35 private links
An example setup of #Vaultwarden using #Authentik as a Forward auth proxy provider.
Ths protects Vaultwarden web vault as well as the admin page while being able to use the #Bitwarden app/extension normally by allowing the API to bypass Authentik.
Les recherches de HabiloMédias ont démontré que les
enfants encadrés par des règles à la maison
relativement à l’utilisation d’Internet sont moins
susceptibles de commettre des gestes comme
communiquer leurs coordonnées, visiter des sites de
jeu, chercher de la pornographie en ligne et parler à
des étrangers en ligne. C’est une bonne idée de
s’entendre en #famille sur un certain nombre de règles à
respecter dans le cyberespace. C’est le meilleur moyen
pour enfants et adolescents de découvrir ensemble
comment s’assurer d’une utilisation prudente, sage et
responsable d’Internet.
This is a program for the Tandy / Radio-Shack TRS-80 Color Computer to perform RSA key generation, encryption, and decryption. The code is all written in 6809 assembly. It will operate with up to 2048 bit keys.
It should work on any CoCo with at least 32kb of memory. 16k CoCos should work for smaller keysizes.
Over the past few weeks, #Zoom's use has exploded since it became the video conferencing platform of choice in today's COVID-19 world. (My own university, Harvard, uses it for all of its classes. Boris Johnson had a cabinet meeting over Zoom.) Over that same period, the company has been exposed for having both lousy privacy and lousy security. My goal here is to summarize all of the problems and talk about solutions and workarounds.
In general, Zoom's problems fall into three broad buckets: (1) bad #privacy practices, (2) bad #security practices, and (3) bad user configurations.
Looking for resources to make your own Computer Vision-triggering fashion and fabric designs? Check out the resource library below, and view the tutorial slides from my DEFCON 27 Crypto & Privacy Village Talk to get started. Libraries & APIs: OpenCV OpenFace VeriLook SDK OpenALPR PlateRecognizer TensorFlow Imag
Une autre ! #Security vulnerabilities fixed in #Firefox 67.0.4 and Firefox #ESR 60.7.2 - https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/
I ran a computer consulting company for a decade. When a prototype ransomware virus ripped through one of our biggest customers, I knew I…
Self-host a personal IKEv2 IPSEC VPN and SSH tunneling server
The Secure Shell is widely used to provide secure access to remote systems, and everybody who uses it is familiar with routine password access. This is the easiest to set up, is available by default, but suffers from a number of limitations. These include both security and usability issues, and we hope to cover them here.
In this paper, we'll present the various forms of authentication available to the Secure Shell user and contrast the security and usability tradeoffs of each. Then we'll add the extra functionality of agent key forwarding, we hope to make the case that using ssh public key access is a substantial win.
This article describes a method how to use a #USB memory device as an #authentication token to log in into a #Linux system instead of traditional #password. This can be accomplished by use of Pluggable Authentication Modules ( PAM ) and some sort of USB storage device such as USB memory stick of Mobile phone with SD card attached.
This comic says that a password such as "Tr0ub4dor&3" is bad because it is easy for password cracking software and hard for humans to remember, leading to insecure practices like writing the password down on a post-it attached to the monitor. On the other hand, a password such as "correcthorsebatterystaple" is hard for computers to guess due to having more entropy but quite easy for humans to remember.
IPFire is the professional and hardened Linux firewall distribution that is secure, easy to operate and coming with great functionality so that it is ready for enterprises, authorities, and anybody else.
Cryptographic hash functions like SHA-1 are a cryptographer’s swiss army knife. You’ll find that hashes play a role in browser security, managing code repositories, or even just detecting duplicate files in storage. Hash functions compress large amounts of data into a small message digest. As a cryptographic requirement for wide-spread use, finding two messages that lead to the same digest should be computationally infeasible. Over time however, this requirement can fail due to attacks on the mathematical underpinnings of hash functions or to increases in computational power. Today, more than 20 years after of SHA-1 was first introduced, we are announcing the first practical technique for generating a collision. This represents the culmination of two years of research that sprung from a collaboration between the CWI Institute in Amsterdam and Google. We’ve summarized how we went about generating a collision below. As a proof of the attack, we are releasing two PDFs that have identical SHA-1 hashes but different content.
PCs built with Intel® vPro™ Technology include many features and capabilities, some of which must be “turned on” in the BIOS. A good starting point is to take an inventory to determine if your PCs support Intel vPro Technology. After you have the inventory in hand, you will be able to plan how you are going to use each technology and come up with an action plan for activating the technology.
Before iridiumbrowser, we had to decide if we wanted to have cutting edge technologies like sandboxed processes, WebRTC, WebUSB … , or if we wanted to use a browser that respects our privacy. So we decided to use the power of free software and build a browser that can do both. We analysed the code of Chromium and stripped out the functionality which exposes data to others in a way we don‘t like.
Our ambition is to get builds for Debian, Ubuntu, openSUSE, fedora, Windows and OS-X a couple of days after a new release of Chromium.
To achieve this, we need help from individuals and organisations, who have the same intention. Currently there are weeks between a new release of Iridium and Chromium.
Please take this into consideration for your personal usage of the browser as you might be at risk when surfing unknown and potentially dangerous websites!
We feel, that as an application browser or as browser for trusted websites, this is acceptable.