"Trusting clients is probably a security flaw"
https://liberda.nl/weblog/trust-no-client/
#security #infosec #cybersecurity
"Recent Docker BuildKit Features You're Missing Out On"
https://martinheinz.dev/blog/111
#docker #containers
"Debian Packaging from First Principles – Part 1 – Simple .deb"
https://mikecoats.com/debian-packaging-first-principles-part-1-simple/
#linux #apt #deb #dpkg
"CloudImposer: Executing Code on Millions of Google Servers with a Single Malicious Package"
#security #infosec #cybersecurity #dependencyconfusion #supplychain
"Microsoft's new Outlook client quietly moves your email to the cloud"
https://www.xda-developers.com/privacy-implications-new-microsoft-outlook/
No, No, No... Bad email client!
#security #privacy #email #outlook #microsoft
We are delighted to invite you to our Special Meetup Dinner, happening on October 14th.
In order to attend, we kindly ask you to register using the form.
The registration is limited to the restaurant's capacity.
Location: Basalto Restaurant
Time: 6:30 pm to 8:30 pm
Price: 60€
For more information visit:
https://www.meetup.com/madeira-bitcoin-meetup-group/events/299507900
shouldn't the price be set in BTC? 🤔
"Cloudflare helps verify the security of end-to-end encrypted messages by auditing key transparency for WhatsApp"
https://blog.cloudflare.com/key-transparency/
Interesting, but if I get it right, this "Key Transparency" thing doesn't protect users from the WhatsApp server itself. The solution to that continues to be the out-of-band verification of the fingerprint (by QR code or manually) 🤔
#security #infosec #cybersecurity #whatsapp #e2ee
"Goodhart's Law in Software Engineering"
https://buttondown.com/hillelwayne/archive/goodharts-law-in-software-engineering/
#dev #webdev #programming #softwaredevelopment
"Why we wrote a new form library for Django"
https://kodare.net/2024/09/11/why-we-wrote-a-new-form-library-for-django.html
#python #django
"Highlights from fwd:cloudsec Europe 2024"
https://securitylabs.datadoghq.com/articles/highlights-from-fwdcloudsec-europe-2024/
#security #cloudsec
Arc: "gaining access to anyones browser without them even visiting a website"
ouch... this is pretty bad 😱
#browsers #arc #security #infosec
"Ruby-SAML pwned by XML signature wrapping attacks"
https://ssoready.com/blog/engineering/ruby-saml-pwned-by-xml-signature-wrapping-attacks/
#security #ruby #saml #sso
"Let’s build and optimize a Rust extension for Python"
https://pythonspeed.com/articles/intro-rust-python-extensions/
#python #rust
"Rescuing Django Projects with Smoke Tests: Quick Wins for Long-Term Success"
https://lincolnloop.com/insights/rescuing-django-projects-with-smoke-tests/
"Then we start working with a “leave it better than you found it” philosophy." 💪
#python #django #webdev
"Evolving Django’s auth.User"
https://buttondown.com/carlton/archive/evolving-djangos-authuser/
I don't agree with the post's main premise, but it raises a few valid issues, and some of those simpler suggestions might be worth considering.
#django #webdev
"Please don't hijack my Python root logger"
"Avoid using the root logger in your library code. Instead, instantiate your own logger instance and configure it with your heart’s content."
https://rednafi.com/python/no_hijack_root_logger/
#python
"Watch the Typo: Our PoC Exploit for Typosquatting in GitHub Actions"
https://orca.security/resources/blog/typosquatting-in-github-actions/
#security #cicd #github #githubactions
"What’s the worst place to leave your secrets? – Research into what happens to AWS credentials that are left in public places"
https://cybenari.com/2024/08/whats-the-worst-place-to-leave-your-secrets/
#security #infosec #cybersecurity