X_Cli @x_cli@infosec.exchange
- Real Name
- Florian Maury
- XMPP
- florian@im.x-cli.eu
- Occupation
- Network Guardian Angel
I am a RNG (Random Network-#infosec Guy): do not expect better toots than those produced by an infinite number of monkeys. #Antispeciesist
Joined Nov 2017
https://bsd.network/@brynet/101943552500281701
I wonder if the BSD clowns understand that the web will move forward without them. WASM generated from safe languages is the new thing and Javascript hours are counted.
X_Cli
boosted
La France est arrivée à la première place de l’édition 2019 du plus grand exercice international de cyberdéfense en situation réelle, Locked Shields, organisé par le NATO Cooperative Cyber Defence Centre of Excellence de Tallinn. La République tchèque et la Suède complètent le podium.
https://www.ssi.gouv.fr/publication/la-france-remporte-lexercice-international-de-cyberdefense-locked-shields-2019/
DHT, Kademlia, caching impact Show more
X_Cli
boosted
My post on implementing search and comments in a blog built by a static site generator is up. #Hugo
https://palant.de/2019/04/04/switching-my-blog-to-a-static-site-generator/
X_Cli
boosted
You can add your WordPress site to the Fediverse by installing an ActivityPub plugin.
This lets anyone on Mastodon etc follow your site, comment on posts and share them on the Fediverse.
There are two WordPress ActivityPub plugins available right now:
Pterotype
https://getpterotype.com/
@jdormit
AP for WordPress
https://wordpress.org/plugins/activitypub/
@pfefferle
An example of a WordPress site using Pterotype is WeDistribute:
@blog
https://www.humblebundle.com/books/coders-bookshelf-books
You want the full bundle. Mickael Kerrisk's The Linux Programming Interface book and the Rust programming language book should really be on your bookshelves.
https://bsd.network/@phessler/101823068145081013
Building sites with a static site generator and a text theme. Using lynx. That's more and more my mind set. Or leaving the field altogether to go live in the mountains.
X_Cli
boosted
Firefox admits they will eventually be sending all of your DNS to Cloudflare. Cloudflare will monetize your internet browsing, no matter how much their PR people say they are.
If you want to disable that, go to "about:config", and set "network.trr.mode" to 5.
The values are: 0 - default off, 1 - race, 2 TRR first, 3 TRR only, 4 shadow, 5 off by choice
https://www.broken-by-design.fr/posts/python-string-emptiness/
"Python String Emptiness Test"
=> What's the most self-explanatory and safest way of checking if a Python string is empty?
Not a simple question, unfortunately, and no universal answer.
Of course, if you don't care about poll anonymity, you can vote by answering to this toot :) I'll do the math x)
I have a question about #Python, code readability, and #SecureProgramming. I'm planning to do a blog post about this, but I would like to have some numbers about the community (and comments if you have some).
If you have a Twitter account, I would appreciate if you could vote there. https://twitter.com/X_Cli_Public/status/1108842982680219649
I wish Mastodon had the poll feature so I could create it here instead.
X_Cli
boosted
X_Cli
boosted
Conclusion: it seems that the security benefits of a hardware token are limited with an offline password manager, stealing the encryption key will still permanently compromise your database. On the other hand, disadvantages are severe and might easily result in data loss.
X_Cli
boosted
Just a reminder, you can support infosec.exchange through liberapay: https://liberapay.com/Infosec.exchange/
Thanks!
X_Cli
boosted
WordPress 5.1–critical exploit chain that enables an unauthenticated attacker to gain remote code execution on any WordPress installation:
https://blog.ripstech.com/2019/wordpress-csrf-to-rce/
– exploit is possible due to a CSRF vulnerability in comment forms
– fixed in WordPress 5.1.1
#wordpress #rce #csrf #wordpress5 #infosec #cybersecurity #security
JIT-less V8 https://v8.dev/blog/jitless
I feel like a yo-yo, but I can't remember why. Probably because I am old.
But that's good. Sort of.
X_Cli
boosted
RT @qntm@birdsite:
A group of hedgehogs is called an array, which means that everything in an array is a hedgehog, I don't make the rules
"Towards unprivileged container builds"
https://kinvolk.io/blog/2018/04/towards-unprivileged-container-builds/
I learned a lot of stuff from this document, including locked mounts.
X_Cli
boosted
Parsing JSON is a minefield http://seriot.ch/parsing_json.php
X_Cli
boosted
Someone: "Science is a precise and exact thing with definite answers that everyone in the field agrees on"
Chemists: Haha no
Physicists: *maniacal laughing*
Linguists: *fistfighting each other whilst cackling like hyenas*
- Real Name
- Florian Maury
- XMPP
- florian@im.x-cli.eu
- Occupation
- Network Guardian Angel
I am a RNG (Random Network-#infosec Guy): do not expect better toots than those produced by an infinite number of monkeys. #Antispeciesist
Joined Nov 2017
