opsec / infosec tips around mobiles. Vgl re:publica [[Berlin 2014]]
15 Matching Annotations
- Jan 2025
-
www.privacyguides.org www.privacyguides.org
- Nov 2024
-
european-alternatives.eu european-alternatives.eu
-
overview of European alternatives for digital products. Not in all relevant categories (payments e.g.) but some novel providers in there.
Explore wrt [[Infosec ladder van techniek en gedrag 20190530190335]] in context TGL.
Tags
Annotators
URL
-
- Apr 2024
-
www.ncsc.nl www.ncsc.nl
-
NSCC over supply chain risico's mbt digitale diensten/producten. Kijk de check eens door op dingen voor [[Infosec ladder van techniek en gedrag 20190530190335]] TGL.
-
- Jan 2024
-
boards.greenhouse.io boards.greenhouse.io
-
99% of businesses that fall below the enterprise poverty line.
This SME focused cybersecurity company called Huntress in their position offer mention an 'enterprise poverty line' for cybersecurity. In the Mastodon message announcing it they call it 'the cybersecurity poverty line'. Meaning a Coasean floor [[Vloer en plafond van organiseren 20080307115436]] I assume?
-
- Mar 2023
-
www.zataz.com www.zataz.comZATAZ1
Tags
Annotators
URL
-
- Jun 2021
-
defcon.org defcon.org
-
Collection of real-word vulnerabilities, from this presentation.
-
- May 2021
-
blog.chromium.org blog.chromium.org
-
How chromium's
file:scheme security decisions came to be?
-
- Mar 2021
-
en.wikipedia.org en.wikipedia.org
-
OTR base.
-
-
blog.cryptographyengineering.com blog.cryptographyengineering.com
-
[A request to] Make DKIM-signed emails deniable by regularly publishing the secret keys.
-
-
blog.cryptographyengineering.com blog.cryptographyengineering.com
-
On the other hand, you might notice that this is a pretty goddamn low standard. In other words, in 2016 Android is still struggling to deploy encryption that achieves (lock screen) security that Apple figured out six years ago. And they’re not even getting it right. That doesn’t bode well for the long term security of Android users.
Compare Android (full-disk) vs Apple (file-based) encryption strategies.
-
- Apr 2020
-
www.moesif.com www.moesif.com
-
Without same-origin policy, that hacker website could make authenticated malicious AJAX calls to https://examplebank.com/api to POST /withdraw even though the hacker website doesn’t have direct access to the bank’s cookies.
Cross-domain vulnerability
-
- Oct 2016
-
theintercept.com theintercept.com
-
Google revealed Wednesday it had been released from an FBI gag order that came with a secret demand for its customers’ personal information.
-
Cryptography experts overwhelmingly agree that backdoors inevitably undermine the security of strong encryption, making the two essentially incompatible.
-
- Aug 2016
-
tacticaltech.org tacticaltech.org
-
for people to live in a a society that is free and fair, they need both access to information and the ability to communicate freely
-
- Nov 2014
-
www.eff.org www.eff.org
-
This criterion requires an independent security review has been performed within the 12 months prior to evaluation. This review must cover both the design and the implementation of the app and must be performed by a named auditing party that is independent of the tool's main development team. Audits by an independent security team within a large organization are sufficient. Recognizing that unpublished audits can be valuable, we do not require that the results of the audit have been made public, only that a named party is willing to verify that the audit took place.
Tags
Annotators
URL
-