Caligin Tsukihara @caligin@octodon.social
Errorist. Weeaboo. Security Sleepwalker & BevOps @ ThoughtWorks UK (Views are mine etc...). 0x7AD2E918B3D5FFB7
Andy Ellis Has Your Back https://decipher.sc/andy-ellis-has-your-back #decipher #deciphersec
on worrying, risk ownership, collaboration models and offering security as a product
there's a #cryptoparty happening in #london tonight, anyone going? https://www.cryptoparty.in/london
Cambridge Analytica whistleblower: 'We spent $1m harvesting millions of Facebook profiles'
https://youtu.be/FXdYSQ6nu-M
#CambridgeAnalytica
Utopian.io is breaking the open source contribution model and needs to be fixed — Steemit https://steemit.com/utopian-io/@xuv/utopian-io-is-breaking-the-open-source-contribution-model-and-needs-to-be-fixed
#opensource #steemit #translation
@hacks4pancakes@twitter.com
https://threadreaderapp.com/thread/971284084373819393.html
"Recognize the early stages of #infosec:
“I just read the ‘top 100 passwords’ and they’re super weak!!”
“I turned on external logging and there’s all these brute force attempts!”
“People still use Java!!!”
“SHODAN!”
*Results may vary.
Ask your doctor if infosec is right for you. [...]"
the more I read about this Trustico incident, the more absurd it gets
what the actual fuck
2016: Everyone and their mom has a private cloud they don't need
2017: Everyone and their grandma has a container orchestration they don't need
2018: Everyone and their uncle has a cryptocurrency .. they probably will sink millions of compute hours into which ultimately go up in flames and fail when the first loophole in the system is discovered
Tech is truly solving all of our problems 😑
P. cool:
- https://make8bitart.com/
- https://github.com/jennschiffer/make8bitart
"an in-browser canvas tool which is great fun!"
somewhere a AMD engineer is smiling very smugly
skimmed through this today, seems valuable for a builders team looking for some #security #testing to add to their process but with no or little prior expertise in where to look. #OWASP Testing Guide v4: https://www.owasp.org/index.php/OWASP_Testing_Project#New_OWASP_Testing_Guide
@moritzheiber @CobaltVelvet ohhhh nice!
@moritzheiber @CobaltVelvet if it can help I have a repo where I was playing around with vault's pki and bootstrapping vault with an external ca too, it's here: https://github.com/caligin/nomad-playground/
Makefile around +54 generates the "external" ca, then playbook.yml aroud +65 sets up a root ca inside vault
#InfoSec Ad targeters are pulling data from your browser’s password manager
| Article https://buff.ly/2lo0n9f (The Verge)
| Source https://buff.ly/2CjVFAo (Freedom to Tinker)
media.ccc.de and chill #34c3
oh hey I didn't know about this http://xip.io/
wildcard dns names for ip addresses
preparations for #34c3 done, few hours before departure!
here's the followup post of my earlier tinkering with #Jepsen to #test #distributed systems: https://caligin.github.io/2017/08/29/experimenting-with-jepsen-2.html
this time about modeling, locking and being wrong!
aaaand my cookbook is done!
few things are still in TODO but they have at least a link of specified what's missing https://github.com/caligin/actual-cookbook
