Status as of 2026-05-19
The site is offline while I investigate and remediate a security incident. Thanks for your patience.
Maintenance status as of 2026-05-15
nolongerset.com was temporarily compromised on Wednesday, May 14, 2026, between 3:37 PM and 10:38 PM US Eastern Time (19:37 UTC May 14 through 02:38 UTC May 15). During this window, some visitors may have been shown a fake verification prompt instructing them to perform a sequence of keyboard shortcuts.
If you visited the site during this window and followed any such instructions, please run a full antivirus scan on the affected device and consider changing passwords for important accounts from a different, known-clean device.
If you visited but did not follow on-screen instructions to use your keyboard, no action is needed.
The root cause has been identified and remediation is underway.
The site has been down longer than I initially expected. Here's a brief update on where things stand.
I have been self-hosting this blog on an open-source publishing platform since I first started it in 2020. My latest understanding of the attack strongly suggests it was due to a platform vulnerability. What's more, the vulnerability was reported to the team that supports the platform. They fixed the vulnerability, rolled it out on their official hosting site, and then published the patch to their open source project.
In the age of AI-assisted development, the time from patched vulnerability in an open-source project to weaponized exploit is rapidly moving from months/weeks to days/hours. In that reality, even patching the day a release ships (already an ambitious goal) may not be fast enough anymore. The window between "publicly known" and "publicly exploited" is shrinking every day.
With that emerging reality in mind, I've decided to migrate the site to the platform vendor's fully-managed hosting service. Managed customers receive patches for responsibly-reported vulnerabilities before those vulnerabilities are even publicly acknowledged. That's a feature that self-hosting simply can't match.
Unfortunately, I don't have a firm restoration date yet. Migrating to the vendor platform likely extends that timeline. I'll post another update when I have a better idea of when the site will be back online.
Thanks for your patience.