Victor Loux Bookmarks Tag: security

91 bookmarks tagged “security

We Hacked Apple for 3 Months: Here’s What We Found

samcurry.net/hacking-apple/

maxgoedjen/secretive: Store SSH keys in the Secure Enclave

github.com/maxgoedjen/secretive

Best practices for managing & storing secrets like API keys and other credentials [2020]

blog.gitguardian.com/secrets-api-management/
It is extremely important to understand that code reviews will not always detect secrets, especially if they are hidden in previous versions of code. The reason code reviews are not adequate protection is because reviewers are only concerned with the difference between current and proposed states of the code, they do not consider the entire history of the project.

How a dash of mercury can rip a jet plane apart

io9.gizmodo.com/how-a-dash-of-mercury-can-rip-a-jet-plane-apart-5892694

Zero Trust Information – Stratechery by Ben Thompson

stratechery.com/2020/zero-trust-information/

Latacora - Stop Using Encrypted Email

latacora.micro.blog/2020/02/19/stop-using-encrypted.html
Email is unsafe and cannot be made safe. The tools we have today to encrypt email are badly flawed. Even if those flaws were fixed, email would remain unsafe. Its problems cannot plausibly be mitigated. Avoid encrypted email. Technologists hate this argument. Few of them specialize in cryptography or privacy, but all of them are interested in it, and many of them tinker with encrypted email tools. Most email encryption on the Internet is performative, done as a status signal or show ...

Writing Safe Shell Scripts

sipb.mit.edu/doc/safe-shell/

Introduction · OWASP Cheat Sheet Series

cheatsheetseries.owasp.org/

HTTP headers for the responsible developer - Twilio

twilio.com/blog/a-http-headers-for-the-responsible-developer

Princeton IoT Inspector

iot-inspector.princeton.edu/
an open-source tool that helps you learn more about your IoT devices with one-click install

Computer printers have been quietly embedding tracking codes in documents for decades — Quartz

qz.com/1002927/computer-printers-have-been-quietly-embedding-tracking-codes-in-documents-for-decades/

Security Checklist

securitycheckli.st/
A checklist for staying safe on the internet

ggerganov/kbd-audio: Tools for capturing and analysing keyboard input paired with microphone capture

github.com/ggerganov/kbd-audio
Tools for capturing and analysing keyboard input paired with microphone capture - ggerganov/kbd-audio

The Wartime Spies Who Used Knitting as an Espionage Tool | Atlas Obscura

atlasobscura.com/articles/knitting-spies-wwi-wwii.amp

Hardening macOS

blog.bejarano.io/hardening-macos.html

FiloSottile/mkcert: A simple zero-config tool to make locally trusted development certificates with any names you'd like.

github.com/FiloSottile/mkcert

Inside the Crypto World's Biggest Scandal | WIRED

wired.com/story/tezos-blockchain-love-story-horror-story/
One couple thought they held the secret to building a new decentralized utopia. On the way, they plunged into a new kind of hell. A crypto-tragedy in three acts.

Certificates for localhost - Let's Encrypt - Free SSL/TLS Certificates

letsencrypt.org/docs/certificates-for-localhost/

Audio Adversarial Examples

nicholas.carlini.com/code/audio_adversarial_examples/
We have constructed targeted audio adversarial examples on speech-to-text transcription neural networks: given an arbitrary waveform, we can make a small perturbation that when added to the original waveform causes it to transcribe as any phrase we choose.

[1708.09537] DolphinAtack: Inaudible Voice Commands

arxiv.org/abs/1708.09537