Some recently disclosed vulnerabilities rails developers should be aware of:
- Denial of Service Vulnerability in Action View - https://seclists.org/oss-sec/2019/q1/177
- File Content Disclosure in Action View - https://seclists.org/oss-sec/2019/q1/178
- Possible Remote Code Execution Exploit in Rails Development Mode - https://seclists.org/oss-sec/2019/q1/176
Upgrade your apps.
As requested, I also uploaded it to PeerTube: https://peertube.social/videos/watch/d9bd2ee9-b7a4-44e3-8d65-61badd15c6e6
170 years of German publishers demanding special copyrights for the press because of new technology.
The snippet taxes of Article 11 will be used to enrich publishers at the expense of actual journalism.
The ACME Protocol is an IETF Standard https://letsencrypt.org/2019/03/11/acme-protocol-ietf-standard.html
"3 million vehicles can be unlocked remotely via trivially discovered web API vulnerability"
"unhackable" is a very strong word.
Password Managers: Under the Hood of Secrets Management
It would be nice read a similar analysis for password managers that also run on Linux such as: keepassX, keepassXC, pass, etc.
"Incidents — Trends from the Trenches"
An overview about the causes of production incidents
History is made: petition opposing the EU's #Article13 internet censorship plan draws more signatures than any petition in human history
"Delegate outcomes, not activities."
"German Data Privacy Commissioner Says Article 13 Inevitably Leads to Filters, Which Inevitably Lead to Internet "Oligopoly"
Europe attempting to require manufacturer DRM to ban custom firmware on WiFi hardware (also almost anything else that transmits RF) https://blog.mehl.mx/2019/protect-freedom-on-radio-devices-raise-your-voice-today/
Grouping logging output in the browser console:
"ETS Isn't TLS and You Shouldn't Use It"