"Two vulnerabilities in Zoom could lead to code execution"
"How did I found SSRF in Facebook — the story of my first bug bounty"
"Sandboxing nginx with systemd"
The upcoming "Feature Policy" is now called "Permissions Policy":
We already updated the relevant part of our Web server security series: https://infosec-handbook.eu/blog/wss3-tls-headers/#ex-headers
Keep in mind that the Permissions Policy isn't supported by most web browsers, so you don't need to set it at the moment. Clients ignore it.
Achieving accessibility through simplicity
Ebooks with DRM suck. We should always try to buy them from stores/places that don't use this kind of crap.
"Catalina is checking notarization of unsigned executables"
or in another words:
Apple is tracking all the executables you run on "your" computer
wow, I have no words for this...
(From medium.com): Stealing Secrets from Developers using Websockets https://medium.com/@stestagg/stealing-secrets-from-developers-using-websockets-254f98d577a0
"Security scanners for Python and Docker: from code to dependencies"
"Google bans Podcast Addict app after 9 years for letting users play podcasts that reference COVID-19" -> https://reclaimthenet.org/google-play-suspends-podcast-addict/
"Google bans my events app for referencing Covid-19, or related terms"-> https://news.ycombinator.com/item?id=23221447
"Ask HN: How long has Google been censoring YouTube comments critical of China?"-> https://news.ycombinator.com/item?id=23221264
"Google deletes “communist bandits” 共匪 comments on Youtube globally."->https://news.ycombinator.com/item?id=23223219
🤔 Is there a new trend here? or just an old one?
"European Parliament strongly recommends any software developed by and for the EU institutions to be made publicly available under Free and Open Source Software licence"
"You don't need an image to run a container"
A list of security related tools. Perhaps we can find something interesting there:
The PeerTube content bootstrap fund:
"Report: Estimated 24,000 Android apps expose user data through Firebase blunders"
Pi-hole 5.0 is out.
👏 from my perspective this is a "must-have" tool for any home network.
"DOM XSS in Gmail with a little help from Chrome"
Multitasking when a computer works on several problems at once.
Prallelism is when several problems are being worked on in a single time slice. Concurrency is when one problem is worked on per time slice, but the problem being worked on changes from slice to slice.
True parallelism requires one hardware thread (or CPU core) per task. The kernel offers preemptive mulitasking as an alternative for when CPU time is over-committed (which is literally always, and badly); it "pre-empts" tasks and switches between them in each time slice, which is effectively a kind of transparent concurrency.
Cooperative multitasking is the opposite of preemptive multitasking, and in this case each task decides for itself when to relinquish control to another task. A common way of achieving this is coroutines.
A process is a task with its own isolated memory space. A thread is a task within a process, which shares its memory space. Multithreading is using multiple threads, multiprocessing is using multiple processes.
Did I miss anything?