The NS_ERROR_INVALID_CONTENT_ENCODING error in Firefox is caused by a mismatch in how ChatGPT's server handles Brotli compression, with a temporary fix suggested.
About:
Joshua Rogers is an Australian technologist and security expert with diverse interests in cybersecurity, film, and music, currently on a sabbatical to explore new projects.
Website:
Specializations:
Interests:
Outgoing Links:
Subscribe to RSS:
The blog post discusses gixy, a static analyzer for nginx configurations, and its updated version, gixy-ng. It highlights the limitations of the original gixy, which has not been updated in years, and details the improvements made...
The author discusses their experiences with various AI security scanners, particularly focusing on ZeroPath, which has proven effective in identifying vulnerabilities in codebases, including the curl project. The post reviews seve...
The article discusses the challenges of rendering untrusted HTML and JavaScript in a secure manner on a website. It explains the limitations of traditional sandboxed iframes and proposes a solution using postMessage to create a on...
The blog post discusses a recently discovered vulnerability in Supermicro's Baseboard Management Controllers (BMCs) that allows the installation of malicious firmware. BMCs, which provide remote management capabilities, are often ...
The blog post discusses the investigation into unusual traffic patterns to an old Opera Mini endpoint, revealing a fraudulent operation involving proxy networks and hijacked IP addresses. The author and a colleague analyze request...
The blog post discusses a novel approach to obfuscating C code by converting entire codebases into a single function, `main()`, effectively making reverse engineering more difficult. The author describes a Python script named 'c-f...
Gixy-Next is a fork of the Gixy nginx security tool that enhances functionality and reliability while critiquing the poor quality of its predecessor, gixy-ng.
The post discusses the inefficiencies in how Google communicates security updates for Chromium, which affects other browsers that rely on it. The author highlights the lag in security updates for browsers like Opera, Vivaldi, and ...
This post provides a detailed guide on how to bypass and remove Zscaler, Kandji Extension Manager, and Apple Business Manager (ABM) from MacOS systems. It explains the implications of MDM systems, the process of checking if a syst...
The blog post discusses the author's experience testing various AI-native security scanners, focusing on their ability to analyze source code for vulnerabilities. The author highlights the challenges in finding these tools, their ...
The author critiques the bug bounty system, detailing frustrations with reporting processes and the ineffectiveness of triagers while sharing personal experiences of reporting vulnerabilities.
The blog post discusses NXDOMAIN'd, a browser extension designed to monitor and check the registration status of domains loaded in a browser. It highlights the risks associated with loading resources from unregistered domains, whi...
The author shares experiences dealing with developers who relied on low-quality LLMs, leading to performance issues and security incidents. A specific case involving nginx is discussed, where the software's failure to respect DNS ...
The blog post discusses Tail Call Optimization (TCO) in programming, particularly in JavaScript. It explains how TCO allows for the optimization of recursive functions to prevent stack overflow errors. The author provides examples...
The post discusses the challenges of creating regular expressions (regex) for validating domain names, emphasizing that while regex can be useful, it's often better to use specialized libraries like tldts for domain validation. Th...
A guide on using userChrome.css to customize and declutter Firefox's right-click menu by removing unnecessary options for a better user experience.
The author discusses two security issues reported to Okta’s auth0/nextjs-auth0 project, focusing on an oauth parameter injection vulnerability. After submitting a patch, the author faced an attribution error when the maintainer cl...
The blog post introduces a bash script named 'body' that efficiently retrieves the middle line of a file, replacing the common 'head -n5000 file.txt | tail -n1' command. The author explains the script's functionality, including va...
5.6A helicopter story
2025-12-08 • travel adventure helicopter slovenia humor
A spontaneous helicopter trip from Vienna to Wrocław turns into a comedic adventure filled with miscommunication and unexpected challenges.
A guide on customizing Firefox's right-click menu to always show 'Copy Link' or 'Copy Clean Link' based on link status using userChrome.css.
The post critiques Firefox's cluttered right-click menu on MacOS and offers solutions to streamline it through about:config settings.
The blog post discusses how to remap the silcrow (§) key to a tilde (`) on certain Macbooks, which have this unusual key placement. It provides a command for remapping the keys using the terminal and suggests creating a LaunchAgen...
The blog post compares various tools for identifying regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). The author tested tools such as semgrep, safe-regex, and regexploit on 13 specific regex...