Gonçalo Valério @dethos@s.ovalerio.net
Admin
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
[Header photo by Colin Watts, source Unsplash]
Joined Apr 2017
Gonçalo Valério
boosted
"In Safari 15 on macOS, and in all browsers on iOS and iPadOS 15, the IndexedDB API is violating the same-origin policy. Every time a website interacts with a database, a new (empty) database with the same name is created in all other active frames, tabs, and windows within the same browser session."
https://fingerprintjs.com/blog/indexeddb-api-browser-vulnerability-safari-15/
Gonçalo Valério
boosted
Enforcing the pyramid of Open Source https://daniel.haxx.se/blog/2022/01/17/enforcing-the-pyramid-of-open-source/ - thoughts on how the pyramid works and why it is hard to "just fix".
https://www.youtube.com/watch?v=aXQ2lO3ieBA
Sounds familiar, doesn't it? 😂
"Memory location matters for performance"
https://pythonspeed.com/articles/performance-memory-locality/
Well written reminder of important CS concepts.
"A story of IP takeovers and open-source intelligence at scale"
https://caniphish.com/phishing-resources/blog/compromising-australian-supply-chains-at-scale
New node.js security release:
https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
"NPM might be executing malicious code in your CI without your knowledge"
Gonçalo Valério
boosted
Have you switched to WPA3 in your Wi-Fi?
/please boost
"Is your Python code vulnerable to log injection?"
https://dev.arie.bovenberg.net/blog/is-your-python-code-vulnerable-to-log-injection/
"How eBPF will solve Service Mesh - Goodbye Sidecars"
https://isovalent.com/blog/post/2021-12-08-ebpf-servicemesh
🤔
"Cloud Security Breaches and Vulnerabilities: 2021 in Review"
https://blog.christophetd.fr/cloud-security-breaches-and-vulnerabilities-2021-in-review/
"LastPass users warned their master passwords are compromised"
Gonçalo Valério
boosted
RT @niloconthecob@twitter.com
good arguments here arguing for FOSS projects to use OSS software. @matrixdotorg@twitter.com over @discord@twitter.com, @gitlab@twitter.com or @radicle@twitter.com over @github@twitter.com, @joinmastodon@twitter.com over @Twitter@twitter.com ?
https://drewdevault.com/2021/12/28/Dont-use-Discord-for-FOSS.html
🐦🔗: https://twitter.com/niloconthecob/status/1475815188058288130
"If You’re Not Doing Continuous Asset Management You’re Not Doing Security"
https://danielmiessler.com/blog/continuous-asset-management-security/
Gonçalo Valério
boosted
RT @element_hq@twitter.com
4️⃣ 📈Matrix is skyrocketing, and now has more than 43 million users! 🤩
The full rundown of the year for both Matrix and Element are live! 🙌
You can read both blogs here...
Element: https://element.io/blog/2021-its-been-a-busy-year-for-element/
Matrix: https://matrix.org/blog/2021/12/22/the-mega-matrix-holiday-special-2021
🐦🔗: https://twitter.com/element_hq/status/1473965936474570764
"Understanding the Impact of Apache Log4j Vulnerability"
https://security.googleblog.com/2021/12/understanding-impact-of-apache-log4j.html
Admin
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
[Header photo by Colin Watts, source Unsplash]
Joined Apr 2017
