Martin Baschpel
@bilbothebird.bsky.social
📤 6
📥 14
📝 13
There is no pink oliphaunt.
It's gonna be that kind of week ....
xkcd.com/979/
&&
xkcd.com/386/
== 😵
loading . . .
Wisdom of the Ancients
https://xkcd.com/979/
about 2 months ago
0
0
0
www.kickstarter.com/projects/mee...
4 months ago
0
0
0
The Great Software Quality Collapse: How We Normalized Catastrophe
open.substack.com/pub/techtren...
loading . . .
The Great Software Quality Collapse: How We Normalized Catastrophe
The Apple Calculator leaked 32GB of RAM.
https://open.substack.com/pub/techtrenches/p/the-great-software-quality-collapse?utm_campaign=post&utm_medium=web
5 months ago
0
1
1
From FOSS to Flop, and How to Go Commercial Without Alienating Your Users
blog.inedo.com/inedo/from-f...
... I guess I have Some Thoughts about that blog post, but overall a nice read.
#foss
#dev
loading . . .
From FOSS to Flop, and How to Go Commercial Without Alienating Your Users
Moq, FluentAssertions, MassTransit, AutoMapper, MediatR – if those NuGet package names sound familiar, it might be from all the recent controversy. The authors of these free, open-source .NET librarie...
https://blog.inedo.com/inedo/from-foss-to-flop-and-how-to-go-commercial-without-alienating-your-users/
9 months ago
0
0
0
With Authenticode, what is the point of having hardware based HSM/FIPS protection for the private key when the Ability-To-Sign is only protected by Cloud credentials or API keys? I really don't get it yet.
#authenticode
#codesigning
#softwaresecurity
security.stackexchange.com/questions/28...
loading . . .
When Code Signing, what is the point of enhanced security specifically for the private key itself?
TL;DR What is the point of having hardware based HSM/FIPS based protection for the private key when the ability to sign is "only" protected by credentials / API keys? Background In the pa...
https://security.stackexchange.com/questions/281210/when-code-signing-what-is-the-point-of-enhanced-security-specifically-for-the-p
10 months ago
0
0
0
reposted by
Martin Baschpel
Kevlin Henney
10 months ago
My keynote, "Fun for Now", from
@devoxxgreece.bsky.social
a couple of weeks back
www.youtube.com/watch?v=dt9Y...
loading . . .
Devoxx Greece 2025 - Fun for Now ( opening keynote by Kevlin Henney )
YouTube video by Devoxx
https://www.youtube.com/watch?v=dt9YWaHM1Ns
1
7
4
reposted by
Martin Baschpel
Kevin Jones
10 months ago
The specific text "Signatures using elliptical curve cryptography (ECC), such as ECDSA, aren't supported in Windows and newer Windows security features." seems pretty clear to me, "It's not supported".
0
1
1
@vcsjones.dev
- You wrote a great article about ["Authenticode and ECC"](
vcsjones.dev/authenticode...
) ... 9 years ago. We're currently looking into using ECDSA only signing for Authenticode. Know whether the conclusion from back then (lacking consistent tool support) has changed in 2025?
loading . . .
Authenticode and ECC
While HTTPS / TLS have been making great strides in adopting new cryptographicprimitives, such as CHACHA, x25519, and ECC, another place has remainedrelative...
https://vcsjones.dev/authenticode-and-ecc/
10 months ago
1
1
1
you reached the end!!
feeds!
log in
