Suramya's Blog : Welcome to my crazy life…

September 19, 2025

Swiss cheese font

Filed under: Interesting Sites,My Thoughts,Tech Related — Suramya @ 10:48 AM

The Swiss cheese has a very unique look and from the first time I saw it in a Tom & Jerry cartoon, I have loved it. Designer Rob apparently loves it as well because he has created a font he calls Swiss Cheese Mono which is a typeface full of holes inspired by the Swiss cheese look.

Introducing Swiss Cheese Mono Font
Introducing Swiss Cheese Mono Font

The font is current in uppercase only and is available for sale at Swiss Cheese Mono font (uppercase only) for $2.99. From the description.

Swiss Cheese Mono is a chunky, sans-serif, monospaced display font created primarily from squares with circular “holes” in them. Currently available in uppercase only.

When Rob posted some images of the work-in-progress font on Threads, many of the nearly 33,000 people who liked the images said the font looked like Swiss cheese. After taking some photos of real cheese, playing around with Adobe Firefly’s generative AI image tools, and finishing the font, Swiss Cheese Mono was born.

I find the font a little hard to read as they are sort of like the images with perspective views that require you to squint in a particular way to see them correctly. So I doubt anyone is going to use it for anything professional (unless it is for food related posts/presentations) but it is still cool to see.

Source: mastodon.social/@cmconseils.

– Suramya

September 18, 2025

Creating a Phishy URL

Filed under: Humor,Interesting Sites,My Thoughts,Tech Related — Suramya @ 9:21 PM

Url shortners have been used for a while now to to reduce the length of a URL to something that can be easily shared online. It became extra popular at sites like Twitter which counted the URL length into the character count for the post (though that was later changed to a fixed number, 23 if I remember correctly). The disadvantage of such shortner’s was that they converted phishing links into a shorter URL that looked legit and the only way to figure out if the link was valid was to access it which could be risky due to Zero day exploits etc. This made life ‘interesting’ from a security controls perspective as it makes it harder to control/restrict such urls.

So someone decided to take it the other way and create a re-director that converts regular URL’s into a really fishy looking URL

This is a tool that takes any link and makes it look malicious. It works on the idea of a redirect. Much like https://tinyurl.com/ for example. Where tinyurl makes an url shorter, this site makes it look malicious.

Place any link in the below input, press the button and get back a fishy(phishy, heh…get, it?) looking link. The fishy link doesn’t actually do anything, it will just redirect you to the original link you provided.

You can try them out at https://phishyurl.com/. I asked the site to create a link to suramya.com/blog and it generated the following URL:

https://cheap-bitcoin.online/evil-hunter/exploit-jacker/fake_launcher_tool.exe?content=overwrite&id=824e35fe&origin=spoof&payload=%28function%28%29%7Blet+a%3D5%2Cb%3D3%3Blet+sum%3Da%2Bb%3B%7D%29%28%29%3B&portscan=scan&referer=tamper

If you visit the above link, it will take you to the blog homepage.

Source: chaos.social/@FlohEinstein

– Suramya

September 14, 2025

There is now a SQL port of Doom on CedarDB

Filed under: Interesting Sites,My Thoughts,Tech Related — Suramya @ 10:06 AM

There is an ongoing joke that if a device can perform calculations and has a display it will be used to run Doom. The same way a programming language is considered successful if Doom has been ported to it. Lukas Vogel, has added one more language to the list of languages that were used to write a port of Doom entirely in SQL with CedarDB doing all the heavy lifting. His blog post (Building a DOOM-like multiplayer shooter in pure SQL) has a full writeup on the technical nuts and bolts of the implementation.


DOOMQL in action

Due to the limitations of the language and backend engine the implementation looks like an ASCII display instead of the the more familiar 3D art & sprites. That said this is an impressive achievement. I think this would be a good way to stress/load test a DB server. Atleast that is how I am going to pitch it, the next time I am involved in the setup and testing of a Database server.

Source :The Register: Just because you can render a Doom-like in SQL doesn’t mean you should

– Suramya

September 13, 2025

Flashmob of over 30 artists performing Bohemian Rhapsody in Paris

Filed under: Interesting Sites — Suramya @ 11:54 PM

Over 30 artists got together as a flash mob in the streets of Paris to perform Bohemian Rhapsody and it is an awesome performance! Check it out below:


The most INSANE Bohemian Rhapsody Flashmob you will ever see!!

Thanks @Privacymatters for sharing it.

– Suramya

August 21, 2025

Try an Email quiz to see if you can identify valid email addresses

Filed under: Interesting Sites,Tech Related — Suramya @ 8:05 AM

Most people don’t really think about email addresses and how to validate if they are correct or not but developers have to do that frequently so that their applications can ensure people don’t input invalid data into the system. At first glance this seems like a fairly simple task but like all things the devil is in the details.

Sam Rose over at Mastodon shared a link to an interesting site with an Email Quiz that asks visitor to decide if each email address shown is valid or not. I tried it out earlier and only managed to get a little over 50% of the answers correct. You should check the site out and see what you score.

– Suramya

February 6, 2025

A Linux Distribution which runs directly within a PDF file

Filed under: Computer Software,Interesting Sites,Linux/Unix Related,My Thoughts,Tech Related — Suramya @ 11:01 PM

There is a semi-serious joke in the IT industry that anything that can compute is eventually used to play Doom and then run Linux. Now you can do both from inside a PDF file. Since the PDF specification supports Javascript a highschool student who goes by the handle ‘ading2210’ has implemented a RISC-V emulator in it which can run a barebones Linux distribution within the PDF file itself. This builds on top of the work done to get Doom to run inside the PDF file.

