jhealy + security   97

memory - environment variable accessibility in Linux - Information Security Stack Exchange
"Conclusion: the environment of a process is only available to the user (euid) running the process"
security  linux 
10 weeks ago by jhealy
Hardening your cluster's security  |  Kubernetes Engine  |  Google Cloud
good advice on security settings for GKE clusters, including using a custom service account for the nodes and giving it reduced permissions
security  kubernetes  gke  gcp 
11 weeks ago by jhealy
Using Microscanner in a CI/CD Pipeline
scanning docker images for known vulnerabilities
security  docker 
may 2018 by jhealy
Forseti Security
Open source security tools for GCP
gcp  security 
february 2018 by jhealy
Ubuntu LTS: many vulnerabilities despite long-term support | Wilders Security Forums
Handy tools to verify the security support status of Debian and Ubuntu packages
debian  ubuntu  security  linux 
april 2016 by jhealy
Rate Limiting and Velocity Checking
advice on rate limiting users or IPs in a web app
security  programming 
april 2015 by jhealy
Introducing CFSSL - CloudFlare's PKI toolkit | CloudFlare Blog
handy tool that automates build SSL certificate bundles
ssl  security 
july 2014 by jhealy
ImperialViolet - TLS Symmetric Crypto
Interesting update on recent SSL/TLS work in chrome. Also mentions annoying F5 bug with handshake packets over 256 bytes
tls  security  google 
february 2014 by jhealy
Reset Roaming Profile and Folder Redirection Permissions
handy set of commands for fixing borked file permissions on a windows domain
windows  networking  security 
august 2011 by jhealy
It's Time to Fix HTTPS
interesting slide deck on the brokenness of HTTPS and PKI
ssl  web  security  presentation 
march 2011 by jhealy
SSL with Rails // Collective Idea
So you saw Firesheep and are worried about security in your app? That’s good, you should be. SSL is easy to do and there’s no reason not to these days. Also, the tools are much better than before, so let’s get started.
ruby  rails  programming  ssl  security 
november 2010 by jhealy
A Waste of Money and Time - Room for Debate - NYTimes.com
A good opinion piece by Bruce Schneier on airport security
security  travel  terrorism  opinion  tsa  airport 
november 2010 by jhealy
Firesheep - codebutler
Today at Toorcon 12 I announced the release of Firesheep, a Firefox extension designed to demonstrate just how serious this problem is.
security  firefox  plugins 
october 2010 by jhealy
Ivan Ristić: Internet SSL Survey 2010 is here!
interesting slides on the state of SSL in 2010, based on an empirical survey of SSL server
ssl  security  networking 
july 2010 by jhealy
Qualys SSL Labs
test your SSl server for standards support
ssl  security  tools  test  network  networking  http 
july 2010 by jhealy
Cheap Cracks - Of dictionaries and rainbows - The H Security: News and Features
Modern cryptological attacks can crack mobile phone calls, as well as debit and credit card systems, in seconds. The trick is to find a practical compromise between computing time and memory space with the help of precomputed tables. Probably no algorithm is immune to such an approach, but special techniques can thwart such attacks.
cryptography  security  encryption 
january 2010 by jhealy
SEO 2.0 | Top 7 Ways To Crash Internet Explorer
code techniques that apparently *crash* ie6
ie  css  security  html  web 
july 2009 by jhealy
« earlier      
per page:    204080120160

related tags

2fa  adobe  airport  amazon  android  authentication  aws  awx  bash  bcrypt  blog  bugs  cablegate  captcha  cargo  ci  cloud  containers  cookies  CORS  cpu  creditcard  crypto  cryptography  csp  csrf  css  debian  demand_response  deployment  dns  docker  dockre  ecommerce  email  encryption  facebook  fail2ban  finance  firefox  fonts  ftp  gcp  gke  gmail  gnupg  google  gpg  hackerone  helm  homebrew  hosting  html  html5  http  https  ie  intel  internet  iot  javascript  kubernetes  lighttpd  linux  machine-learning  md5  network  networking  opensource  openssl  opinion  passwords  pci  pdf  pgp  pki  plugin  plugins  politics  poodle  power-systems  presentation  privacy  programming  rails  reference  rsync  ruby  rust  samsung  security  sessions  sha1  shellshock  software  ssh  ssl  standards  terrorism  test  tls  tools  travel  tsa  u2f  ubuntu  unix  vault  video  web  wikileaks  windows  xss  youtube  yubikey 

Copy this bookmark: