recentpopularlog in

teffalump : security   632

« earlier  
Obscure E-Mail Vulnerability
real interesting that it depends on differences between the systems
email  security 
may 2018 by teffalump
To freeze or not to freeze
"We found that total body motion was a reliable indicator of guilt, and works about 75% of the time"
security  anthropology  psychology  psychiatry  research 
march 2018 by teffalump
The Absurdly Underestimated Dangers of CSV Injection
wow! didn't know this about csv - can execute formula, make external requests, etc.
injection  security  standards  vulnerability  hacking  design 
november 2017 by teffalump
Firefox Send
"Send files through a safe, private, and encrypted link that automatically expires to ensure your stuff does not remain online forever."
security  tools  reference 
september 2017 by teffalump
Social Media Needs A Travel Mode (Idle Words)
the problem is that when these are implemented (as 1password did?), they are equally obtainable as any other passwords if the border patrol wants them - they can just force you to divulge the protected passwords as easily as any other --- that is, i think schneier pointed out that they aren't technically hidden, more like obscurity than a cryptographic protection; still, a good idea but should be also put towards the legal protection angle
politics  privacy  security  law 
july 2017 by teffalump
London Attackers Slipped By Despite an Avalanche of Warnings
I just don't get this. This seems like incompetence and/or not enough analysis budget. Like, you have enough money to dragnet all communications, and you can't do close follow up on an obvious security concern? smh
security  privacy  terrorism  intelligence 
july 2017 by teffalump
Got Robocalled? Don’t Get Mad; Get Busy.
this seems a similar issue to ip spoofing, where the isp/network owner could easily enact technical solutions to prevent but doesn't.... market failure?
crime  security  telephony  spam  malware 
july 2017 by teffalump
Hacker, Hack Thyself
really interesting - about cracking password hashes
database  password  security  hacking 
june 2017 by teffalump
Phishing with Unicode Domains
wow, fascinating! "Punycode makes it possible to register domains with foreign characters. It works by converting individual domain label to an alternative format using only ASCII characters. For example, the domain "xn--s7y.co" is equivalent to "短.co"."
dns  security  vulnerability  hacking  design 
may 2017 by teffalump
Decent Security
lots of good stuff in here: i don't know windows too much, so this will seem to help me when i help *cough* relatives *cough* with windows
security  windows  howto  reference 
january 2017 by teffalump
GitHub - google/wycheproof
"Project Wycheproof tests crypto libraries against known attacks" - great!
cryptography  security  cool  code  project 
january 2017 by teffalump
SMART – Security | Hay on FHIR
problem is patient access now, which fhir doesn't help all that much with defining well
fhir  security  design 
august 2016 by teffalump
Open Whisper Systems >> Blog >> Reproducible Signal builds for Android
HAHAH!: "Just to head off the inevitable deluge of GPG encrypted emails with dramatic subject lines, we are not doing this in response to any kind of legal threat or presssure. This is just a weekend hack, please don't make us regret it."
software  security  privacy  compiler  design 
april 2016 by teffalump
The Trouble with CloudFlare
And tor's rebuttal. This seems to be a strong point: "A report by CloudFlare competitor Akamai found that the percentage of legitimate e-commerce traffic originating from Tor IP addresses is nearly identical to that originating from the Internet at large. (Specifically, Akamai found that the "conversion rate" of Tor IP addresses clicking on ads and performing commercial activity was "virtually equal" to that of non-Tor IP addresses)."
security  tor  internet  culture  infrastructure  privacy  design  anonymity 
april 2016 by teffalump
The Trouble with Tor
cloudflare isn't in my good graces, but here are their points
anonymity  tor  captcha  internet  culture  infrastructure  design  security  privacy 
april 2016 by teffalump
How Google’s Web Crawler Bypasses Paywalls
user-agent and referrer; hmm... porous paywalls seem to be ok, good enough, so to speak but it is unfair (?) to allow search engines to bypass them and display them... somewhat misleading
google  security  money  business  design 
march 2016 by teffalump
Judge in Anthem Case Rules That Breach Harmed Patients
odd that damage had to be shown previously, or at least, 'damage' is so weirdly strict; good ruling
money  business  privacy  law  regulation  data  security 
march 2016 by teffalump
RPISEC/Malware: Course materials for Malwar... - GitHub
cool: "This repository contains the materials as developed and used by RPISEC to teach Malware Analysis at Rensselaer Polytechnic Institute in Fall 2015. This was a university course developed and run soley by students, primarily using the Practical Malware Analysis book by Michael Sikorski and Andrew Honig, to teach skills in reverse engineering, malicious behaviour, malware, and anti-analysis techniques."
education  malware  cool  code  project  school  security  hacking  vulnerability  reference 
january 2016 by teffalump
Juniper Removes Dual_EC, ANSI X9.31 Algorithms
NSA adds backdoor, someone backdoors backdoor, etc. -- perfect reason why backdoors are a bad idea
network  security  cryptography  secrecy  privacy  regulation  law  open  source 
january 2016 by teffalump
StackExchange/blackbox - Shell - GitHub
awesome: "Safely store secrets in a VCS repo (i.e. Git, Mercurial, Subversion or Perforce). These commands make it easy for you to Gnu Privacy Guard (GPG) encrypt specific files in a repo so they are "encrypted at rest" in your repository. However, the scripts make it easy to decrypt them when you need to view or edit them, and decrypt them for use in production. Originally written for Puppet, BlackBox now works with any Git or Mercurial repository."
encryption  gpg  git  mercurial  security  config  cool  code  project  tools  tool 
january 2016 by teffalump
« earlier      
per page:    204080120160

Copy this bookmark:





to read