome. DM me!

I would love to check this out actually, I'm working on some documentation to help companies like Tailscale adopt features exactly like this!

I don't have a way to DM you on mastodon but you can email me! https://aaronparecki.com/contact/

Portland, Oregon • 39°F

Thu, Mar 2, 2023 9:40am -08:00
Vittorio https://twitter.com/vibronet • Mar 1
Finally took pics of the @Delta Parallel Reality experience. TL;DR, you scan your BP and a smart billboard uses face recognition to present your information just to you, using a parallactic display to ensure your text can only be seen from your position.
Big Delta fan, Diamond… https://twitter.com/i/web/status/1631049565699813377

Oh but they already have multifactor auth in their login page!

Username, password, and that "last name" box that pops up right before you're about to click log in, which also breaks password managers 😇🤦‍♂️

Portland, Oregon • 42°F

6 likes

Wed, Mar 1, 2023 6:01pm -08:00
alexlindsay https://twitter.com/alexlindsay • Feb 28
I think Apple Keychain

Can't go wrong with that. Also 1Password.

Portland, Oregon • 38°F

2 likes 2 replies

Mon, Feb 27, 2023 8:31pm -08:00
Jake Sloan https://twitter.com/jakesloaninak • Feb 27
I’m starting to get convinced that doing any comparison video between brands will get you called a shill no matter what lol. Nothing gets people riled up like comparing their favorite against something else 😂😂

But hey at least it gets the views!

Portland, Oregon • 40°F

1 like 1 reply

Mon, Feb 27, 2023 5:20pm -08:00
Joel Auterson https://otter.garden/@joel • Feb 27
A bit confused as to how it interacts with #fediverse - rival paradigms? Interoperable? Just totally different things? #indieweb

I don't know what you'd call it, but I built ActivityPub support directly into my website so I can exist on the Fediverse from my own site.

Portland, Oregon • 39°F

1 like

Mon, Feb 27, 2023 11:07am -08:00
Thomas Cantrell https://twitter.com/thomas_cantrell • Feb 25
So basically you usually need a news helicopter?

Yeah the pilot license for a helicopter is a totally separate thing from the "remote pilot license" you get for a drone

Portland, Oregon • 21°F

Sat, Feb 25, 2023 5:54am -08:00
jack the nonabrasive https://mastodon.social/@karabaic • Feb 25
@aaronpk Video has a credit for a Tom Baker of Lake Oswego

He apparently doesn't have a Twitter or Mastodon account that I can find

Portland, Oregon • 27°F

1 like 1 reply

Fri, Feb 24, 2023 9:49pm -08:00
Aaron Parecki https://aaronparecki.com/ • Feb 24
Whoever saw these trucks and was like "hey, the FAA rule that prohibits flying drones over people doesn't apply to people inside stationary vehicles" and then flew a drone down the highway deserves a raise https://twitter.com/kgwnews/status/1629221057558376448

"the remote pilot must take steps using a safety risk-based approach to ensure that:

1. the small unmanned aircraft does not operate over non-participants who are not under a covered structure or in a stationary covered vehicle;"

https://www.faa.gov/uas/commercial_operators/operations_over_people

Portland, Oregon • 27°F

2 likes 1 repost 3 replies

Fri, Feb 24, 2023 9:33pm -08:00
Alex Blondeau https://twitter.com/alex_blondeau • Feb 23
@aaronpk, Am I asking for the impossible in wanting a camera to stream macro shots of different bee species in an exposed outdoor environment?

I was thinking GoPro Hero 10, then I saw your video. Also, not sure those are designed to be totally exposed for long periods...

oh yeah, I don't think you'll have a good time with a GoPro for that. You might have to look into a full mirrorless camera or a tiny bullet camera in a waterproof enclosure. I don't think there's anything off the shelf for this.

Portland, Oregon • 34°F

1 like 1 reply

Fri, Feb 24, 2023 4:31pm -08:00
PhotoJoseph https://twitter.com/photojoseph • Feb 23
Why do I have so many of these things? And a bigger question… how many do I actually need??

These things accumulate in my drawer too, but I always seem to need one that's just a little bit sturdier.

Portland, Oregon • 32°F

6 likes 1 reply

Wed, Feb 22, 2023 4:49pm -08:00
Blackmagic Design https://twitter.com/Blackmagic_News • Feb 22
Please join us to learn about what’s new with ATEM Switchers and Cameras. Live stream starts at Los Angeles 10 AM PST, New York 1 PM EST, London 6 PM GMT on Thursday the 23rd of February, and Singapore 2 AM SGT, Tokyo 3 AM JST, Sydney 5 AM AEDT on Friday the 24th of February.

👀 I'm listening ...

Portland, Oregon • 39°F

16 likes 2 replies

Tue, Feb 21, 2023 7:54pm -08:00
Vittorio https://twitter.com/vibronet • Feb 18
V1 of a little montage of @snappixy orbits I took in interesting places in the last few months.
To preserve your innocence, no swimwear shot was included in the collection 😛

@aaronpk I need your videographer expertise to learn how to align shots in post prod!

This is fantastic! 👏 no notes 💯

Portland, Oregon • 46°F

2 likes

Sat, Feb 18, 2023 1:47pm -08:00
Scott Stewart https://twitter.com/scott_stewart • Feb 18
I had the same initial “I can’t believe they are going to charge to be secure” knee jerk reaction as most of Twitter is having, but once you stop to think about what they are doing it’s ironically a better precedent to start pushing!

Exactly haha! SMS costs money to send those codes, and is less secure, so let's push people away from it!

Portland, Oregon • 40°F

2 likes

Sat, Feb 18, 2023 6:33am -08:00
DeLaVanta Tabor 🎚 Audio Engineer https://twitter.com/delmixedit • Feb 17
Got the #pk1stand from @aaronpk_tv put together and looking good. Definitely looks a lot cooler than just having the ATEM Mini Extreme ISO just sitting on the table.
Shoutout to @inux_3d for much fast shipping than I expected ✊🏾.
-
#blackmagicdesign #atemmini #atemminiextremeiso

Looks so good! 💯

Portland, Oregon • 43°F

2 likes 1 reply

Fri, Feb 17, 2023 9:30pm -08:00
Vikram Murthi https://twitter.com/fauxbeatpoet • Jul 18
So I just discovered the Spitzer Holding Company “specialty” title cards at the very end of every SUPERSTORE episode (a la the Simpsons chalkboard gag) and it’s kind of blowing my mind. Slipped past me for five years.

I am late to this party but just watched episode 2 and was like wait that can't be real 😅 and found this via a google search

Portland, Oregon • 36°F

Tue, Feb 14, 2023 9:53pm -08:00
Grant Burton https://twitter.com/gruntwork • Feb 11
Was it a use once and forget?

I think I made it so I could import all my old tweets to my own website. It should still work tho!

Portland, Oregon • 44°F

1 reply

Sat, Feb 11, 2023 11:59am -08:00
Grant Burton https://twitter.com/gruntwork • Feb 11
Looks like a handy start. https://github.com/aaronpk/Twitter-Archive-to-CSV

I completely forgot I made this!

Portland, Oregon • 39°F

3 replies

Sat, Feb 11, 2023 6:49am -08:00

older