Month: February 2020

Content-Security-Policy. Make it tight. Google, allow it to reference your images so they show in the search box. Wildcards. You can specify the left-side (*.domain) but not the right side (domain.*). OK, lets look up the list of google domains. I’ll let you Bing that. The answer is here. Huh. That is a lot. .google.com…

I see a lot of entries for countmake.cool (purposely not linked) in my Content-Security-Policy logs. These are folks who have some malware installed on their desktop, when they surf to my blog, they get redirected and advertising injected. Except that my CSP forbids this (since I don’t allow them img-src or script-src permission). I wrote…

Something interesting / disturbing just happened to me. I was trying out my new bluetooth headset to make sure it supported aptX and would pair to two devices. So, while watching a youtube video, i used skype to dial my phone. Oddly, I got a high-fidelity playback of my voice mail (ironically a bunch of…