GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Notices by Loren Kohnfelder (lmk@infosec.exchange)

  1. Embed this notice
    Loren Kohnfelder (lmk@infosec.exchange)'s status on Friday, 06-Dec-2024 05:04:03 JST Loren Kohnfelder Loren Kohnfelder
    in reply to
    • Simon Willison

    @simon What is the source of this "standard advice"? I ask because it seems misguided on the face of it (not that I don't believe you that it's out there). Is there a collection of such standard advice - if it's like this I'd like to debunk it, could make an interesting series or book.

    In conversation about 6 months ago from infosec.exchange permalink
  2. Embed this notice
    Loren Kohnfelder (lmk@infosec.exchange)'s status on Wednesday, 07-Feb-2024 22:44:57 JST Loren Kohnfelder Loren Kohnfelder
    in reply to
    • Electronic Frontier Foundation

    @eff Serious question: What are businesses supposed to do? Secrets are hard to keep in large organizations, and they need to authenticate between organizations.

    In conversation about a year ago from infosec.exchange permalink
  3. Embed this notice
    Loren Kohnfelder (lmk@infosec.exchange)'s status on Wednesday, 07-Feb-2024 22:44:53 JST Loren Kohnfelder Loren Kohnfelder
    in reply to
    • mcv
    • Electronic Frontier Foundation

    @mcv @eff We've had PGP and SMIME email for ages but hardly anyone bothers...
    Since it takes both parties it's blocked by chicken-and-egg problems getting started.
    Kind of amazing that it has come to this and still nobody is very serious about solidly authenticating million-dollar scale transactions.

    In conversation about a year ago from infosec.exchange permalink
  4. Embed this notice
    Loren Kohnfelder (lmk@infosec.exchange)'s status on Friday, 02-Feb-2024 00:57:03 JST Loren Kohnfelder Loren Kohnfelder
    in reply to
    • Natasha Nox 🇺🇦🇵🇸
    • Matt Palmer
    • Ryan Castellucci :nonbinary_flag:

    @ryanc do you still have the 5 lines of code to share? @Natanox @womble gotofail was preventable just by a unit test checking that each of the necessary conditions were being tested. Nice blast from the past.

    In conversation Friday, 02-Feb-2024 00:57:03 JST from infosec.exchange permalink
  5. Embed this notice
    Loren Kohnfelder (lmk@infosec.exchange)'s status on Tuesday, 14-Nov-2023 07:02:08 JST Loren Kohnfelder Loren Kohnfelder
    in reply to
    • nixCraft 🐧

    @nixCraft I recommend composing the commit message first, then coding to match.

    In conversation Tuesday, 14-Nov-2023 07:02:08 JST from infosec.exchange permalink

User actions

    Loren Kohnfelder

    Loren Kohnfelder

    Author of Designing Secure Software: A guide for developers#securedesign

    Tags
    • (None)

    Following 0

      Followers 0

        Groups 0

          Statistics

          User ID
          212632
          Member since
          13 Nov 2023
          Notices
          5
          Daily average
          0

          Feeds

          • Atom
          • Help
          • About
          • FAQ
          • TOS
          • Privacy
          • Source
          • Version
          • Contact

          GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

          Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.