Sign in

Front-End Web Developer in Boston, MA 👨‍💻

A few months ago, I stumbled upon my first website ever on an old floppy disk. Despite the instant cringing, I uploaded it to GitHub, collected other iterations, and made an #awesome-list of others who were brave and/or shameless enough to do the same. But why not take that one 1,000 steps further?

Introducing the Y2K Sandbox — with fully-featured, fully-isolated, on-demand Windows Millennium Edition® virtual machines, simply to experience my first website in its natural Internet Explorer 5 habitat. And maybe play some 3D Pinball: Space Cadet. Oh, and Microsoft Bob is there too if you want to say…

We’re all quickly learning that worldwide pandemics can bring out both the best and the worst of humanity. But one thing has become readily apparent to me — outside of the large teams of medical professionals risking their lives right this minute, the open source community stands alone in its ability to rapidly organize in the midst of chaos to give back to the world and, in this case, make it safer for all of us.

These are just a few incredible open source projects that didn’t exist a few months ago, but rapidly formed teams of dozens of contributors…

Over time, I’ve collected an assortment of interesting, funny, and depressing search queries to plug into Shodan, the (literal) internet search engine. Some return facepalm-inducing results, while others return serious and/or ancient vulnerabilities in the wild.

Most search filters require a Shodan account.

You can assume these queries only return unsecured/open instances when possible. For your own legal benefit, do not attempt to login (even with default passwords) if they aren’t! Narrow down results by adding filters like country:US or org:"Harvard University" or hostname:"nasa.gov" to the end.

The world and its devices are quickly becoming more connected through the shiny new Internet of Sh*t — and exponentially…

The team behind Bernie Sanders’ 2020 campaign released a new web app last month named BERN. The goal of BERN is simple: to gather as much information as they can on as many voters in the United States as they can, and make their grassroots army of enthusiastic supporters do the work. It’s undoubtedly a smart strategy, but also a concerning one for myself and other privacy advocates.

REUTERS/Carlo Allegri

BERN has two features: one called “Friend-to-Friend” (described as “add everyone in your network”) and another called “Community Canvassing” (described as “talk to people around you every day, e.g. on the bus…

tl;dr: No. Quite the opposite, actually — Archive.is’s owner is intentionally blocking 1.1.1.1 users.

A recent post on Hacker News pointed out something I’ve noticed myself over the past year — the Archive.is website archiving tool (aka Archive.today and a few other TLDs) appears unresponsive when I’m on my home network, where I use Cloudflare’s fantastic public DNS service, 1.1.1.1. I didn’t connect the two variables until I read this post, where somebody noticed that the Archive.is domain resolves for Google’s 8.8.8.8 DNS, but not 1.1.1.1. An interesting and timeless debate on privacy versus convenience ensued.

Matthew Prince, the CEO…

Contributing to an open-source project can be intimidating at first. The convoluted process of submitting your improvements for approval via a pull request certainly doesn’t help.

The following steps to submit a pull request will work on Git repositories hosted anywhere — on GitLab, Bitbucket, Azure DevOps, etc. — but most open-source repositories one would want to contribute to are likely on GitHub, which is what we’ll be using.

Starting from the very beginning, we’ll fork an existing repository to our account, clone the fork locally, commit your changes to a new branch, and push it back upstream to GitHub…

A subdomain takeover occurs when a subdomain (like example.jarv.is) points to a shared hosting account that is abandoned by its owner, leaving the endpoint available to claim for yourself.

Not only are takeovers a fun way to dip your toes into penetration testing, but they can also be incredibly lucrative thanks to bug bounty programs on services like HackerOne and Bugcrowd, where corporations pay pentesters for their discoveries.

Huge rewards for subdomain takeovers on HackerOne

For a deep dive on the implications of takeovers, which can be a pretty serious vector of attack for malicious actors to obtain information from users of the targeted company, Patrik Hudak

Hillary for New Hampshire Winter Fellows with Hillary Clinton in Derry, NH (February 3, 2016)

Keeping in mind the big picture…

I am a 24-year-old “millennial” and I passionately support Hillary Clinton for the 45th President of the United States. Yes, we exist.

My goal here isn’t to convince every Bernie believer to jump ship and support her as passionately as I do, although I feel obligated to try. I totally understand the passion for Bernie. I smile inside every time I see a young person (like my sister) become interested in politics for the first time and become directly involved in influencing the course of their own future, no matter which candidate triggered it for them. For me, it was…

Still Rap’s Motto in 2012?

This essay was written for Professor David Valdes-Greenwood’s Love & Sexuality class at Tufts University in April 2012.

Too many faggot niggas clocking my spending, exercising your gay-like minds like Richard Simmons …. Fucking faggot-ass light skin niggas, get the fuck out of my face …. It’s crazy how you can go from being Joe Blow, to everybody on your dick, no homo …. You homo niggas getting AIDS in the ass, while the homie here’s trying to get paid in advance …. If y’all leave me alone this wouldn’t be my M.O., …

Jake Jarvis

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store