I’m excited to announce @arcjethq has raised $3.6m seed funding to build the future of developer security, led by @zanelackey at @a16z! Also participating in the round are @seedcamp and a roster of great angels. Although deploying code has become simpler, production security

No SSH key files on disk please! 1Password approval required for each new app access. macOS keychain can do this as well, but doesn't have as granular access controls or audit logging

The built-in macOS firewall protects your laptop from inbound connections, but I'm surprised how few people use an outbound firewall as well. Surely you want to know when processes are phoning home?. I've been using @littlesnitch for years, but the free LuLu firewall also works

The UK £1m lifetime allowance "Entrepreneur's Allowance", now know as "Business Asset Disposal Relief" is a joke compared to this. All the incentives are skewed towards scammy EIS and VCT investors rather than founders taking the risks.

Check out your Git repos to ~/Desktop, ~/Documents or ~/Downloads on macOS and you benefit from the TCC framework protections if embedded malware tries to access your source code. But if you also run inside a devcontainer, TCC sees the request coming from the already-authorized.

If you can ban it 2 seconds after it was published, why did it get published in the first placed? 🤔.

Devcontainers aren't designed as a way to protect developers from exploits, but they can work that way. ✅ Isolate the host from post-install scripts.✅ Tools execute in the container, not on the host.✅ To the code, everything looks like a minimalist Linux box.

RT @DanielLockyer: Atlassian switched from JSON to Protobuf for one of their services, resulting in:. - 75% less memcached CPU usage.- 80%….

RT @jack: my weekend project to learn about bluetooth mesh networks, relays and store and forward models, message encryption models, and a….

RT @zhero___: Bug bounty, feedback, strategy, and alchemy. frequently asked for advice, roadmaps, and more, I finally took the time, after….

Move to 🇺🇸.

Seems like nobody cares about performance, but I'd bet there's a lot of hidden frustration. And when you do find something fast, it stands out because of how slow everything else is 🐌.

Graph from

So many useful features, like conditional exports for different runtimes. and then you see how many people use VERY old Node versions and you can't just target Deno 😭

RT @dharmesh: A.I. is exceptionally good at elevating your thinking, but not replacing it. Use it to test your ideas, push back and probe….

Important because the DX of server actions makes it easy to make security errors.

The developer laptop is the prime target: npm modules, install scripts, browser extensions, and especially VS Code extensions.

👀 MSN.

Making multiple data centers in a single region seem like a single "chip"? . Not good enough. What about a whole country? This is where the US benefits from competitive energy pricing and independence.

Imagine supporting software written in the 80s-90s where the only documentation is video interview footage with the developers 😬.

RT @aleximm: "The battle between every startup and incumbent comes down to whether the startup can get the distribution before the incumben….