Thank you for sharing. Why do you say that it’s not strong protection against malware? Seems like it might be pretty handy there, at least with respect to untrusted code.

Fair point, it does raise the bar! The distinction I'm drawing is between "semi-trusted" and "actively malicious".

Fence handles well supply-chain scripts that phone home, tools that write broadly across your filesystem, accidental secret leakage, the "opportunistic" stuff that makes up most real-world supply chain incidents.

I hedge on malware because: (1) Domain filtering relies on programs respecting HTTP_PROXY, and malware could ignore it (though direct connections are blocked at the OS level, so they'd fail rather than succeed), (2) OS sandboxes (sandbox-exec, bubblewrap) aren't VM-level isolation and I believe determined attackers could exploit kernel bugs, (3) there are no resource limits or content inspection.

The threat model is really "reduce blast radius from code you're running anyway". For a stronger containment boundary you'd want a proper VM.

More thoughts in the security model doc (https://github.com/Use-Tusk/fence/blob/main/docs/security-mo...) if you're curious!

These are beautiful, each in their own right. Thank you for sharing.

Thank you! Yeah I love a good curated list. If you'd like to make your own lmk and I can send you a lynkmi invite

Thank you for sharing this. Please let me know if/when it’s back in stock.

You can sign up for email notifications here: https://vassarrobotics.com/newsletter

It will probably be available in late July. We’re expanding the team, so we might be able to offer it sooner.

Thank you for sharing the app but even more so, the story. It feels very representative of how a lot of apps start with great goals or intentions.

I would dearly love to see that ad; any chance you still have it or could more or less reconstruct it?

I was looking for it in my email, but I think it's long gone.

Thanks for looking! It just sounded like the kind of clever I love.

Thanks for posting this. A few thoughts come to mind.

1. What have you tried so far to find such a job?

2. Do you have a degree? I don’t personally believe they should be required but many employers hold a different view.

3. Are you open to a startup or do you prefer something more corporate?

Hey, thanks for the reply. To answer your questions…

1. I haven’t applied to any just yet, I wanted to get my website up and running and clean up my GitHub and build a couple of projects specifically meant for a recruiter to look at — I figure that’ll give me the best chance, I also made a LeetCode account a couple of days and I’ve been working on problems since I’ve heard that tends to help. 2. I don’t have a degree but I am working towards a CS degree, though I am far away from graduation. 3. Knowing myself I would probably thrive in a start up environment but I definitely wouldn’t mind working at an established corp either. As long as it pays the bills and helps me move my career forward then I’m ok with it.

Wow, thank you for sharing this. What happens - just out of curiosity - when the wheel slows down or stops moving altogether? That is, what is the effect like then?

As the wheel slows down the microcontroller detects that and changes the led pattern at a slower rate. But at a slow enough rotation your eyes start seeing each individual led arm rather than the whole image.

When the wheel stops I have it detect that and stop shining the LED's until it starts spinning again.

Thanks for sharing this approach. I gotta say that I’d love to hear more about how/where you are buying this data, and the CashApp story too.

Not that I can tell, unless you encounter a teacher who (personally) believes it’s worthwhile.

The real problem, IMO, is that they don’t teach cursive but also don’t teach typing. They’ve thrown laptops at the kids without giving them the basic skill necessary to be effective in that medium.

They stopped teaching cursive for a number of years but all the schools in my area start it around age 6 or 7 now. They start typing the next year with some horribly boring typing program.

I can only of course share my own experiences, but I’d recommend taking a government cyber role - especially something hands-on. This allowed me to pivot from software development (which I still love and do but just for myself) to cyber.