Gonçalo Valério @dethos@s.ovalerio.net
Admin
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
[Header photo by Colin Watts, source Unsplash]
Joined Apr 2017
"Using PostgreSQL Views in Django"
"An Engineer's Hype-Free Observations on Web3 (and its Possibilities)"
https://www.psl.com/feed-posts/web3-engineer-take
🤔
"Systemd service hardening"
"GoDaddy Announces Security Incident Affecting Managed WordPress Service"
https://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htm
Gonçalo Valério
boosted
Today, the Tor Project is launching a new campaign to help censored users, and we need you. 🙌
How? Run a Tor Bridge! 🌉
Our goal is to add 200 new obs4 bridges to the network from November 18 - January 7, 2022, & we're offering prizes for running a bridge.
Gonçalo Valério
boosted
Apple’s announcement of a new Self Service Repair program shows there has been considerable pressure on the company to change its designs and policy to answer consumer demand for the right to repair. Let’s keep it up and keep them on the right track. https://www.eff.org/deeplinks/2021/11/apples-self-service-repair-program-must-live-its-promises
"XSS bug in Google Chrome’s ‘New Tab’ page bypassed security features"
"Second, on November 2 we received a report to our security bug bounty program of a vulnerability that would allow an attacker to publish new versions of any npm package using an account without proper authorization. We quickly validated the report, began our incident response processes, and patched the vulnerability within six hours of receiving the report."
oucch...
"Microsoft Calls Firefox’s Browser Workaround “Improper,” Will Block It"
https://www.howtogeek.com/768727/microsoft-calls-firefoxs-browser-workaround-improper-will-block-it/
Not your computer... 🙄
"Securing your digital life, part one: The basics"
https://arstechnica.com/features/2021/10/securing-your-digital-life-part-1/
The basics.
"Apple isn’t actually patching all the security holes in older versions of macOS"
"How to prevent email spoofing on your domain, using an unholy combination of silly standards."
https://simonandrews.ca/articles/how-to-set-up-spf-dkim-dmarc
New release of PostgreSQL:
https://www.postgresql.org/about/news/postgresql-141-135-129-1114-1019-and-9624-released-2349/
2 important security fixes:
* Server processes unencrypted bytes from man-in-the-middle
* libpq processes unencrypted bytes from man-in-the-middle
"You should use forums rather than Slack/Discord to support developer community."
https://www.mooreds.com/wordpress/archives/3451
Totally agree.
Gonçalo Valério
boosted
2 NPM packages with 22 million downloads found backdoored (installing malicious code) !
#News #Infosec #Cybersecurity #backdoor #NPM #security #javascript
https://thehackernews.com/2021/11/two-npm-packages-with-22-million-weekly.html
"This project will only take 2 hours"
https://web.eecs.utk.edu/~azh/blog/thisprojectwillonlytake.html
Exactly...
"npm install is curl | bash"
Gonçalo Valério
boosted
Signatures: The secret behind modern end-to-end encryption 🔒
https://kerkour.com/blog/signatures-modern-end-to-end-encryption/
Now that most of our communications are digital, a problem arises: How to keep our messages private despite all the intermediaries?
#100DaysOfCode #cryptography #Programming #Dev #Code #crypto #cryptoEngineering #security #cybersecurity #hacking #infosec
Admin
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
[Header photo by Colin Watts, source Unsplash]
Joined Apr 2017
