Data Safety and Information Security

Data Safety and Information Security

749 bookmarks
Custom sorting
Gift cards, serial numbers and hard technology
Gift cards, serial numbers and hard technology
I bought someone a digital gift card the other day. That’s generally a bad idea, since there’s so much waste and breakage, but it was the right answer to the problem in the moment. The …
·seths.blog·
Gift cards, serial numbers and hard technology
How Do Authentication and Authorization Differ? - The New Stack
How Do Authentication and Authorization Differ? - The New Stack
While related, authentication and authorization are two different concepts that need to be separate steps in an access policy and may well be managed by different teams using different tools.
·thenewstack.io·
How Do Authentication and Authorization Differ? - The New Stack
Is there a way out of password hell?
Is there a way out of password hell?
Passwords are hell. Worse, to make your hundreds of passwords safe as possible, they should be nearly impossible for others to discover—and for you to remember. Unless you’re a wizard, this a…
·blogs.harvard.edu·
Is there a way out of password hell?
Fluid Multi-Pseudonymity
Fluid Multi-Pseudonymity
Fluid multi-pseudonymity perfectly describes the way we live our lives and the reality that identity systems must realize if we are to live authentically in the digital sphere.
·windley.com·
Fluid Multi-Pseudonymity
How does Google Authenticator work? (Part 1)
How does Google Authenticator work? (Part 1)
When you’re accessing services over the WEB – let’s pick GMail as an example – couple of things have to happen upfront: The server you’re connecting to (GMail in our example) has to get to know who you are. Only after getting to know who you are it’s able to decide what resources you are allowed to access (e.g. your own email inbox, your Calendar, Drive etc.). Step 1 above is called authentication.
·prezu.ca·
How does Google Authenticator work? (Part 1)
What’s The Art of War got to do with cybercrime? Quite a bit, actually. | Microsoft Security Blog
What’s The Art of War got to do with cybercrime? Quite a bit, actually. | Microsoft Security Blog
Sun Tzu wrote that mastery in the art of war is about subduing one’s enemy without having to fight. As the modern world contends with increasingly sophisticated cyberattacks from both criminal and political adversaries, this 2500-year-old cliché is key to enterprise security strategy. Today, the “bad guys” of the Internet are both professional in their…
·microsoft.com·
What’s The Art of War got to do with cybercrime? Quite a bit, actually. | Microsoft Security Blog
Steganography Decoded
Steganography Decoded
What exactly is Steganography?
·blog.octachart.com·
Steganography Decoded
Design for Safety, An Excerpt
Design for Safety, An Excerpt
None of us want to build products that put our users’ safety at risk, but how do you reduce the risk that our products will be weaponized by abusers? In this excerpt from Design for Safety, Eva Pen…
·alistapart.com·
Design for Safety, An Excerpt
The Case for Granular Permissions
The Case for Granular Permissions
When it comes to implementing access control in your application, the scheme you decide to use can either make authorization easy to manage as your application and user base grows, or it can really paint you into a corner.
·cerbos.dev·
The Case for Granular Permissions
GitHub Kisses Passwords Goodbye - The New Stack
GitHub Kisses Passwords Goodbye - The New Stack
The top developer site GitHub has had enough second-rate security. So, as of August 13th, GitHub blocked the use of account passwords when authenticating Git operations.
·thenewstack.io·
GitHub Kisses Passwords Goodbye - The New Stack
Command Line Login with the OAuth Device Grant
Command Line Login with the OAuth Device Grant
Tutorial: Learn how to log into input limited devices like TVs and terminals using the OAuth 2.0 Device Grant!
·developer.okta.com·
Command Line Login with the OAuth Device Grant
Firewalls and middleboxes can be weaponized for gigantic DDoS attacks
Firewalls and middleboxes can be weaponized for gigantic DDoS attacks
In an award-winning paper today, academics said they discovered a way to abuse the TCP protocol, firewalls, and other network middleboxes to launch giant distributed denial of service (DDoS) attacks against any target on the internet.
·therecord.media·
Firewalls and middleboxes can be weaponized for gigantic DDoS attacks
CrowdSec, the open-source massively multiplayer firewall
CrowdSec, the open-source massively multiplayer firewall
CrowdSec is a collaborative EDR leveraging the crowd power. Analyze behaviors, respond to attacks & share signals across the community. Security should be accessible to everyone. We make it happen. For free. Join our community and let's make the Internet safer, together.
·crowdsec.net·
CrowdSec, the open-source massively multiplayer firewall