Haha, people yell at me when I share tarantula pics without warning :)
26.02.2026 02:38
π 1
π 0
π¬ 0
π 0
Haha, people yell at me when I share tarantula pics without warning :)
Book cover for "Threat Driven Software Development: Defending online services from modern threat actors." Colors are primarily blue, with a depiction of an attack graph.
Artwork is not final yet, but I can't wait! The amount of battle tested content in this book is unbelievable. And by battle tested, I mean it. Name an APT and Microsoft has had to defend against them.
Sweet! BlueHat Redmond has kicked off its CFP!
BlueHat brings together security researchers and responders to exchange ideas and best practices - including vulnerability research, mitigations, emerging threats, techniques, and more.
Submit your paper by February 28, 2026: aka.ms/BH26CFP
No cover or concrete release date yet (content is fully complete and going through the editorial process), but this is going to be a banger.
"Threat Driven Software Development" distills 30 years of lessons learned at Microsoft on how to operationally secure services: management infrastructure, identities, keys, secrets, build systems, networks, risk management - you name it.
So freakin' excited. Have a book coming out with Michael Howard (author of Writing Secure Code), Sherrod DeGrippo (Director of Threat Intelligence at Microsoft) and Shawn Hernan (Director of Azure's Security Assurance organization).
Don't know if you went down the full ergodox + colemax rabbit hole, but going back to QWERTY from an alternate keyboard layout feels like mars too.
People's brains cramp the first time they pick a movie randomly - it's interesting to watch. Give the movie 20 minutes before you bail, and you'll find that you end up watching and enjoying them more often than not.
Security is a far better place for his contributions.
- The invention of AMSI in Windows, letting applications finally take an active role in their own defense
- Appliance-like delivery of some major on-premises projects that hardened these systems far more than operators could, and also protected them from hostile operational environments.
- The first scripting language to ever account for security from the get-go
- Countless improvements to Code Integrity in Windows to support dynamic runtimes
- The only scripting language to actively engage the researcher community in how to adapt to the evolving threat landscape
Wow, what an amazing impact @jsnover.com has had on the security industry and everybody that's had the privilege to work with him.
Jeffrey's leadership was directly responsible for:
Congratulations! If you ever need more fish, I can make that happen :)
Like, there should be a meme license that you need to obtain before being granted access to giphy.com.
Congrats on the addition to the family :) Before you know it, you'll have a bunch :)
Wife: "Whoa, Lewis Hamilton is getting a new race engineer this season"
Me: "Who?"
Wife: "ποΈπ We are checking... πποΈ"
Nope, regular ol' APL :)
βIO β 0
iter β{β(β’ββ΅)ββ(β’β΅)β1β1β½1ββ9.05Γ·β¨+/+βΏ1 0 Β―1β.β1 0 Β―1β½Β¨βΒ―1βΒ―1β½(
(β’β΅)+2)ββ((β’ββ΅)+2)βββ΅βͺ28+228Γ?2β΄β¨β’β΅}
{}{canvasββ170β' +=*β#ββ'[(β(β΅Γ·10))β9]β_ββDLΓ·32βiter β΅}β£β‘0β΄β¨1 1Γ250
Those approaches didn't end up working out for Encarta, but congratulations to Wikipedia to being an incredible resource for humanity.
They tried for a while with the quality angle - having paid professional editors being the primary content owners. And then they pivoted for a while by allowing community contributions that paid professional editors would then fact and quality check.
25 years ago is 2001. I joined Microsoft on the Encarta Encyclopedia team in 2002 and asked as part of my interviews: "So what are you going to do about this Wikipedia thing?"
I think it's mostly just "programmer" :) Unlike human languages - after the first programming language, they're mostly all the same.
Ever seen a demoscene demo in APL? Now you have. www.leeholmes.com/apl-demoscene/
Haha, I've spent so many times looking at it that I can notice the GH version has a bug that makes the fire drift left :)
I also did it in APL recently, that was a trip: www.leeholmes.com/apl-demoscene/
Was in a discussion with somebody once about their horse, and the conversation included the phrase, "and before you know it, you're in it for a million bucks."
Tower: "Caution, wake turbulence"
IShowSpeed about to approach a crowd of fans
Had a huge YouTuber (IShowSpeed, 44M subs) come to a place I was at last night. It was madness. Dozens (200?) of kids and teens swarming, screaming his name, and calling his cliches out to him.
He seemed like a nice enough guy, and his security mostly kept the mob from interrupting the rest of us.
On close final to a runway, especially at night, is one of the universe's most beautiful views
![The following console contetn: [Console]::(-join (294,291,312,293,308,317,312,319,308 | % { [char] ($_ -bxor 337) }))("Hello World")
With a debug message showing what is being sent to AMSI:
=== Amsi notification report content ===
<System.Console>.WriteLine(<Hello World>)
=== Amsi notification report success: True ===](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:xf3m37s3ck7yzvg2dcd7773o/bafkreiaat6davdvbzc2rksmgm562jqilzzaxmg73fomxwtdm7r2vhnqni4@jpeg)
The following console contetn: [Console]::(-join (294,291,312,293,308,317,312,319,308 | % { [char] ($_ -bxor 337) }))("Hello World") With a debug message showing what is being sent to AMSI: === Amsi notification report content === <System.Console>.WriteLine(<Hello World>) === Amsi notification report success: True ===
Have you seen how PowerShell Core now sends de-obfuscated .NET API calls to the AMSI stream?
One of the little pet projects I'm proudest of - extremely simple comment system for static sites: www.leeholmes.com/statique-sim...
Construction workers ashphalting a road.
I could watch stuff like this all day. The world needs more fixers.
