The One Million Bytes Podcast

The mentioned blog post on my later (better-educated!) attempt at reviving the computer: www.richinfante.com/2019/01/19/repairing-old-pc

In this episode, I talk about Meshtastic, an open source decentralized encrypted peer-to-peer mesh network for off grid communications. You can leverage Meshtastic to communicate long distances, using economical off the shelf hardware.

Relevant Meshtastic Documentation:

• Getting Started
• Meshtastic Hardware
• Telemetry
• Flash your Meshtastic Device
• Meshtastic Web Client
• Mesh Broadcast Algorithm
• Encryption

Other Links:

• MQTT Node Map
• My Meshtastic Case 3D Print
• Discord Invite
• Reddit: /r/meshtastic/

Core Devices is releasing some new smartwatches, a successor to the Pebble Watch. I also discuss some of the constraints Apple puts on third party smartwatch developers.

Some links from this episode:

• Core Devices Pre-order Page
• FAQ
• Blogpost on Apple restrictions

In this episode, we discuss the recent tj-actions/changed-files github action compromise. I propose some ways we can apply existing solutions to this problem, in a way that doesn’t add too much extra friction, but can greatly lessen the number of users impacted by a compromise like this.

I also mention some information from Step Security’s blog post on the topic, which I’d recommend reading: https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised

See also: This episode in blog form

Edit: I have published a revised version of this episode clarifying the current state of dependabot for managing action updates.

A companion to my blog post on permissions misconfigurations and how ssm:StartSession and similar AWS APIs can be abused to traverse across your network or escalate privileges.

I discuss the rebirth of Pebble, and a recent hacking project where I upgraded major parts of the Toolchain/SDK to run on modern Python 3.

Eric’s blog posts: Success and Failure at Pebble (2021), How to help us build open source Pebble software! (2025)

My Watchfaces can be found on the Rebble app store. You can also find my fork for RebbleTool here on Github: https://github.com/richinfante/rebbletool, and further info on my blog.