hrbrmstr's Daily Drop

  • Drop #713 (2025-09-19): AVAST ME HEARTIES!

    Today’s Drop discusses accessing and utilizing U.S. maritime safety data, focusing on Anti-Shipping Activity Messages, while highlighting challenges faced due to changes in data accessibility. It describes a method to retrieve piracy-related datasets using R and DuckDB, emphasizing the need for continual data scraping to maintain a comprehensive dataset.

    hrbrmstr

  • Drop #701 (2025-08-28): Thursday Morning Grab Bag

    Today’s Drop discusses advancements in CSS, highlighted by the calc() function, and its surprising applications, particularly regarding infinity in calculations. It also examines vulnerabilities in AI image scaling as reported by Trail of Bits. Lastly, it mentions Yamanotes, a music box featuring JR Yamanote Line melodies.

    hrbrmstr

  • Bonus Drop #95 (2025-08-24): Vibe-less Coding; Vibe-ful Checking

    The weekend Bonus Drop emphasizes the importance of security for vibe or vibe-less personal web apps, highlighting key strategies such as SSRF protection, rate limiting, robust CSRF tokens, & more. It also provides a plethora of prompts to help you infuse security into your vibe-coded creations.

    hrbrmstr

  • Drop #695 (2025-08-18): Monday Afternoon Grab Bag

    Today’s Drop features Overtype, a lightweight markdown editor, focuses on user-friendly design and minimal size. It further showcases SystemD Service Hardening which provides methods to enhance security for services. And concludes with a GH Migration script to automate moving GitHub repositories to Forgejo, supporting various configurations and strategies.

    hrbrmstr

  • Bonus Drop #94 (2025-08-17): /security

    The weekend Bonus Drop discusses current issues in XML security, notably the libxml2 maintainer’s frustrations with unpaid vulnerability triaging, as well as a proposal to remove XSLT, citing its obsolescence and security risks. Additionally, it introduces Slash Pages, a directory for personal web pages, emphasizing concerns about content theft by AI bots.

    hrbrmstr

  • Drop #694 (2025-08-14): Miles & Miles Of CSS Styles

    Today’s Drop showcases two CSS frameworks: Missing and Web Awesome. Missing emphasizes semantic HTML and customization through CSS properties, suited for smaller projects. Web Awesome, built on Shoelace, offers framework-agnostic components, Font Awesome support, and accessibility focus. A demo showcases their application in a CVE lookup app, highlighting their effectiveness.

    hrbrmstr

  • Drop #688 (2025-08-04): Keep It [Conveniently] Seekrit [Enough]

    Today’s single-topic Drop looks at the integration of Tailscale with Mullvad VPN. The combined service provides a seamless blend of mesh networking and privacy. It enables folks to utilize Mullvad’s VPN exit nodes while maintaining encryption through WireGuard. Although Tailscale manages identity mapping for operational purposes, it offers conditional anonymity by ensuring that Mullvad does…

    hrbrmstr

  • Bonus Drop #93 (2025-08-03): Two Out Of Three Ain’t Bad?

    The weekend Bonus Drop discusses the tension between technological advancement and accessibility, highlighting how specialized knowledge and costs limit benefits. It covers Shift browser’s workspace management features and critiques self-hosting AI models for their impractical costs. Additionally, it describes ADS-B WX’s innovative use of aircraft data to generate detailed wind maps.

    hrbrmstr

  • Drop #679 (2025-07-10): No, Thanks. I’m Just Browsing.

    Today’s Drop discusses 2 new “AI”-driven browsers: Dia & Comet, + introduces Kite. Dia offers an “AI”-laden browsing experience but lacks functionality and has privacy issues. Comet provides better integration and automation but is/will be costly. Kagi’s Kite focuses on delivering concise news summaries while ensuring user privacy.

    hrbrmstr

  • Drop #675 (2025-07-03): drop –upgrade

    Today’s Drop features three kind-of-major updates to some froody FOSS. Deno 2.4 enhances developer experience with features like raw imports, OpenTelemetry integration, and improved Node.js compatibility; SQLite marks its 25th anniversary with performance upgrades like the sqlite3_rsync feature for faster sync; and, Ligolo-ng v0.8 introduces a web interface for collaborative tunneling, supporting multiple users effectively.

    hrbrmstr