| | How Heartbleed Could've Been Found (2015) (hboeck.de) |
|
2 points by udev4096 72 days ago | past | 1 comment
|
|
| | Don't update NTP – stop using it (2014) (hboeck.de) |
|
1 point by crcastle 8 months ago | past
|
|
| | How to Create a Secure, Random Password with JavaScript (hboeck.de) |
|
2 points by hannob 11 months ago | past | 2 comments
|
|
| | Please do not put IP addresses into DNS MX records (hboeck.de) |
|
228 points by hannob on Feb 21, 2021 | past | 176 comments
|
|
| | File Exfiltration via LibreOffice in BigBlueButton and JODConverter (hboeck.de) |
|
32 points by hannob on Oct 21, 2020 | past | 5 comments
|
|
| | Generating Crime Safe CSRF Tokens (hboeck.de) |
|
35 points by zdw on April 13, 2020 | past | 7 comments
|
|
| | Generating Crime Safe CSRF Tokens (hboeck.de) |
|
2 points by hannob on April 13, 2020 | past
|
|
| | Userdir URLs like https://example.org/~username/ are dangerous (hboeck.de) |
|
155 points by hannob on April 6, 2020 | past | 131 comments
|
|
| | #include </etc/shadow> (hboeck.de) |
|
406 points by goranmoomin on Dec 17, 2019 | past | 121 comments
|
|
| | Security Issues with PGP Signatures and Linux Package Management (hboeck.de) |
|
2 points by goranmoomin on Dec 17, 2019 | past
|
|
| | #include </etc/shadow> (hboeck.de) |
|
16 points by hannob on Dec 16, 2019 | past | 1 comment
|
|
| | Security Issues with PGP Signatures and Linux Package Management (hboeck.de) |
|
3 points by UkiahSmith on Sept 13, 2019 | past
|
|
| | My Bug Bounty Program Turned into a Free Security Audit for the Serendipity Blog (hboeck.de) |
|
2 points by hannob on Nov 12, 2018 | past
|
|
| | Efail: HTML Mails have no Security Concept and are to blame (hboeck.de) |
|
2 points by zeveb on June 28, 2018 | past
|
|
| | Efail: HTML Mails have no Security Concept and are to blame (hboeck.de) |
|
2 points by hannob on June 27, 2018 | past
|
|
| | Efail: Outdated Crypto Standards Are to Blame (hboeck.de) |
|
4 points by hannob on May 22, 2018 | past | 1 comment
|
|
| | Introducing Snallygaster – a tool to scan for secrets on Web servers (hboeck.de) |
|
2 points by zeveb on April 18, 2018 | past
|
|
| | Introducing Snallygaster – A Tool to Scan for Secrets on Web Servers (hboeck.de) |
|
3 points by hannob on April 11, 2018 | past
|
|
| | OCSP Stapling in Apache and Nginx are broken (hboeck.de) |
|
2 points by okket on Jan 29, 2018 | past
|
|
| | Some Minor Security Quirks in Firefox (hboeck.de) |
|
1 point by hannob on Nov 16, 2017 | past
|
|
| | In Search of a Secure Time Source (hboeck.de) |
|
3 points by dankohn1 on Sept 16, 2017 | past | 1 comment
|
|
| | In Search of a Secure Time Source (hboeck.de) |
|
1 point by hannob on Sept 7, 2017 | past
|
|
| | Abandoned Domain Takeover as a Web Security Risk (hboeck.de) |
|
1 point by grey_shirts on Sept 6, 2017 | past
|
|
| | Abandoned Domain Takeover as a Web Security Risk (hboeck.de) |
|
2 points by hannob on Sept 5, 2017 | past
|
|
| | How I Tricked Symantec with a Fake Private Key (hboeck.de) |
|
200 points by hannob on July 20, 2017 | past | 38 comments
|
|
| | Don't Leave Coredumps on Web Servers (hboeck.de) |
|
87 points by hannob on June 15, 2017 | past | 32 comments
|
|
| | OCSP Stapling, Must Staple and Why Certificate Revocation Is Still Broken (hboeck.de) |
|
5 points by Anthony-G on June 2, 2017 | past
|
|
| | Why Certificate Revocation is still broken (hboeck.de) |
|
3 points by hannob on May 19, 2017 | past
|
|
| | Passwords in the Bug Reports (Owncloud/Nextcloud) (hboeck.de) |
|
2 points by hannob on April 19, 2017 | past
|
|
| | Zero Days and Cargo Cult Science (hboeck.de) |
|
1 point by g0del_was_wr0ng on March 24, 2017 | past
|
|
|
|
More |
