integrity   1472

« earlier    

Protect your site from Cryptojacking with CSP + SRI
Let's take the ICO as an example, they load the affected file like this:

<script src="//www.browsealoud.com/plus/scripts/ba.js" type="text/javascript"></script>


That's a pretty standard way to load a JS file and the browser will go and fetch that file and include it in the page, along with the crypto miner... Want to know how you can easily stop this attack?

<script src="www.browsealoud.com/plus/scripts/ba.js" integrity="sha256-Abhisa/nS9WMne/YX+dqiFINl+JiE15MCWvASJvVtIk=" crossorigin="anonymous"></script>


That's it. With that tiny change to how the script is loaded, this attack would have been completely neutralised. What I've done here is add the SRI Integrity Attribute and that allows the browser to determine if the file has been modified, which allows it to reject the file. You can easily generate the appropriate script tags using the SRI Hash Generator and rest assured the crypto miner could not have found its way into the page. To take this one step further and ensure absolute protection, you can use Content Security Policy and the require-sri-for directive to make sure that no script is allowed to load on the page without an SRI integrity attribute. In short, this could have been totally avoided by all of those involved even though the file was modified by hackers. On top of all of that, you could be alerted to events like this happening on your site via CSP Reporting which is literally the reason I founded Report URI. I guess, all in all, we really shouldn't be seeing events like this happen on this scale to such prominent sites.
javascript  cybersecurity  integrity 
12 days ago by bwiese
ReFS integrity streams | Microsoft Docs
So filesystem checksumming, the ostensible reason to even try ReFS, is off by default...
windows  filesystem  ReFS  checksum  integrity  sysadmin  tips  tricks 
15 days ago by asteroza
Zanzibar
Determining whether online users are authorized to access digital objects is central to preserving privacy. This paper presents the design, implementation, and deployment of Zanzibar, a global system for storing and evaluating access control lists. Zanzibar provides a uniform data model and configuration language for expressing a wide range of access control policies from hundreds of client services at Google, including Calendar, Cloud, Drive, Maps, Photos, and YouTube. Its authorization decisions respect causal ordering of user actions and thus provide external consistency amid changes to access control lists and object contents. Zanzibar scales to trillions of access control lists and millions of authorization requests per second to support services used by billions of people. It has maintained 95th-percentile latency of less than 10 milliseconds and availability of greater than 99.999% over 3 years of production use.
consistency  authorization  integrity 
19 days ago by mpm
Everything you should know about certificates and PKI but are too afraid to ask
This is the missing manual. I reckon most engineers can wrap their heads around all the most important concepts and common quirks in less than an hour. That’s our goal here. An hour is a pretty small investment to learn something you literally can’t do any other way.
confidentiality  integrity 
26 days ago by mpm
Opinion | Now Twitter Edits The New Yorker - The New York Times
Nevertheless, Bannon remains among the most outspoken impresarios of nationalist, illiberal politics in an age when such politics are sweeping the globe. If high-profile interviews with a racist like George Wallace or a theocrat like Ayatollah Ruhollah Khomeini were worth doing by a past generation of journalists, Remnick reasoned, why not one with Bannon?

That’s nice, and possibly sincere. But as a friend recently remarked with respect to another publication that quickly capitulated to online furies, what this really means is that Remnick is no longer the editor of The New Yorker. Twitter is. Social media doesn’t just get a voice. Now it wields a veto. What used to be thought of as adult supervision yields — as it already has in Congress and at universities — to the itch of the crowd.

And not just the crowd. As Remnick acknowledged, members of his own staff also revolted at the invitation. One of his writers, Kathryn Schulz, took to Twitter to say she was “beyond appalled” and invited readers to write Remnick in order to add their voices to the pressure.

That’s an astonishing statement coming from any journalist who believes that the vocation should largely be about putting tough questions to influential people, particularly bad people. If speaking truth to power isn’t the ultimate task of publications such as The New Yorker, they’re on the road to their own left-wing version of “Fox & Friends.”

It has kept Bannon’s name prominently in the news, no doubt to his considerable delight. It has turned a nativist bigot into a victim of liberal censorship. It has lent credence to the belief that journalists are, as Bannon said of Remnick, “gutless.” It has corroborated the view that the news media is a collection of left-wing group thinkers who, if they aren’t quite peddling “fake news,” are mainly interested in advancing only their own truths. It has kept readers of The New Yorker locked in their usual echo chamber. It has strengthened the belief that vulnerable institutions can be hounded into submitting to the irascible (and unappeasable) demands of social media mobs. Above all, it has foreclosed an opportunity to submit Bannon to the kind of probing examination that Remnick had initially promised, and that is journalism at its best.
journalism  integrity  socialmedia  twitteroutrage 
5 weeks ago by kme
The Book of Life -- On Being Angry with a Parent
'One of the more shocking and difficult emotions one may feel towards one’s parents is anger. It might have been acceptable, as a toddler, to have had the odd tantrum in front of them or even to have been a bit sulky as a teenager, but as an adult, one is meant to have developed a broadly benevolent and friendly relationship to them. Society keeps enforcing the message by presenting us with situations where one should be keen to get together: holidays, birthdays and the inevitable Mother and Father’s Days. But for some of us, these demands are intensely oppressive. We cannot smile as we should. We can’t write the card that so-called normal people would write. Our manner is strained around the parental dinner table. We can’t wait to head back to our lives. We find aspects of chatting to them unbearable. We know our parents love us and despite everything, we love them too. But their company is in a practical sense truly untenable. We feel at once guilty and oppressed. We call far less than we should. We’ll feel devastated but also not a little relieved on the terrible day when they’ll no longer be around. -- Might there be a way of clearing the atmosphere? We probably long – deep down – to have it out with them and explain more about our avoidant manner, whose roots lie in childhood. Instead of sending them the usual meaningless cheery postcard, might we not – for once – try to speak the awkward truth to them? It can take a very long time to be clear in our own minds about our feelings – and to develop the courage to speak. -- ... Even though all this might be addressed to them, you’re not – fortunately – doing it for their sake, you’re doing it for yours; as a sign of maturity, and evidence to yourself that you aren’t scared any more in relation to the errors of the past. It’s a demonstration that you have found a voice. You cannot lose. Either they will understand – and you will be closer. Or they won’t understand – and you will be free.' -- https://en.wikipedia.org/wiki/Parentification
psychology  relationships  parentification  abuse  honesty  integrity  philosophy 
7 weeks ago by adamcrowe
The Book of Life -- A Guide to Breaking Up
'..."No one is to blame. Ultimately, both of us are better people than we’d ended up being in this relationship. We both deserve better. And one day, years from now, you’ll perhaps agree with me." -- Trying to become a friend, or a shoulder to cry on, is only really an option for people who never properly loved each other.'
psychology  relationships  integrity 
11 weeks ago by adamcrowe

« earlier