~lobsters | Bookmarks (160)
-
Attacker Techniques: Gesture Jacking
A few years back, I wrote a short explainer about User Gestures, a web platform concept...
-
False security: Dashy's client-side authentication
Update 3/28: The devs have announced that the auth system is to be deprecated. See details...
-
Introducing Ruzzy, a coverage-guided Ruby fuzzer
By Matt Schwager Trail of Bits is excited to introduce Ruzzy, a coverage-guided fuzzer for pure...
-
Flatpak Permission Survey | Eric Anderson
When working through yesterday’s post, half-way through I found the 2020 flatkill.org post and the TheEvilSkeleton...
-
How secure are passwords stored in Chrome or Firefox? | Lobsters
(I thought I’d ask here rather than stackoverflow or reddit because I trust people here more,...
-
Mozilla fixes two Firefox zero-day bugs exploited at Pwn2Own
Mozilla has released security updates to fix two zero-day vulnerabilities in the Firefox web browser exploited...
-
Arch Linux minimal container userland 100% reproducible - now what? - Arch-dev-public - lists.archlinux.org
hello, in last week's email to the reproducible-builds email list[1] about reproducible Arch Linux I mentioned...
-
Attesting to the TPM’s Firmware
Murphy’s Law says: Anything that can go wrong will go wrong. Unfortunately, TPMs fall into the...
-
Blackbox-Fuzzing of IoT Devices Using the Router TL-WR902AC as Example
IT Security student and wannabe Rustacean. This is the HTML version of my term paper which...