Tag: SECURITY

Readings for Lunch — [ 22 Nov 2017 ]

IMAGE OF THE DAY
Spot the leopard (yes, there is a leopard in the image) – via Johnny Sharp – (source)

SECURITY

The State of Open Source Security 2017

Any attempt to try and provide a global view of the ecosystem's security health requires data. To help better understand how secure open source is and what we can all do to make it better, Snyk distributed and analyzed a survey that was filled out by more than 500 open source maintainers and users. Snyk also looked at their internal data based on more than 40,000 projects, as well as information published by Red Hat Linux and data we gathered by scanning millions of GitHub repositories and packages on registries. This report summarizes those findings.

SECURITY

OWASP Top 10 – 2017

The Open Web Application Security Project (OWASP) has published their list of the ten most critical Web Application security risks.
The OWASP Top 10 – 2017 is based primarily on 40+ data submissions from firms that specialize in application security and an industry survey that was completed by over 500 individuals. This data spans vulnerabilities gathered from hundreds of organizations and over 100,000 real-world applications and APIs. The Top 10 items are selected and prioritized according to this prevalence data, in combination with consensus estimates of exploitability, detectability, and impact.

Readings for Lunch — [ 12 Sep 2017 ]

IMAGE OF THE DAY

SECURITY

Chrome’s plan to distrust Symantec certificates

At the end of July, the Chrome team and the PKI community converged upon a plan to reduce, and ultimately remove, trust in Symantec’s infrastructure in order to uphold users’ security and privacy when browsing the web.

DEVELOPMENT

Story of retry

Day 1. The beginning.

👨 John
We need to make an HTTP service for getting user name by its id.
🤓 Carl
Oh, but we already have one, it is http://internal.com.

Readings for Lunch — [ 30 May 2017 ]

IMAGE OF THE DAY
Thanks Michele 🙂

DEVELOPMENT

On how your brain is conspiring against you making good software

We always think to programming in rational terms. But this collides with how our brain thinks and works. Jenna Zeiden in her talk at Front-Trends shows how our beliefs are not so correct.

SECURITY

Indian Biometric System Data leaked. Over 130M people could be affected

Biometric authenticators – like iris scans and fingerprints – leaked on such a large scale. And they are unchangeable, so potentially exploitable for a lifetime.

Readings for Lunch — [ 19 Apr 2017 ]

IMAGE OF THE DAY
Dieter Rams 10 Principles of Design *Updated Edition 2017 (source)

SECURITY

Intent to Deprecate and Remove: Trust in existing Symantec-issued Certificates

Symantec Corporation mis-issued at least 30,000 certificates over a period spanning several years. The Google Chrome team is taking hard measures.

OPEN SOURCE

Developing in the Open

Ben Scott, Technical Lead for the BBC Programmes website, explains why they have decided to switch to a more open mindset for their new projects, and what are the benefits of this approach (already proved by GDS, The Guardian, and The Financial Times).

Readings for Lunch — [ 26 Jan 2017 ]

IMAGE OF THE DAY
”Moscow subway. Couple at Paveletskaya station” by Dima Zverev (source)

SECURITY

Shut Up and Take My Money!

A funny (a scary) talk about the (non) security of a banking application. The ex shows how he could easily leak customer data, manipulate transactions, and entirely take over his account to ultimately issue arbitrary transactions.

WORKSHOP

Web Performance – A Deep-Dive for Developers

If you want to attend a course on web-performance, this is THE course. It's held by Andy Davies, THE expert in web perf.

Readings for Lunch — [ 04 Oct 2016 ]

IMAGE OF THE DAY
Wang Xingwei, Untitled (Old Lady No. 2) – 王兴伟,无题 (老太太 No. 2 )– (source)

SECURITY

Revisiting the Black Sunday hack

Via Marco Cedaro
A game of cat and mouse, an electronic warfare between hackers and a satellite television broadcaster. Who will win?

TOOLS

Spectacle

What about preparing your next slide deck in… React? Well, that's what this library allows you to do. Extra bonus: you can also live demo your code, and go through it interactively!

Readings for Lunch — [ 26 Sep 2016 ]

IMAGE OF THE DAY
The driver of history (source)

SCIENCE

Scientists Discover a Jewel at the Heart of Quantum Physics

Physicists have discovered a jewel-shaped geometric object that challenges the notion that space, time and particles are fundamental constituents of nature. It's simply mind-blowing!

SECURITY

CloudFlare, SSL and unhealthy security absolutism

Via Alessandro Nadalin
You see the green lock in the navigation bar of your browser, so you think your communication is encrypted, no one can intercept it and you're safe. Think twice.

Readings for Lunch — [ 19 Apr 2016 ]

IMAGE OF THE DAY
Once Upon A Time In Kazimierz: Stories from the Old World – by Richard Tuschman (source)

INSPIRATION

Design Patterns on Codepen

A collection of design patterns (buttons, tabs, forms, menus, accordions, loaders, etc.) that you can use – for reference or inspiration – for your next project.

SECURITY

Mossack Fonseca Breach

Can a common WordPress plugin be at the base of the Mossack Fonseca breach, the largest financial data leak to journalists in history?