Making identical U2F hardware security keys
Identical U2F authentication tokens can be made, but not really...
Posted
#Articles
DevOps, Security, Whatever
Turning e-paper book reader into digital picture frame
Recycling old PocketBook 624 e-book reader to show a bunch of images. #einktober
Posted
#Articles
Splitting cryptographic key with openssl and bash
Use split key split with openssl and bash to protect secrets in CI/CD pipeline.
Posted
#Articles
Protecting The Company
What could a company do to protect itself from aggressive threats that are a byproduct of a geopolitical turmoil.
Posted
#Articles
Automating Internal Certificate Issuance With ACME-based Certificate Authority
Lessons learned from running Let's Encrypt Boulder certificate authority software in the company.
Posted
#Articles
Lessons Learned Using Vault As A Secret Store
Lessons learned from the multi year operation of the HashiCorp Vault Open Source deployment.
Posted
#Articles
Notes On Threat Modeling
Notes on threat modeling from a defender's perspective.
Posted
#Articles
Directions Of The Cybersecurity Industry
Covid crisis and the forced work-from-home comes with the rapid transformation of a traditional established company to an online only business with most of the work force working remote.
Posted
#Articles
Waze: How I Tracked Your Mother
Tracking Waze drivers with UI elements.
Posted
#Articles
Vault Authentication with YubiKey
Leverage PKCS#11 support in curl to authenticate with the Vault's TLS Certificates Auth Method
Posted
#Articles
DevOps: easy answers, hard questions
There is a myriad of problems that comes from the "Build it, maintain it, operate it" territory.
Posted
#Articles
Validating Bitmessage public keys
Let's check if public keys are valid elliptic curve points according to a secp256k1 parameters.
Posted
#Articles