Posts
1Password's Privacy Surprises
· ☕ 10 min read
Design problems with 1Password may allow schools and workplaces to see what sites users have in their vaults, and allows family organizers to grant themselves access to secondary vaults.

ImaginaryCTF 2021
· ☕ 12 min read
This weekend I participated in ImaginaryCTF 2021 with WreckTheLine. We finished third out of 1018 entrants, the final team to complete all 55 challenges and hit 11330 points, missing second place by 3.5 minutes. Here are my writeups for System Hardening 5 and New Technology.

Minimally-Invasive Smart Outlet Surgery
· ☕ 6 min read

I have several EFUN SH331W smart outlets for controlling various lights. They’re based on a whitelabel ESP8266 design by Tuya, so I usually use tuya-convert to flash them with Tasmota so I can control them with MQTT. Unfortunately tuya-convert is a rather tedious and error-prone process, and recently I managed to soft-brick one.