·
I wrote earlier about why defense AI companies drift toward offensive applications. Today for a hackathon I built the engineering solution I wish had existed when I was inside that world. Firebreak is a policy-as-code enforcement proxy that makes pre-negotiated AI boundaries hold — automatically, at machine speed, with full audit trails.
·
I reflect on my experiences in cybersecurity, emphasizing the challenges and risks involved in reporting security issues. I’ve had positive experiences, such as receiving a bug bounty from Dropbox, and negative ones, like a legal threat from a university. Despite occasional hostilities, I strongly believe in responsibly reporting security problems and advocate for compensating security…
·
How do you address password security? What controls do you put in place? Do they matter? What does a strong password look like? Learn how to protect your users in 2024 and beyond!
·
Every application that allows authentication requires a proven form of access control. It’s important to understand the different formats available.
·
What’s the absolute worst thing that could happen with your application? How could an adversary leverage that mistake to their advantage?
·
The final Cryptopals challenge in set 1 involves detecting AES when used in ECB mode. It will become a handy utility later on …
·
Next up with Cryptopals is a challenge to decrypt AES in ECB mode. This is relatively easy in PHP!
·
A return to Cryptopals means we get to break the repeating-key cipher we were working with before. Breaking crypto is fun!
·
Blocking incoming traffic is only half of a firewall’s features. Today let’s look at limiting outgoing traffic!
·
If you run a server in the cloud, you need to use a firewall to protect it. Let’s look at the most basic settings of Ubuntu’s ufw system.