How to mitigate OWASP vulnerabilities while staying in the flow
Explore how GitHub Advanced Security can help address several of the OWASP Top 10 vulnerabilities ⌘ Read more
user/bmallred/data/2022-11-03-10-52-16.fit: 4.22 miles, 00:11:04 average pace, 00:46:42 duration
user/bmallred/data/2022-11-02-03-27-43.fit: 8.02 miles, 00:10:35 average pace, 01:24:53 duration
user/bmallred/data/2022-11-01-10-47-00.fit: 5.11 miles, 00:10:52 average pace, 00:55:30 duration
I’m quite curious about this “Ghosts from the Library”. Medawar edits the collection “Bodies from the Library” (which I recommend) and this idea of going through old newspapers to recover serialised stories or finding never published before ones is quite appealing.
Ghosts and Ghosts from the Library
http://doyouwriteunderyourownname.blogspot.com/2022/10/ghosts-and-ghosts-from-library.html ⌘ Read more
Creating a more inclusive security research field
A glimpse into the backgrounds and day-to-day work of several GitHub employees in cybersecurity roles. ⌘ Read more
SourceHut is banning cryptocurrency projects
SourceHut, a source code hosting service, is banning cryptocurrency- and blockchain-projects: ⌘ Read more
Gajim: Gajim 1.5.3
Gajim 1.5.3 brings back a feature many of you missed: selecting and copying multiple messages. Emoji shortcodes have been improved and cover even more emojis now. Gajim also lets you mark workspaces as read, so you don’t have to go through all conversations. Thank you for all your contributions!
Since we changed the way Gajim displays messages in Gajim 1.4, selecting multiple messages to copy them was not possible anymore. With Gajim 1.5.3 you can now select multiple messag … ⌘ Read more
user/bmallred/data/2022-10-30-04-22-51.fit: 1.77 miles, 00:10:42 average pace, 00:18:55 duration
user/bmallred/data/2022-10-30-02-37-48.fit: 9.49 miles, 00:09:06 average pace, 01:26:24 duration
JMP: SMS Account Verification
Some apps and services (but not JMP!) require an SMS verification code in order to create a new account. (Note that this is different from using SMS for authentication; which is a bad idea since SMS can be easily intercepted, are not encrypted in transit, and are v … ⌘ Read more
Now that Elon Musk owns Twitter™, it might be worthwhile thinking about other alternative social media ecosystems like Yarn.social based on the Twtxt format. ⌘ Read more
ProcessOne: ejabberd 22.10
This ejabberd 22.10 release includes six months of work, over 140 commits, including relevant improvements in MIX, MUC, SQL, and installers, and bug fixes as usual.
This version brings support for latest MIX protocol version, and significantly improves detection and recovery of SQL connection issues.
There are no breaking changes in SQL schem … ⌘ Read more
13 tiny, terrific, and terrifying games to hack, slay, and play this Halloween 🧛🏻♀️
Some seriously spooktacular open source games for the web, Windows, macOS, and Linux with all sorts of fun hacks for infinite lives, invulnerability, and playing with time. ⌘ Read more
Cybersecurity spotlight on bug bounty researcher @ahacker1
As we wrap up Cybersecurity Awareness Month, the GitHub bug bounty team is excited to spotlight one of the security researchers who participates in the GitHub Security Bug Bounty Program. ⌘ Read more
Release Radar · September 2022 Edition
Hackatoberfest, hackathons, and open source contributions. It’s been a hectic month with so many community pull requests to all kinds of projects. So many in fact that we had to spend hours going through all the submissions for this blog post. We almost didn’t get it out before the end of October. Nevertheless, we are […] ⌘ Read more
ProcessOne: ejabberd 22.10
This ejabberd 22.10 release includes five months of work, over 120 commits, including relevant improvements in MIX, MUC, SQL, and installers, and bug fixes as usual.
This version bring support for latest MIX protocol version, and significantly improves detection and recovery of SQL connection issues.
