Gonçalo Valério @dethos@s.ovalerio.net
Admin
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
[Header photo by Colin Watts, source Unsplash]
Joined Apr 2017
"OpenSSH ssh-agent Shielded Private Key Extraction (x86_64 Linux)"
https://security.humanativaspa.it/openssh-ssh-agent-shielded-private-key-extraction-x86_64-linux/
Gonçalo Valério
boosted
Incredibly exciting to get official confirmation that Germany's health service (@gematik1@twitter.com) has standardised on Matrix for secure decentralised communications, targeting all 150,000 healthcare organisations in Germany(!!!) 🤯 Read all about it at https://matrix.org/blog/2021/07/21/germanys-national-healthcare-system-adopts-matrix 💉🇩🇪🚀
"Qualys Research Team has discovered a size_t-to-int type conversion vulnerability in the Linux Kernel’s filesystem layer affecting most Linux operating systems. Any unprivileged user can gain root privileges on a vulnerable host by exploiting this vulnerability in a default configuration."
"Windows Hello bypassed using infrared image"
https://therecord.media/windows-hello-bypassed-using-infrared-image/
"biometrics", I think it is still preferable to rely on old fashioned passphrases.
"Remote code execution in cdnjs of Cloudflare"
"How we prevented subdomain takeovers"
https://tech.ovoenergy.com/how-we-prevented-subdomain-takeovers-and-saved-000s/
"Python Best Practices for a New Project in 2021"
So Github's Copilot is now suggesting secrets committed to other public repositories?
https://twitter.com/alexjc/status/1411966249437995010
The ultimate responsibility lies on who committed those secrets, but this could have been avoided since Copilot is acting as a distributor of those leaked secrets.
"Windows 11: TPMs and Digital Sovereignty"
Django: Potential SQL injection via unsanitized QuerySet.order_by() input
https://www.djangoproject.com/weblog/2021/jul/01/security-releases/
"Django for Startup Founders: A better software architecture for SaaS startups and consumer apps"
Interesting read 👍
"The Most Dangerous Censorship"
"WD My Book Live users wake up to find their data deleted"
"What's Inside the EU Green Pass QR Code?"
"Linux marketplaces vulnerable to RCE and supply chain attacks"
"All Freenode Channels and Users Gone"
https://www.reddit.com/r/linux/comments/o0263h/all_freenode_channels_and_users_gone/
It seems I no longer have an account on freenode. **I will not create a new one. So don't try to reach me through that network**.
Gonçalo Valério
boosted
The Debian Project hosts all its development IRC channels on irc.oftc.net and also has a thriving community on irc.libera.chat. The Debian Project no longer has control of #debian on the freenode IRC network. We thank the former freenode staff for their tireless work over many years. Please read https://wiki.debian.org/IRC for more information about Debian IRC channels.
Gonçalo Valério
boosted
#Django protip: `manage.py shell`, being a Python shell, can take a `-c` argument. You can use this to make aliases for operations that need to run in your Django environment but aren't worth creating a management command. (And remember, you can separate statements with semicolons instead of newlines!)
"A Project of One's Own"
"PGP Marks 30th Anniversary"
Admin
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
[Header photo by Colin Watts, source Unsplash]
Joined Apr 2017
