Show more

Update for runC available. Users running a privileged runC container are vulnerable to an attack where a specially crafted image can replace a binary on the system allow root access. More info: tweeted by @ubuntu_sec

We've update our post on 'How to leave Google' to include lots of @fdroidorg apps. What other #GoogleAlternatives would you like us to add? 😃💪

Downgrade attack on TLS 1.3 and vulnerabilities in major TLS libraries:

– the attack leverages a side-channel leak via cache access timings (in OpenSSL, Amazon s2n, MbedTLS, Apple CoreTLS, Mozilla NSS, WolfSSL, and GnuTLS)
– it affects all TLS versions, including TLS 1.3
– one requirement for the attack are RSA key exchanges

#tls #rsa #key #exchange #tls13 #downgrade #encryption #https #crypto #infosec #cybersecurity #security

"An Incremental Architecture Approach to Building Systems", where/when does the monolith and microservices make sense.

Nice presentation about Rust, operating systems and programming languages, with a good chunk of time dedicated to some historical context. 👍

Commutes are free for employers. If those 2 hours lost on the road would be paid, remote work would have been the standard since the 90's.

How sloppy OPSEC gave researchers an inside look at the exploit industry

“Those government developers were testing out the WhatsApp malware on their own devices, and it was storing their discussions on the program’s servers.

The nation-state essentially had hacked itself and accidentally dumped highly sensitive information on the open internet—including details of its interactions with the secretive vendors who sell spyware to governments.”


Show more
Social feed

This is a personal and private instance.