Category Archives: Computer Security

Petco violates customer privacy, refuses to confirm appropriate steps were taken to mitigate incident

I recently received a shipment of cat food from Petco which, as far as I know, I had not ordered. I did have a “repeat delivery” order scheduled for that variety of cat food, but usually when Petco is about to send you a repeat delivery order they notify you by email to give you… Read More »

Convincing GNOME to allow remote desktop when screen is locked

Recent releases of GNOME on Ubuntu, and presumably in other distributions as well, finally support remote access to your GNOME desktop on both Xorg and Wayland from a VNC client. However, they do not allow you to connect to your desktop when it is locked, and similarly if your desktop locks — either because you… Read More »

Generic reply to unsolicited vendor sales emails

Dear sales representative who wants me to buy your company’s products, If I’ve emailed you a link to this blog posting, it’s probably because you’ve sent me multiple unsolicited sales emails. Welcome to the club of vendors from whom I’m unlikely to ever purchase anything! No unsolicited sales email I have ever received from a… Read More »

The arduous saga of applying for a Google Store credit account

I have been trying for three months to open a @AskSynchrony account for the @Google store. It has been an unmitigated disaster every step of the way. It boggles the mind that Google has chosen such a terrible partner for providing this service. For background, I have never been a victim of identity theft, I… Read More »

Here’s how I pick good passwords

A billion people have written about this before, but I like my approach, so I’m sharing it in case someone else finds it useful. Most of my passwords go into a password manager; those are long and random and generated by the password manager and I don’t care whether they’re easy to type or memorable… Read More »

Automating TP-Link Archer AX6000 router (and others) from Python

Recently, I was confronted with the problem of automating the activation and deactivation of parental controls on my TP-Link Archer AX6000 router. Specifically, I needed a command-line tool that would allow me to disable or enable internet access for a specific parental controls profile. The router only provides the ability to set separate schedules for… Read More »

It’s 2020, and companies still don’t know how to send emails that don’t look like spam

I received this email at 1:15 this morning: When I saw it this morning, I was confused. I have never before received an email from “”, and I was asleep at 1:15am, not placing an “order” to be confirmed by this email as its subject implies. It sure looks like spam, right? Well, it turns… Read More »

Fleeced by a scammy web site, Paypal acts quickly to fix it

Recently our toaster broke, and although we have a “spare” toaster (long story), my wife and the kids all hate it and insisted that we replace the broken toaster, which they apparently absolutely adored, with a new one of exactly the same model. The old toaster had an unfortunate habit of its feet falling off… Read More »

Datadog as vector for data exfiltration?

In my current job, we are evaluating Datadog as the repository for the metrics and logs being generated by our SaaS application, which is hosted in AWS. We have taken a security-first approach in our design for the AWS accounts and infrastructure surrounding our app, which means among other things that we are not allowing… Read More »