DevOps, Security, Whatever

Two Solo U2F tokens, red and black, created out of triangles.

Making identical U2F hardware security keys

Identical U2F authentication tokens can be made, but not really...

Posted

#Articles

Turning e-paper book reader into digital picture frame

Recycling old PocketBook 624 e-book reader to show a bunch of images. #einktober

Posted

#Articles

Splitting cryptographic key with openssl and bash

Use split key split with openssl and bash to protect secrets in CI/CD pipeline.

Posted

#Articles

Protecting The Company

What could a company do to protect itself from aggressive threats that are a byproduct of a geopolitical turmoil.

Posted

#Articles

Automating Internal Certificate Issuance With ACME-based Certificate Authority

Lessons learned from running Let's Encrypt Boulder certificate authority software in the company.

Posted

#Articles

Lessons Learned Using Vault As A Secret Store

Lessons learned from the multi year operation of the HashiCorp Vault Open Source deployment.

Posted

#Articles

Notes On Threat Modeling

Notes on threat modeling from a defender's perspective.

Posted

#Articles

Photo by Jon Moore https://unsplash.com/photos/bBavss4ZQcA

Directions Of The Cybersecurity Industry

Covid crisis and the forced work-from-home comes with the rapid transformation of a traditional established company to an online only business with most of the work force working remote.

Posted

#Articles

Waze: How I Tracked Your Mother

Tracking Waze drivers with UI elements.

Posted

#Articles

Vault Authentication with YubiKey

Leverage PKCS#11 support in curl to authenticate with the Vault's TLS Certificates Auth Method

Posted

#Articles

DevOps

DevOps: easy answers, hard questions

There is a myriad of problems that comes from the "Build it, maintain it, operate it" territory.

Posted

#Articles

Validating Bitmessage public keys

Let's check if public keys are valid elliptic curve points according to a secp256k1 parameters.

Posted

#Articles