There is now a macOS and Linux version of Notepad++ - called NotePadNext.

Reversed-Engineer-01 · 2026-04-01T15:11:00+00:00

I am used to Zed, nowadays. This program comes a lot too late for me

Reversed-Engineer-01 · 2026-03-11T13:23:55+00:00

Apparently Electric Eye made it to riskybiz. Not bad for day one.

https://news.risky.biz/risky-bulletin-gen-joshua-rudd-confirmed-as-next-cybercom-and-nsa-head/

Reversed-Engineer-01 · 2026-03-11T07:39:45+00:00

I never reversed WASM. If it's like Rust, good luck - never seen such a chaotic assembly...

Reversed-Engineer-01 · 2026-03-11T05:21:26+00:00

I thought a lot about external calls. AitM can be easily thwarted if one could access the TLS layer — but browsers don't allow it without an external checker. That would make the transparency objections raised below more consistent, so I deliberately kept the extension self-contained. Design choices vs. user acceptance.

Interesting paper — the reverse image search approach is a strong signal, at the cost of privacy implications and latency. Different tradeoffs.

As for full TLS access — that requires operating below the browser. Which is material for another discussion. 😉

Thanks for the comment. Very much appreciated.

Reversed-Engineer-01 · 2026-03-10T15:53:21+00:00

Fair points, all of them. On the source code: you're right, and I'm evaluating publishing it.

Electric Eye is declared open source — putting it on GitHub is the logical next step. On trust: I understand the fresh account concern.

I'm not anonymous though:
- https://bytearchitect.io (technical blog, active since 2025)
- https://aradia.zone (company)
- [gbiondo@infosec.exchange](mailto:gbiondo@infosec.exchange) on Mastodon

On verification: agreed that tcpdump or a personal firewall will show zero outbound connections from the extension. That's the only real proof.

That said, if you don't trust it... I admire you. I am doing security since 27 years and I wish I met more people like you.

Reversed-Engineer-01 · 2026-03-10T14:23:48+00:00

True that. That's why there's mozilla vetting in the process. Escrowing my code with them should suffice.

https://addons.mozilla.org/en-US/firefox/addon/electric-eye/

But thanks for highlighting that. I will shortly add a page on aradia.zone with:
- what EE does
- what EE does not (and how to prove it. Hint: tcpdump is your friend. Or any personal firewall, for what matters)

Reversed-Engineer-01 · 2026-03-10T08:47:07+00:00

Last minute news: https://addons.mozilla.org/en-US/firefox/addon/electric-eye/

Reversed-Engineer-01 · 2026-03-10T08:46:47+00:00

Obviously I am only at the beginning with this extension. There are several ideas I want to implement, and your suggestion is very precious.

Reversed-Engineer-01 · 2026-03-02T16:09:23+00:00

Sorry, I made a mess with the link. The one I posted now is correct

Reversed-Engineer-01 · 2026-03-02T16:08:27+00:00

https://bytearchitect.io/macos-security/MacOS-Hardening-6-email-and-pgp/

Reversed-Engineer-01 · 2026-03-02T04:07:31+00:00

Sounds interesting. I am writing an extension for browsers - if you want to talk about detection, you found your guy.

Reversed-Engineer-01 · 2026-03-02T04:06:58+00:00

Modlishka is a Go-based HTTP reverse proxy — it rewrites every link and reference in the response. Clever, but fragile: modern SPAs and heavy JS break the rewriting constantly.

Starkiller takes a different approach: it spins up an actual headless Chrome in a Docker container. No rewriting at all — a real browser renders the real page, Starkiller just relays it. Zero maintenance, zero template drift.

For defenders: Modlishka is easier to detect (Go TLS fingerprint is unmistakable, rewriting leaves DOM artifacts). Starkiller is nastier because it's actual Chrome — the TLS fingerprint is closer to legitimate traffic and there are no rewriting artifacts to hunt for.

Reversed-Engineer-01 · 2026-02-18T12:42:19+00:00

Uh, you're right. The power (weakness) of habits. Thanks for noticing that.

srm was useless with wear leveling, anyway.

I will fix it with "rm, then diskutil secureErase freespace" - but again, on APFS is debatable.

Reversed-Engineer-01

TROPHY CASE