Tagged “infosec”
Cheat sheet for if I'm gone
I like the idea, kinda agree with "this cheat sheet is likely to be come your weakest link in your security threat model" - where should you keep it?!
via hn
Corey Quinn on Twitter: "And now, a rundown of my personal security posture"
Amazing writeup.
- install all updates
- use a password manager
- Turn on disk encryption. Replacing a laptop is preferable than leaking data
- SSH keys in secure enclaces. Private key never leaves device. Public keys on github
- Block ads. "when third-party ad platforms started becoming attack vectors, I got religion on this."
- Use MFA, prefer physical keys
If you wouldn't let someone pull up a folding chair in your bathroom to Learn and Be Curious while watching you poop, don't let them have access to your email.
The End of Roe Will Bring About a Sea Change in the Encryption Debate
Seriously, stop using RSA
Mick Douglas
Watch your egress. Firewalls work both ways. Carefully monitor outbound traffic.
Real Me and Fake Me
The story of trying to track down your instagram double.
via HN
BlueTeam CheatSheet for Log4Shell
Security Advisories / Bulletins / Vendor Responses linked to Log4Shell (CVE-2021-44228)
Naomi not Niomi
Good and sufficiently scary summary
A Graduate Course in Applied Cryptography
Australia’s new mass surveillance mandate
cooool...
How I re-over-engineered my home network for privacy and security
Vulnerability in Bumble dating app reveals any user's exact location
Here are some beginner Cybersecurity and Information Security resources that are free!
Thanks Alexandria \U0001F49C
how to be popular
Excellent writeup. The CORS example dot points are a great example of good clear security explanations.
Many temptations of an open-source chrome extension developer
Reading this made me feel a little more justified in my general distrust of browser extensions. They have so much potential power!
Forensic Methodology Report: How to catch NSO Group’s Pegasus
A case against security nihilism
How the United States Lost to Hackers
Subtitle explains it - America’s biggest vulnerability in cyberwarfare is hubris. Shoting "this is 'murica" doesn't protect your data.
Cool glitchy animated drawings in the article.
How often should I rotate my ssh keys?
Good year to do this I guess. It definitely does need to be easier, that is probably a matter of keeping notes for "here are places I need to update when I change this key".
Crackpot Cryptography and Security Theater
See all tags.