Security And Privacy Implications Of Zoom
- Bruce Schneier tl;dr: Zoom's problems fall into three broad buckets: (1) bad privacy practices, (2) bad security practices, and (3) bad user configurations.featured in #180
featured in #179
featured in #179
Inrupt, Tim Berners-Lee's Solid, and Me
- Bruce Schneier tl;dr: Bruce joined Inrupt, a company bringing a new model of managing personal data to life, designed by Tim Berners-Lee. All your personal data lives in a pod and is managed by you. Each pod has granular access that you command.featured in #174
Why API Responses Should Be Signed
- Terence Eden tl;dr: In an era of misinformation, Terence calls for APIs to be signed, and runs through why and conceptually how to implement this.featured in #170
featured in #168
Two Malicious Python Libraries Caught Stealing SSH And GPG Keys
- Catalin Cimpanu tl;dr: Two libraries were found stealing SSH and GPG keys. The libraries were named similar to common ones to trick developers into using them.featured in #164
featured in #150
The Technical Side of the Capital One AWS Security Breach
- J Cole Morrison tl;dr: Company was hacked though a "misconfigured firewall" allowing the hacker to use the EC2 IAM roles and act as the server, giving them access to all the S3 Buckets where the hacked info was stored.featured in #149
Proving Security At Scale With Automated Reasoning
- Werner Vogels tl;dr: Fascinating run-through of how AWS thinks about security at scale, starting with the Shared Responsibility Model where AWS is responsible for security of the cloud and customers are responsible for security in the cloud.featured in #146