« earlier | later » Page 3 of 11
What's worked in computer science
Looking back at Lampson's conclusions.
to cs history research risc security strategy ... on 28 February 2016
Open Rights Group - Responding to "Nothing to hide, Nothing to fear"
A fairly short article with a number of excellent examples.
titus - Totally Isolated TLS Unwrapping Server
This has some nice examples of good practice in privilege separation. (Pity it's written in C++!)
to networking privilege-separation security software tls ... on 28 February 2016
tsgates/mbox: A lightweight sandbox tool for non-root users
seccomp-based syscall redirection (it's a bit more than just sandboxing; you could do debug/trace stuff with this technique too).
to linux sandbox seccomp security software syscall ... on 28 February 2016
main is usually a function: Writing kernel exploits
A nice introduction, along with some of the mitigations (circa 2012).
This is right on the edge between amusing security-related writing and outright trolling. Some good stuff here, though.
to amusements security ... on 22 January 2016
clang's equivalents of the GCC hardening options. Mostly the same.
to c c++ clang compiler gcc hardening security ... on 16 January 2016
A minimal ACME client (for LetsEncrypt). This actually works very well; much less finicky than the official client.
to acme letsencrypt security software tls ... on 31 December 2015
The Six Dumbest Ideas in Computer Security
Probably best viewed as starting points for discussion...
to design philosophy security software-engineering ... on 31 December 2015
Articles on Historical Cryptography
Going back to the 16th century. Lots of interesting stuff here.
to code cryptography history security ... on 20 November 2015
« earlier | later » Page 3 of 11
tasty by Adam Sampson.