Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Jun 12, 2023

=> scikit-survival 0.21.0 released | Raspberry Pi Project and Inkplate for Arduino or MicroPython

Free Software Security Podcast Episode 379 – Will open source save the world, again?

=> ↺ Free Software Security Podcast Episode 379 – Will open source save the world, again?

Josh and Kurt talk about some new open source projects that aim to start taking back some of our privacy and rights. It’s a huge hill to climb, but it seems like there is some hope. Open source doesn’t care about growth, or numbers, or anything really, so it can’t ever lose.

DShield Honeypot Activity for May 2023 , (Sun, Jun 11th)

=> ↺ DShield Honeypot Activity for May 2023 , (Sun, Jun 11th)

It is always interesting to review what my DShield honeypot has stored the previous month, what is also interesting is how the activity vary from week to week. Beside the graph, it is the Top 10 IPs for May.

Matthew Palmer: Private Key Redaction: Redux

=> ↺ Matthew Palmer: Private Key Redaction: Redux

I have spoken before about why it is tricky to redact private keys. Today’s post is another real-world case study, with some rather unfortunate real-world consequences.

=> ↺ have spoken before

Meet Sven Shen. He attempted to do a very good thing: he wrote a blog post about using HashiCorp Vault to store certificates and their private keys. In his post, he included some “test” data, a certificate and a private key, which he redacted.

=> ↺ Sven Shen | ↺ using HashiCorp Vault to store certificates and their private keys

=> ↺ have spoken before | ↺ Sven Shen | ↺ using HashiCorp Vault to store certificates and their private keys

=> gemini.tuxmachines.org