hrbrmstr's Daily Drop

  • Drop #695 (2025-08-18): Monday Afternoon Grab Bag

    Today’s Drop features Overtype, a lightweight markdown editor, focuses on user-friendly design and minimal size. It further showcases SystemD Service Hardening which provides methods to enhance security for services. And concludes with a GH Migration script to automate moving GitHub repositories to Forgejo, supporting various configurations and strategies.

    hrbrmstr

  • Bonus Drop #94 (2025-08-17): /security

    The weekend Bonus Drop discusses current issues in XML security, notably the libxml2 maintainer’s frustrations with unpaid vulnerability triaging, as well as a proposal to remove XSLT, citing its obsolescence and security risks. Additionally, it introduces Slash Pages, a directory for personal web pages, emphasizing concerns about content theft by AI bots.

    hrbrmstr

  • Drop #694 (2025-08-14): Miles & Miles Of CSS Styles

    Today’s Drop showcases two CSS frameworks: Missing and Web Awesome. Missing emphasizes semantic HTML and customization through CSS properties, suited for smaller projects. Web Awesome, built on Shoelace, offers framework-agnostic components, Font Awesome support, and accessibility focus. A demo showcases their application in a CVE lookup app, highlighting their effectiveness.

    hrbrmstr

  • Drop #688 (2025-08-04): Keep It [Conveniently] Seekrit [Enough]

    Today’s single-topic Drop looks at the integration of Tailscale with Mullvad VPN. The combined service provides a seamless blend of mesh networking and privacy. It enables folks to utilize Mullvad’s VPN exit nodes while maintaining encryption through WireGuard. Although Tailscale manages identity mapping for operational purposes, it offers conditional anonymity by ensuring that Mullvad does…

    hrbrmstr

  • Bonus Drop #93 (2025-08-03): Two Out Of Three Ain’t Bad?

    The weekend Bonus Drop discusses the tension between technological advancement and accessibility, highlighting how specialized knowledge and costs limit benefits. It covers Shift browser’s workspace management features and critiques self-hosting AI models for their impractical costs. Additionally, it describes ADS-B WX’s innovative use of aircraft data to generate detailed wind maps.

    hrbrmstr

  • Drop #679 (2025-07-10): No, Thanks. I’m Just Browsing.

    Today’s Drop discusses 2 new “AI”-driven browsers: Dia & Comet, + introduces Kite. Dia offers an “AI”-laden browsing experience but lacks functionality and has privacy issues. Comet provides better integration and automation but is/will be costly. Kagi’s Kite focuses on delivering concise news summaries while ensuring user privacy.

    hrbrmstr

  • Drop #675 (2025-07-03): drop –upgrade

    Today’s Drop features three kind-of-major updates to some froody FOSS. Deno 2.4 enhances developer experience with features like raw imports, OpenTelemetry integration, and improved Node.js compatibility; SQLite marks its 25th anniversary with performance upgrades like the sqlite3_rsync feature for faster sync; and, Ligolo-ng v0.8 introduces a web interface for collaborative tunneling, supporting multiple users effectively.

    hrbrmstr

  • Drop #673 (2025-06-30): Long[er] Form Monday

    Today’s Drop discusses the shortcomings of relying on LLMs in development, positing they may highlight poor tooling rather than technological progress. It also reviews Cloudflare’s secure video conferencing platform, Orange, and addresses the unsettling trend of businesses replacing human imagery with AI avatars, reflecting a diminishing emphasis on human value.

    hrbrmstr

  • Drop #663 (2025-06-11): Wednesday Morning Grab Bag

    The midweek Drop covers MarkText, a FOSS Markdown editor with real-time preview and advanced features; fingerprinting w/WASM, highlighting its precision + privacy implications; & Cerberus, a Caddy plugin that implements SHA-256 challenges to combat automated AI bot abuse, prioritizing service protection over user convenience.

    hrbrmstr

  • Drop #661 (2025-06-05): Context Is Critical

    Today’s drop reflects on Postman’s MCP “factory” which simplifies MCP server generation, but raises security concerns, as Virus Total reports nearly 8% of deployed servers (not just from Postman’s tool) showing vulnerabilities. It also talks about and posits on the “Natural Language Web” (NLWeb) — a protocol for querying websites in natural language, prompting debates…

    hrbrmstr