a few months ago I looked at how to bootstrap my personal account, I wrote down the journey in my blog: foo.anima.tech/2020/10/12/boot

0xf00 boosted

to include and prioritize #security work in our agile workstreams we value #threatmodelling techniques.
@jgumbley from #thoughtworks & Fraser Scott from capital one will be sharing techniques and stories at the #xconfunplugged18 threat modelling event on thursday 22/11 @ #thoughtworks #London office.
sign up here! thght.works/2PRdfC5 #infosec

I would not normally be that hashtaggy from a personal account but hey, it's a good talk and totally worth a share!

Show thread
0xf00 boosted

errm, does this mean that using maven is a risk? github.com/snyk/zip-slip-vulne
I'm tempted to say that as long as you only use dependency from trusted publishers and from a trusted repository it's alright but I'm pretty sure I'm minimizing the issue here.

after being away from java and spring for a while this was quite a good overview of what's new in the core framework: youtu.be/0V-3kUMfWCc

0xf00 boosted

Conversation here reminded me of this awesome piece by James Mickens:


It's not often I get to describe #infosec writing as simultaneously informative and fucking hilarious but Mickens fills the bill.

0xf00 boosted

One of the Patreon sketches from the other night that I thought turned out cute!

finally bottled my latest . it's a truffle stout, so I called it "Proof of Wort"

0xf00 boosted
0xf00 boosted

There are two natural paths to progress as a programmer:

1. Pick up farming, because all software is terrible.
2. Get into infosec, because f*** all software.

0xf00 boosted

About 7 hours ago, Amazon's Route53 #DNS service suffered a #BGP hijack lasting about 2 hours:


Only confirmed victim so far is a cryptocurrency site, lol.

0xf00 boosted

Because I live in fear that there exist people who don't know about this: godbolt.org/

Want to know what a compiler actually does with your code? Find out, with nice highlighting of sections! Supports C, C++, Haskell, Go, Swift, Rust, and various other languages.

See. Explore. Understand.

0xf00 boosted

a truffle ! I don't really know what I'm doing but I'm sure the result will be interesting!

til ham+cheese+mustard sandwiches from eat are tastier than the ones from pret

0xf00 boosted

Sen. Catherine Cortez Masto

we are 𝙞𝙣𝙨𝙞𝙙𝙚

Show older

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!