jhealy + security   109

A solution for resisting SSL interception without breaking compatibility or requiring cooperation with third parties is needed. The SSL/TLS protocol allows not only servers to authenticate themselves using certificates, but clients as well. Client certificates are widely popular in some government agencies and countries, such as Estonia [27], but are not used by websites catering to the general (US) public. Interestingly, client certificates allow us to sidestep the interception problem.
tls  security 
4 days ago by jhealy
Zscaler Intermediate Certificate - Stack Overflow
Zscaler apparently allows SSL inspection to be controlled per-domain
tls  security 
5 days ago by jhealy
memory - environment variable accessibility in Linux - Information Security Stack Exchange
"Conclusion: the environment of a process is only available to the user (euid) running the process"
security  linux 
july 2018 by jhealy
Hardening your cluster's security  |  Kubernetes Engine  |  Google Cloud
good advice on security settings for GKE clusters, including using a custom service account for the nodes and giving it reduced permissions
security  kubernetes  gke  gcp 
june 2018 by jhealy
Using Microscanner in a CI/CD Pipeline
scanning docker images for known vulnerabilities
security  docker 
may 2018 by jhealy
Forseti Security
Open source security tools for GCP
gcp  security 
february 2018 by jhealy
Ubuntu LTS: many vulnerabilities despite long-term support | Wilders Security Forums
Handy tools to verify the security support status of Debian and Ubuntu packages
debian  ubuntu  security  linux 
april 2016 by jhealy
Rate Limiting and Velocity Checking
advice on rate limiting users or IPs in a web app
security  programming 
april 2015 by jhealy
Introducing CFSSL - CloudFlare's PKI toolkit | CloudFlare Blog
handy tool that automates build SSL certificate bundles
ssl  security 
july 2014 by jhealy
ImperialViolet - TLS Symmetric Crypto
Interesting update on recent SSL/TLS work in chrome. Also mentions annoying F5 bug with handshake packets over 256 bytes
tls  security  google 
february 2014 by jhealy
Reset Roaming Profile and Folder Redirection Permissions
handy set of commands for fixing borked file permissions on a windows domain
windows  networking  security 
august 2011 by jhealy
It's Time to Fix HTTPS
interesting slide deck on the brokenness of HTTPS and PKI
ssl  web  security  presentation 
march 2011 by jhealy
« earlier      
per page:    204080120160

related tags

2fa  adobe  airport  amazon  android  authentication  aws  awx  bash  bcrypt  blog  bugs  cablegate  captcha  cargo  ci  client-certificates  cloud  cloudflare  containers  contour  cookies  CORS  cpu  creditcard  crypto  cryptography  csp  csrf  css  cve  debian  demand_response  deployment  dns  docker  dockre  ecommerce  email  encryption  envoy  facebook  fail2ban  finance  firefox  fonts  ftp  gcp  gke  gmail  gnupg  google  gpg  hackerone  helm  homebrew  hosting  html  html5  http  https  ie  intel  internet  iot  javascript  kubernetes  lighttpd  linux  machine-learning  md5  network  networking  opensource  openssl  opinion  passwords  pci  pdf  pgp  pki  plugin  plugins  politics  poodle  power-systems  presentation  privacy  programming  rails  reference  rsync  ruby  rust  samsung  security  sessions  sha1  shellshock  software  ssh  ssl  standards  terrorism  test  tls  tools  travel  tsa  twitter  u2f  ubuntu  unix  vault  video  web  wikileaks  windows  xss  youtube  yubikey 

Copy this bookmark: