Generating UUIDs at scale on the Web
Posted on July 10, 2020, Level beginner Resource Length long
Can you trust every browser to generate globally unique identifiers at scale? At Teads, we have tried, and the answer is yes, with a few caveats. This article describes the experiments we've run and the discoveries we made along the way. By Matthieu Wipliez, senior software engineer @ Teads.
6 best practices for managing Git repos
Posted on July 7, 2020, Level beginner Resource Length medium
This article reviews some of the best practices when it comes to adding files to your own repositories. Resist the urge to add things in Git that will make it harder to manage; here's what to do instead. By Seth Kenlon (Red Hat).
How to improve JWT performance in Node.js
Posted on July 1, 2020, Level advanced Resource Length long
Each operation, even the smallest one, counts towards the performance and availability of a service. High performance and availability must be maintained without compromising the security of the system. By Paolo Insogna @nearform.com.
Two-Factor Authentication (2FA) for SSH with Google Authenticator
Posted on June 18, 2020, Level beginner Resource Length short
If you've ever signed up for a Google, Github, or Twitter account then you've likely come across two-factor authentication. Adding in two-factor logins to SSH then seems like a no brainer. It provides a much-needed extra security layer on an otherwise very vulnerable port of entry to your server. By serverauth.com.
How does public key encryption work? | Public key cryptography and SSL
Posted on June 1, 2020, Level beginner Resource Length short
Public key encryption, also known as asymmetric encryption, uses two separate keys instead of one shared one: a public key and a private key. Public key encryption is an important technology for Internet security. By cloudflare.com.
Healthcare analytics platform reference architecture
Posted on May 23, 2020, Level intermediate Resource Length long
This document explains the architecture of the healthcare analytics platform—a set of tools on Google Cloud that helps you process clinical and operational healthcare data—to researchers, data scientists, IT teams, and business analysts. By cloud.google.com.
Test Ansible roles using Molecule and Podman
Posted on May 14, 2020, Level intermediate Resource Length medium
I needed to have testing added to Ansible roles. There are various people in the customer organization developing roles, and we want a lightweight, easy to use test process to unify the looks and quality of the roles. By Ilkka Tengvall.
How to unlock Windows systems with a bootable flash drive
Posted on May 2, 2020, Level advanced Resource Length long
Accessing a locked system is always a challenge. Full-disk encryption presents an immediate challenge to forensic experts. When acquiring computers with encrypted system volumes, the investigation cannot go forward without breaking the encryption first. By Oleg Afonin from ElcomSoft.
Tags infosec programming software
Setting SSL/TLS protocol versions with PostgreSQL 12
Posted on March 28, 2020, Level intermediate Resource Length medium
Straight to the point tutorial about setting SSL/TLS protocol versions in open source database PostgresQL. Published by Peter Eisentraut.
User authentication with Amplify in React Native and Expo app
Posted on March 16, 2020, Level intermediate Resource Length long
AWS Amplify is a fantastic framework that helps you develop your web or mobile applications quickly. By Aman Mittal.
Securing Firefox with WebAssembly
Posted on February 28, 2020, Level advanced Resource Length medium
Protecting the security and privacy of individuals is a central tenet of Mozilla's mission, and so they constantly endeavor to make their users safer online. With a complex and highly-optimized system like Firefox, memory safety is one of the biggest security challenges. By Nathan Froyd.
How to find and fix Docker container vulnerabilities in 2020
Posted on February 23, 2020, Level intermediate Resource Length long
Containerization allows engineering teams to create a sandbox environment in which to run and test applications. But these open-source images may sometimes contain vulnerabilities which can jeopardise the safety of containers and in turn its host computer/server. By Dipto Karmakar.
Tags containers docker infosec