Gonçalo Valério boosted
Unix Weekly

Mullvad VPN relay audit

assured.se/publications/Assure

Discussions: discu.eu/q/https://www.assured

#linux #programming #security #unix

0
Gonçalo Valério

"Python packages upload your AWS keys, env vars, secrets to the web"

blog.sonatype.com/python-packa

0
Gonçalo Valério boosted
raeaw

u can save so much money by staying 5-10 years behind all the latest trends

1
Gonçalo Valério

"How to: Look for TLS private keys on Docker Hub"

labs.detectify.com/2022/06/16/

0
Gonçalo Valério

"Terraform as part of the software supply chain"

"... Looking at the security of Terraform itself and the things which could go wrong when running it, however, have very little coverage so far."

about.gitlab.com/blog/2022/06/

0
Gonçalo Valério

"Python logging: do’s and don’ts"

palkeo.com/en/blog/python-logg

0
Gonçalo Valério

"Firefox rolls out Total Cookie Protection by default to all users worldwide"

blog.mozilla.org/en/products/f

👍

0
Gonçalo Valério

"Dockerfile best-practices for writing production-worthy Docker images."

github.com/hexops/dockerfile

0
Gonçalo Valério

"Public Travis CI Logs (Still) Expose Users to Cyber Attacks"

blog.aquasec.com/travis-ci-sec

0
Gonçalo Valério

"Changing the End-of-Life Date for Node.js 16 to September 11th, 2023"

"When we put together Node.js 16 the hope was that we would be able to include OpenSSL 3. Unfortunately, the timing of the releases did not allow that to be possible, and we released Node.js 16 with OpenSSL 1.1.1. OpenSSL 1.1.1 is scheduled to be supported up until September 11th, 2023, which is seven months before the planned End-of-Life date of Node.js 16 (April 2024)."

nodejs.org/en/blog/announcemen

0
Gonçalo Valério

"“PACMAN” Hack Can Break Apple M1’s Last Line of Defense"

spectrum.ieee.org/pacman-hack-

0
Gonçalo Valério boosted
CCC

Open Letter: #Chatcontrol – A danger for everyone’s privacy, security, free expression, incl. the very children it aims to protect edri.org/our-work/european-com

0
Gonçalo Valério boosted
CryptPad

📝 We are gathering articles and actions against #chatcontrol in this document: cryptpad.fr/code/#/2/code/view

If you have any suggestions send them our way!

1+
Gonçalo Valério

"Python 3.11 Performance Benchmarks Are Looking Fantastic"

phoronix.com/scan.php?page=art

0
Gonçalo Valério

"Fallacies of Distributed Systems"

architecturenotes.co/fallacies

0
Gonçalo Valério

"The faces from China’s Uyghur detention camps"

bbc.co.uk/news/extra/85qihtvw6

Sad ... as someone once said:
"Those who cannot learn from history are doomed to repeat it."

0
Gonçalo Valério boosted
Tails

Tails 5.1 is out

This release fixes the security vulnerability in the JavaScript engine of Firefox and Tor Browser announced on May 24.

It was delayed from May 31 to June 5 because of a delay in the release of Tor Browser.

this is also new:
- automatically fixing the clock when connecting to Tor
- new homepage for the "Unsafe Browser" to make it easier for users to understand how to sign into a captive portal
- better Kleopatra integration
...and more.

Full report:
tails.boum.org/news/version_5.

1+
Gonçalo Valério

"Zero-Day Exploitation of Atlassian Confluence"

volexity.com/blog/2022/06/02/z

0
Gonçalo Valério

"Certificate Transparency data is used to compromise WordPress before installation"

feistyduck.com/bulletproof-tls

Not restricted to WP, also applies to many other PHP applications.

0
Gonçalo Valério boosted
Carlos Mogas da Silva

RT @0xBacco
Follina P2?

Wget the html payload as user = auto execute???

0
Show older
Social feed

This is a personal and private instance.

Resources

Developers

What is Mastodon?

s.ovalerio.net

More…

v3.5.3 · Privacy policy