« earlier | later » Page 5 of 11

How We Learned to Cheat at Online Poker: A Study in Software Security

Why you want to use a good RNG and a proper shuffle algorithm.

to ag0803 games random security shuffle ... on 07 June 2015

Not A Number - Painless IPSec setup for a home network.

A script to automate ipsec with static keys. Neat -- it takes surprisingly little code.

to crypto ipsec network security ... on 23 March 2015

Security/Projects/Bandit - OpenStack

A security scanner for Python code.

to python security static-analysis ... on 23 March 2015

Secure Secure Shell

Some recommendations for modern SSH configuration. (Note that we've had another major rev of SSH since this was written...)

to openssh security ssh ... on 22 March 2015

Mirage OS

"Mirage OS is a library operating system that constructs unikernels for secure, high-performance network applications across a variety of cloud computing and mobile platforms." In OCaml. They've done some nice work around their safe TLS implementation.

to ocaml os security tls ... on 22 March 2015

The IX Multilevel-Secure UNIX System

"A collection of papers about the IX system, a simple but comprehensive multilevel-secure operating system with mandatory access control, based on the research v10 UNIX system."

to access-control mac os security unix ... on 22 March 2015

Karl Lunt's Home Page (revised)

Various little microcontroller projects, including a neat device to set or clear the lock bit on an SD card, and some Tandy Model 100 stuff.

to avr electronics microcontroller mmc retrocomputing sd security tandy ... on 17 March 2015

Kryptos Logic Research: OpenSSL's squaring bug, and opportunistic formal verification

Detecting an OpenSSL bug (after the fact) using formal verification. Interesting because the original formal proof was wrong...

to formal-methods openssl security ssl ... on 16 March 2015

David A. Wheeler's Personal Home Page

Includes several well-written, comprehensive postmortems on noteworthy security bugs (e.g. Heartbleed) -- probably of interest to security students.

to bugs security software ssl ... on 05 March 2015

Update on jQuery.com Compromises | Official jQuery Blog

"Today at 11:15AM EDT, the jQuery Infrastructure team received widespread reports and confirmed a compromise of jquery.com." Using upstream's URLs for your Javascript libraries is only a good idea if you trust that site to never, ever be compromised or MITMd... (and even then I don't think it's a good idea.)

to javascript jquery security ... on 18 January 2015

« earlier | later » Page 5 of 11

Log in

Tags related to security

- security
 
1 academia
1 access-control
1 acme
1 ag0700
1 ag0803
2 ag0907
6 amusements
2 api
1 architecture
1 arduino
3 arm
1 authentication
1 autoconf
1 avr
1 backdoor
1 bell-labs
1 bitcoin
1 blockchain
1 bounds-checking
1 bounty
1 browser
2 buffer
2 buffer-overflow
2 bug
2 bugs
1 build-systems
2 c
2 c++
4 ca
1 camera
1 capability
1 capsicum
4 ccc
4 certificate
1 certificates
1 cesrg
1 checking
1 chromium
1 chroot
1 clang
1 cloud
1 code
3 compiler
1 conference
2 container
1 coop
1 coverage
1 coverage-directed
1 coverity
2 cpu
1 crime
10 crypto
12 cryptography
1 cs
1 cypherpunks
1 debian
1 debugging
1 dect
1 design
1 dh
2 djb
1 ebooks
1 ecc
1 economics
1 el0805
1 elective
3 electronics
3 encryption
2 ers
1 ethereum
1 ethical-hacking
1 ethics
3 exploit
1 firefox
1 folk-song
4 formal-methods
1 freedom
3 fuzzing
2 gameboy
5 games
1 gcc
1 git
1 goto
2 gpg
1 gsm
2 hardening
5 history
1 homebrew
1 homeplugav
1 http
1 https
1 intel
1 ip
1 ipsec
1 javascript
1 journalism
1 jquery
1 kerberos
3 kernel
1 keyboard
1 keylogger
1 langsec
2 language-design
1 letsencrypt
1 library
1 licensing
12 linux
1 livecd
1 lts
1 luks
1 lvm
1 mac
1 memory-safety
1 metaphors
2 mgo
1 microcode
4 microcontroller
1 mmc
1 mod-ers
1 monitoring
3 nacl
5 network
6 networking
1 noise
1 notary
1 ocaml
1 openssh
2 openssl
1 org
2 os
2 overflow
2 p2p
1 packet
1 pam
2 papers
1 parser
1 password
1 patterns
1 pgp
2 philosophy
2 phone
1 phreaking
1 pki
1 playstation
1 podcasts
2 politics
1 porting
1 prime
2 privacy
1 privilege-separation
4 programming
1 proof
1 ps2
2 python
1 radio
1 ramensky
1 random
1 research
3 retrocomputing
1 retrotech
6 reverse-engineering
1 risc
1 rop
1 safe
2 safety
4 sandbox
1 scanner
1 scm
1 scotland
1 sd
1 search
2 seccomp
108 security
1 shuffle
1 sni
1 snowden
14 software
6 software-engineering
3 ssh
12 ssl
4 static-analysis
1 stoll
1 strategy
1 support
1 syscall
1 systems
1 tandy
1 tcp
1 tea
6 teaching
1 telecom
5 testing
14 tls
2 tor
1 tunnel
4 unix
1 usability
1 usable-security
2 usb
1 validation
1 varan
3 verification
1 video
1 vlc
1 vpn
1 vulnerabilities
1 vulnerability
3 web
1 webcam
1 whistleblowing
2 wireless
1 wpa
1 writing
1 x86
1 xbox