Andrew Whalley
LightNews LightNews
banner
arw.me
Andrew Whalley
@arw.me
430 followers 380 following 130 posts
An Englishman in San Francisco. Director of Security for Google Chrome.
Posts Replies Media Videos
Reposted by Andrew Whalley
theonion.com
Chuck Schumer Helps Pull Democrats Back From Brink Of Courage
Chuck Schumer Helps Pull Democrats Back From Brink Of Courage
November 10, 2025 at 5:02 AM
arw.me
It's time to make HTTPS the web's default, and reap the full security benefit from years worth of HTTPS adoption!
security.googleblog.com/2025/10/http...
HTTPS by default
One year from now, with the release of Chrome 154 in October 2026, we will change the default settings of Chrome to enable “Always Use Secu...
security.googleblog.com
October 28, 2025 at 5:17 PM
arw.me
BECOME UNOVENABLE 🪿
mbrowley.bsky.social Matthew Rowley @mbrowley.bsky.social · Oct 17
Ovenable. This container is not ovenable.
July 31, 2025 at 3:27 AM
arw.me
Somewhat ironic that this is the week I start VPNing /in/ to the UK so I can listen to BBC Sounds again.
July 29, 2025 at 12:09 AM
arw.me
bsky.app/profile/jenn...
secretaboutbox.bsky.social secretaboutbox.bsky.social @secretaboutbox.bsky.social · Jul 11
*alex horne voice* quote this with the best post. you have three hours and one attempt. your time starts now
July 12, 2025 at 1:05 AM
Reposted by Andrew Whalley
dadrian.io
Just posted a deep dive on how Chrome integrates with Advanced Protection Mode on Android. security.googleblog.com/2025/07/adva...
Advancing Protection in Chrome on Android
Posted by David Adrian, Javier Castro & Peter Kotwicz, Chrome Security Team Android recently announced Advanced Protection , which extend...
security.googleblog.com
July 8, 2025 at 6:57 PM
arw.me
Another great ancillary benefit of memory safe languages: Cool infrastructure projects remain cooler for longer 😎

Library authors can provide great functionality without implicitly signing up for the slew of security bugs that are sadly the consequence of a large c/c++ project.
vcsjones.dev Kevin Jones @vcsjones.dev · Jun 21
Everyone wants to maintain a cool infrastructure library until maintaining a cool infrastructure library is no longer convenient.
June 21, 2025 at 11:50 PM
Reposted by Andrew Whalley
filippo.abyssdomain.expert
Here's something I am very excited about: Photosynthesis! 🌱☀️

A proposal to have CAs run transparency logs and make X.509 certificates out of Merkle Tree inclusion proofs.

This is similar to how CT would have worked in an ideal world, and it solves the problem of PQC sizes in logs and handshakes.
[TLS] Photosynthesis, an update to Merkle Tree Certificates
Photosynthesis combines the Static CT API with the ideas in Merkle Tree Certificates.
mailarchive.ietf.org
June 20, 2025 at 7:11 PM
arw.me
Happy solstice! 🌞🌝
June 20, 2025 at 5:21 PM
arw.me
British Airways, to give a taste of how long a transatlantic flight feels, created BA.com
June 17, 2025 at 4:25 AM
Reposted by Andrew Whalley
elizabethjacobs.bsky.social
Screenshot of scene from the old game Oregon Trail. There is a green graphic on a black background. The graphic is of an ox pulling a wagon and below it is says YOU HAVE LISTENED TO RFK Jr.
May 31, 2025 at 11:28 PM
Reposted by Andrew Whalley
amyre.bsky.social
Behold my favorite weird Chrome security bug of 2025 so far!

A jaw-dropping URL / omnibox spoof via ligatures, specifically the googlelogo ligature.

issues.chromium.org/issues/39178...
Chromium
issues.chromium.org
May 16, 2025 at 3:16 PM
arw.me
Ed Balls
April 28, 2025 at 9:11 PM
Reposted by Andrew Whalley
laurencerowe.bsky.social
Note that you can get a new social security card without that wording when you get a green card.
I did so will double check I told them when I became a citizen!
April 20, 2025 at 4:10 AM
arw.me
🗽 PSA for naturalised citizens: If you never got a new social security card when you became a citizen, and your existing card has "valid for work only with ins/dns authorization" you are likely still in the Social Security database as a non-citizen.
April 20, 2025 at 2:07 AM
arw.me
Just purchased a sledge hammer, and now have Peter Gabriel stuck in my head.
April 13, 2025 at 8:19 PM
Reposted by Andrew Whalley
rbyers.net
I'm excited about this program! Chromium isn't necessarily easy, but I know there are great engineers out there who would love to get paid for improving it!
socbb.bsky.social Supporters Of Chromium-Based Browsers @socbb.bsky.social · Apr 3
🚨 Attention Chromium developers! 🚨

The SOCBB Bug Bounty Program is offering up to $10,000 for fixing bugs in Chromium-based browsers like Chrome & Edge! Contribute to repos like chromium, v8, and more.

Get paid via GitHub Sponsors! Start fixing: github.com/Supporters-O...

#Chromium #OpenSource
April 4, 2025 at 2:52 AM
arw.me
Postcard from San Francisco
A handwritten sign on a lamppost reading “we will not let Trump dig our grave”
March 30, 2025 at 12:44 AM
Reposted by Andrew Whalley
anniesullie.com
Here are the project ideas and info for Chromium:
Chromium GSoC 2025 Project Ideas and Info
Chromium GSoC 2025 Project Ideas and Info
docs.google.com
March 6, 2025 at 5:33 PM
arw.me
🥞 Happy Pancake Day! 🥞
March 4, 2025 at 11:09 PM
Reposted by Andrew Whalley
kenwhite.bsky.social
We are, unequivocally, the Bad Guys.

We have been before, and we will be again, no doubt, but this one is particularly repellent.
February 24, 2025 at 7:48 PM
arw.me
Slava Ukraini 🇺🇦
February 24, 2025 at 3:08 PM
arw.me
I think Swiss Air is saying you can smoke in the toilets, but only if you don’t get caught?
February 17, 2025 at 12:36 PM
Reposted by Andrew Whalley
evacide.bsky.social
These are unsophisticated actors. They use the wrong fork at dinner.
February 13, 2025 at 6:11 PM
arw.me
Am I allowed to feel smug about being all hip and getting the pop culture reference, if I only know about it because of @kenwhite.bsky.social ?
whysharksmatter.bsky.social David Shiffman, Ph.D. 🦈 @whysharksmatter.bsky.social · Feb 12
If we’re renaming bodies of water based on petty grievances, I propose that this be renamed the Kendrick Lamar passage.
Google maps screenshot of the Drake passage between South America and Antarctica
February 12, 2025 at 4:30 PM