The mentioned blog post on my later (better-educated!) attempt at reviving the computer: www.richinfante.com/2019/01/19/repairing-old-pc

In this episode, I talk about Meshtastic, an open source decentralized encrypted peer-to-peer mesh network for off grid communications. You can leverage Meshtastic to communicate long distances, using economical off the shelf hardware.

Relevant Meshtastic Documentation:

Other Links:

Core Devices is releasing some new smartwatches, a successor to the Pebble Watch. I also discuss some of the constraints Apple puts on third party smartwatch developers.

Some links from this episode:

In this episode, we discuss the recent tj-actions/changed-files github action compromise. I propose some ways we can apply existing solutions to this problem, in a way that doesn’t add too much extra friction, but can greatly lessen the number of users impacted by a compromise like this.

I also mention some information from Step Security’s blog post on the topic, which I’d recommend reading: https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised

See also: This episode in blog form

Edit: I have published a revised version of this episode clarifying the current state of dependabot for managing action updates.

A companion to my blog post on permissions misconfigurations and how ssm:StartSession and similar AWS APIs can be abused to traverse across your network or escalate privileges.

I discuss the rebirth of Pebble, and a recent hacking project where I upgraded major parts of the Toolchain/SDK to run on modern Python 3.

Eric’s blog posts:

My Watchfaces can be found on the Rebble app store.