Interesting post summing up the experience of working remotely for 10 years.
"Stealing Downloads from Slack Users"
Understanding the MDS vulnerability: What it is, why it works and how to mitigate it
More discussion here: https://news.ycombinator.com/item?id=19885627
As someone said:
> This once again reinforces the point that a backup is worthless if you haven't tested restore.
Nice post about some important HTTP headers:
Local-first software - You own your data, in spite of the cloud
"Spoofing OpenPGP and S/MIME Signatures in Emails"
"Attacking Cloud Containers Using SSRF"
The "hackerone" report is also worth reading.
"What can I use to encrypt my Linux filesystem?":
– LUKS/LVM supports full-disk encryption (and optionally 2FA)
– ext4 supports folder-based encryption
– eCryptFS/encfs are outdated/unmaintained
– GoCryptFS uses modern crypto but leaks metadata
– CryFS uses modern crypto and hides metadata but is slower than GoCryptFS
Thanks to Mr. Schumacher from Magdeburger Institut für Sicherheitsforschung
"abusing web browsers for persistent and stealthy computation"
Sure ... "unintentionally"...
The one you should use for now is: "uBlock Origin"
"The danger of exposing docker.sock":
"Don’t trust the locals: investigating the prevalence of persistent client-side cross-site scripting in the wild"
Always sanitize the content fetched for local-storage before injecting it on any page.
The next-generation WiFi security protocol is already broken. Devices making use of it haven’t even been released yet. https://thehackernews.com/2019/04/wpa3-hack-wifi-password.html
Nice post about how to distribute your python app as a "snap".