There are no breaking changes in SQL schem … ⌘ Read more
Choose your own GitHub Universe 2022 adventure
You can now build your agenda on GitHubUniverse.com! Whether you’re just getting started or you’re a seasoned industry professional, there’s a session for you. ⌘ Read more
What we learned from the Security Lab’s Community Office Hours
TheGitHub Security Lab provided office hours for open source projects looking to improve their security posture and reduce the risk of breach. Here’s what we learned and how you can also participate. ⌘ Read more
user/bmallred/data/2022-10-27-10-58-52.fit: 4.74 miles, 00:09:56 average pace, 00:47:01 duration
Diversity, inclusion, and belonging at GitHub in 2022
As GitHub continues to grow, our vision of being the home for all developers continues to materialize, expanding our progress, perspectives, and responsibility to the world. ⌘ Read more
Lunduke’s Normal Computing News - October 26, 2022
Listen now (43 min) | macOS Ventura, Ubuntu 22.10, Microsoft looking to control how Linux boots, Windows ARM dev box, and… Linux dropping 486 support? ⌘ Read more
Because I used Prometheus and Grafana at work, I also tried them at home and I must say, monitoring isn’t as boring as I always thought. Next up Kubernetes? 😅 ⌘ Read more
Paul Schaub: Implementing Packet Sequence Validation using Pushdown Automata
This is part 2 of a small series on verifying the validity of packet sequences using tools from theoretical computer science. Read part 1 here.
In the previous blog post I discussed how a formal grammar can be transformed into a pushdown automaton in order to check if a sequence of packets or token … ⌘ Read more
3 strategies for consolidating your toolkit and boosting productivity
Explore how GitHub Enterprise can help you transform your software engineering organization and practices. ⌘ Read more
Why and how GitHub encrypts sensitive database columns using ActiveRecord::Encryption
You may know that GitHub encrypts your source code at rest, but you may not have known that we encrypt sensitive database columns as well. Read about our column encryption strategy and our decision to adopt the Rails column encryption standard. ⌘ Read more
user/bmallred/data/2022-10-26-03-46-39.fit: 8.51 miles, 00:09:43 average pace, 01:22:40 duration
user/bmallred/data/2022-10-25-13-46-20.fit: 4.59 miles, 00:09:52 average pace, 00:45:19 duration
Why we’re excited about the Sigstore general availability
The Sigstore GA means you can protect your software supply chain today with GitHub Actions, and will power new npm security capabilities in the near future. ⌘ Read more
98.css (again)
I already shared “98.css” on my blog in 2020. It’s a CSS framework that styles semantic HTML to look like Windows 98. ⌘ Read more
**RT by @mind_booster: 🗓️ 21/10/2022
📝 P.R. (L) ➡️ Recomenda ao GOV que estabeleça a obrigatoriedade de sistemas de reciclagem/reutilização d’águas cinzentas em novas construções e considere a elegibilidade desses sistemas para apoios financeiros
✅ PSD, BE, PAN, L
❌
⚪️ PS, CH, IL, PCP
Aprovado 🟢**
🗓️ 21/10/2022
📝 P.R. (L) ➡️ Recomenda ao GOV que estabeleça a obrigatoriedade de sistemas de reciclagem/reutilização d’águas cinzentas em novas construções e considere a elegibilidade desses sistemas para apoios fin … ⌘ Read more
HM [04;01;07]: 13 mile run: 15.07 miles, 00:10:00 average pace, 02:30:47 duration
https://galusik.fr/log/2022-10-23-new-blog-workflow.html New blog workflow: from markdown to gemtext
Protecting Internal Web Resources
BackgroundTL;DR: This blog post is a write-up of the process I went through to setup a set of internal web resources and apps for a small company I am running in my spare time ( providing a Single-Sign-On / SSO experience for internal users with web applications protected by flexible access policies including single and multi-factor authentication / two-factor authentication or 2FA).
As I mentioned in the TL;DR above, I run a small software/technology com … ⌘ Read more
Build a game this November with Game Off 2022
Save the date! Game Off returns on November 1 for it’s 10th year! 🎉 ⌘ Read more
Git Merge 2022 – that’s a wrap! 🎬
Git Merge 2022 just wrapped up bringing the community together for 16 talks, three workshops, one Git Contributor Summit, and lots of great conversations over two days. Read on for more info, photos from the event, and all of the session recordings. ⌘ Read more
user/bmallred/data/2022-10-21-09-45-18.fit: 2.97 miles, 00:13:09 average pace, 00:39:01 duration
Build a game this November with Game Off 2022
Save the date! Game Off returns on November 1 for it’s 10th year! 🎉 ⌘ Read more