Articles and News

A Case Against Security Nihilism

»While cynics are probably correct (for now) that we probably can’t shut down every avenue for compromise, there’s good reason to believe we can close down a vector for 0-interaction compromise. And we should try to do that.«

https://blog.cryptographyengineering.com/2021/07/20/a-case-against-security-nihilism/

#security #nso-group #pegasus-spyware

2021 CWE Top 25 Most Dangerous Software Weaknesses

MITRE 2021 Common Weakness Enumeration (CWE) Top 25 list.

https://cwe.mitre.org/top25/archive/2021/2021_cwe_top25.html

#security

Germany’s National Healthcare System Adopts Matrix

The national agency for the digitalization of the healthcare system in Germany will use Matrix as an instant messaging standard.

https://matrix.org/blog/2021/07/21/germanys-national-healthcare-system-adopts-matrix

#matrix-chat #digital-sovereignity

Migrating Facebook to MySQL 8.0

This blog post gives insights into how Facebook migrated from MySQL 5.6 to 8.0.

https://engineering.fb.com/2021/07/22/data-infrastructure/mysql/

#mysel #facebook

Video: Roundtable: Demystifying European Digital Sovereignty

»…roundtable for a dynamic and open discussion around the meaning and implications of the notion of European sovereignty in today’s digital world.«

https://www.youtube.com/watch?v=uX8_IuVw5lQ

#europe #digital-sovereignity

AWS’s Egregious Egress

Article on AWS’s questionable egress pricing.

https://blog.cloudflare.com/aws-egregious-egress/

#aws #amazon

Sequoia: A Deep Root in Linux’s Filesystem Layer (CVE-2021-33909)

This article summarizes a size_t-to-int conversion vulnerability in Linux’s files system layer exploited by creating, mounting, and deleting a deep directory structure.

https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt

#linux-security #file-system

Video: A Tour of the Fuchsia Operating System

Demonstation of some of the concepts in Fuchsia.

https://www.youtube.com/watch?v=gIT1ISCioDY

#google-fuchsia #operating-system #google

Projects and Releases

LiveKit

Open-source, distributed video/audio rooms over WebRTC.

https://github.com/livekit/livekit-server

#webrtc #video-conferencing

Eternal Terminal

Eternal Terminal (ET) is a remote shell that automatically reconnects. Inspired by autossh and mosh.

https://eternalterminal.dev/

#ssh

rdiff-backup

https://rdiff-backup.net/

#backup-software

Rhit

Rhit is an Nginx log analyzer.

https://dystroy.org/rhit/

#log-analyzer #nginx

lnav is a command-line log file viewer.

https://lnav.org/

#log-analyzer command-line

visidata

visidata is a terminal interface for exploring and arranging tabular data.

https://www.visidata.org/

#data-visualization #data-processing #command-line

firewalld 1.0

https://firewalld.org/2021/07/firewalld-1-0-0-release

#type:release #firewalld

fd

»fd is a program to find entries in your filesystem. It is a simple, fast and user-friendly alternative to find. While it does not aim to support all of find’s powerful functionality, it provides sensible (opinionated) defaults for a majority of use cases.«

https://github.com/sharkdp/fd

#command-line

entr (Event Notify Test Runner)

https://github.com/clibs/entr

#command-line #event-notifier

ISO/IEC: Publicly Available Standards

https://standards.iso.org/ittf/PubliclyAvailableStandards/

#iso #iec #standards

:wq