It’s Global Encryption Day, and we’re proud to stand with dozens of other organizations that are calling on governments and the private sector to reject efforts to undermine encryption. https://www.eff.org/deeplinks/2021/10/global-encryption-day-lets-stand-privacy-and-security
"A Scientific Notation Bug in MySQL left AWS WAF Clients Vulnerable to SQL Injection"
"AWS WAF's Dangerous Defaults"
"What a monumental waste."
"Composability is the only game in town – Roam, shipping containers, Lego and Twitter."
"Bypassing required reviews using GitHub Actions"
Even when minimally configured and the handset is idle, with the notable exception of e/OS, these vendor-customized Android variants transmit substantial amounts of information to the OS developer and to third parties such as Google, Microsoft, LinkedIn, and Facebook that have pre-installed system apps. There is no opt-out from this data collection.
I happen to be using /e/ OS for the last ~2 years on all my #android phones and quite pleased to read it.
"Why Authorization is Hard"
Remember our toot about Nextcloud synchronisation? 🎉 Seems we have a winner!
🔄 With the merging of https://github.com/AntennaPod/AntennaPod/pull/5243#issuecomment-937046643 it will be possible to sync AntennaPod with a gPodder 'server' in your own Nextcloud instance.
Will be available in AntennaPod 2.5!
"... iPhones aren't as private as you think"
"Using 1Password's `op` CLI tool exposes your secrets to other users on your system."
"fail2ban – Remote Code Execution" (CVE-2021-32749)
"The IC has implemented network-based ad-blocking technologies and uses information from several layers, including Domain Name System information, to block unwanted and malicious advertising content," the CIO recently told Wyden's office, according to the letter.
"How (and Why) to Use AppRole Correctly in HashiCorp Vault"
⚠️ IMPORTANT: Users of Element Desktop/Web/Android, FluffyChat & Nheko should upgrade immediately to address a critical encryption vulnerability.
We are not aware of this being exploited in the wild yet, but as the bug is now disclosed please upgrade now. https://matrix.org/blog/2021/09/13/vulnerability-disclosure-key-sharing
"SSH Lateral Movement Cheat Sheet"
"Email Authenticity 101: DKIM, DMARC, and SPF"
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
[Header photo by Colin Watts, source Unsplash]
This is a personal and private instance.