The full specfication for the JS in PDFs was only ever implemented by Adobe Acrobat, and it contains some ridiculous things like the ability to do 3D rendering, make HTTP requests, and detect every monitor connected to the user’s system. However, on Chromium and other browsers, only a tiny subset of this API was ever implemented, due to obvious security concerns. With this, we can do whatever computation we want, just with some very limited IO.

C code can be compiled to run within a PDF using an old version of Emscripten that targets asm.js instead of WebAssembly. With this, I can compile a modified version of the TinyEMU RISC-V emulator to asm.js, which can be run within the PDF. For the input and output, I reused the same display code that I used for DoomPDF. It works by using a separate text field for each row of pixels in the screen, whose contents are set to various ASCII characters. For inputs, there is a virtual keyboard implemented with a bunch of buttons, and a text box you can type in to send keystrokes to the VM.

The largest problem here is with the emulator’s performance. For example, the Linux kernel takes about 30-60 seconds to boot up within the PDF, which over 100x slower than normal. Unfortunately, there’s no way to fix this, since the version of V8 that Chrome’s PDF engine uses has its JIT compiler disabled, destroying its performance.

For the root filesystem, there are both 64 and 32 bit versions possible. The default is a 32 bit buildroot system (which was prebuilt and taken from the original TinyEMU examples), and also a 64 bit Alpine Linux system. The 64 bit emulator is about twice as slow however, so it’s normally not used.

You can try out the implementation of LinuxPDF here. More details of the project and the code used to create it is available on the project’s GitHub page.

– Suramya

January 3, 2025

Playing Doom to solve a CAPTCHA

Filed under: Computer Software,Interesting Sites — Suramya @ 10:48 AM

I guess traditional CAPTCHA’s are getting too easy for LLM’s and humans to solve so Guillermo Rauch decided to create a CAPTCHA that lets you play DOOM® to prove that you’re human.

The project works by leveraging Emscripten to compile a minimal port of Doom to WebAssembly and enable intercommunication between the C-based game runloop (g_game.c) and the JavaScript-based CAPTCHA UI.

Some extensions were made to the game to introduce relevant events needed for its usage in the context of a CAPTCHA.

It is actually a fun implementation of the game and while I doubt it will gain widespread usage it is an interesting proof of concept.

– Suramya

August 31, 2024

NASA has a site that uses LandSat images to spell a given name

Filed under: Astronomy / Space,Interesting Sites,My Thoughts — Suramya @ 8:30 PM

NASA satellites take a lot of photos of earth and they are available online to view but that doesn’t make it fun to look at them. So they have a site that spells out your name using landsat imagery. Which is a pretty cool way to showcase the images. You can try it out at the You Name in Landsat site.

Here’s how my name looks:

Suramya: Spelled using landsat images
Suramya: Spelled using landsat images

Hovering the cursor on each image gives you the name and location of the geological/geographical image used.

Source: Mastodon.world: @davidho

– Suramya

June 27, 2024

What’s the Difference Between Mastodon, Bluesky, and Threads?

Filed under: Interesting Sites,My Thoughts,Tech Related — Suramya @ 11:39 PM

When Twitter was taken over by Musk a lot of us folks moved to alternatives because of the change in the quality and tone of Twitter. In the early days many alternatives were created but now the field has narrowed down quite a bit and the main alternatives are: Mastodon, Bluesky, and Threads. I have accounts on both Mastodon and Bluesky but primarily use Mastodon as most of the security and Tech experts migrated to Mastodon. Some interesting folks are there on Bluesky as well but for some reason I don’t find it as interesting to scroll the feed over there.

If you are not aware of the apps you might wonder what is the difference between them, EFF (Electronic Freedom Foundation) did a great write up on the various alternatives to Twitter and you can check out the article here.

– Suramya

May 24, 2024

OpenSSF launches Siren to provide real-time security warning for Open Source Software

Filed under: Computer Security,Interesting Sites,Security Tools,Tech Related — Suramya @ 6:41 PM

Securing OpenSource software (OSS) can be a bit of a challenge at times and a lot of the Infosec feeds that give information on Security issues in software are commercial paid entities. There are software that scan for OSS vulnerabilities but we can always use more threat intelligence networks.

Open Source Security Foundation (OpenSSF) has launched a new threat intelligence sharing group called ‘OpenSSF Siren‘ that aims to provide real-time security warning bulletins and deliver a community-driven knowledge base to fill the gap between the open-source and enterprise communities.

The OpenSSF Siren is a collaborative effort to aggregate and disseminate threat intelligence specific to open source projects. Hosted by the OpenSSF, this platform provides a secure and transparent environment for sharing Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated with recent cyber attacks. Siren is intended to be a post-disclosure means of keeping the community informed of threats and activities after the initial sharing and coordination.

The Key features of the OpenSSF Siren include:

  • Open Source Threat Intelligence: shared with the community about actively exploited public vulnerabilities and threats.
  • Real-Time Updates: List members receive notifications via email about emerging threats which may be relevant to their projects, enabling swift action to mitigate risks.
  • TLP:CLEAR: To facilitate effective unrestricted transparent communication, the list follows the Traffic Light Protocol (TLP), Clear guidelines for the sharing and handling of intelligence.
  • Community-driven: Contributors from diverse backgrounds collaborate to enrich the intelligence database, fostering a culture of shared responsibility and collective defense.

You can sign up for it here: Siren Sign-Up
Source: OpenSSF sings a Siren song to steer developers away from buggy FOSS

– Suramya

Older Posts »

Powered by WordPress