Victor Loux Bookmarks Tag: security

70 bookmarks tagged “security

Best practices for managing & storing secrets like API keys and other credentials [2020]

blog.gitguardian.com/secrets-api-management/
It is extremely important to understand that code reviews will not always detect secrets, especially if they are hidden in previous versions of code. The reason code reviews are not adequate protection is because reviewers are only concerned with the difference between current and proposed states of the code, they do not consider the entire history of the project.

Latacora - Stop Using Encrypted Email

latacora.micro.blog/2020/02/19/stop-using-encrypted.html
Email is unsafe and cannot be made safe. The tools we have today to encrypt email are badly flawed. Even if those flaws were fixed, email would remain unsafe. Its problems cannot plausibly be mitigated. Avoid encrypted email. Technologists hate this argument. Few of them specialize in cryptography or privacy, but all of them are interested in it, and many of them tinker with encrypted email tools. Most email encryption on the Internet is performative, done as a status signal or show ...

Princeton IoT Inspector

iot-inspector.princeton.edu/
an open-source tool that helps you learn more about your IoT devices with one-click install

Inside the Crypto World's Biggest Scandal | WIRED

wired.com/story/tezos-blockchain-love-story-horror-story/
One couple thought they held the secret to building a new decentralized utopia. On the way, they plunged into a new kind of hell. A crypto-tragedy in three acts.

Audio Adversarial Examples

nicholas.carlini.com/code/audio_adversarial_examples/
We have constructed targeted audio adversarial examples on speech-to-text transcription neural networks: given an arbitrary waveform, we can make a small perturbation that when added to the original waveform causes it to transcribe as any phrase we choose.

The law isn’t ready for the internet of sexual assault

engadget.com/2017/05/24/sextech-hacking-laws/
If the Mirai botnet taught us anything, it's that no device connected to the internet is safe from hacking. In that incident, malware hijacked thousands of dev...