I facepalmed so hard my forehead hurts
I wrote the article.
I didn't know that tool. Having different agents for different projects may be useful, especially if you're using Agent Forwarding. I don't like that you have to alias ssh or replace /usr/xxx/bin/ssh with a symlink to…
Compliance has very little to do with actual security unfortunately...
Have each team member generate his own key. Copy everyone's key in a folder and have a script to generate an authorized_keys file. Use puppet or chef (or anything else) to dispatch the authorized_keys on every server. A…
Unfortunately biometrics are near to useless for remote authentication. The only context in which biometrics work is when the whole authentication chain (reader, cable, computer, network) is tamper-proof. When one of…
I just noticed this an hour ago. Bad config on the server and too little ram. The link should work better now.
I did not test LastPass and 1Password, only FF sync & Keepass. And it was a while ago.
Sorry, I don't have time to do so much work just to log on quickly on my email the morning or when relogging for the 25th time in the ticket manager at work, that has too short sessions. Also, enjoy explaining your…
Seriously, blocking copy & paste, what are they thinking they protect from ? (blogpost writer here)
No, they plan on removing the PRNG from their release. I understand better why my POC worked without triggering the bug. From the mail archive: ". When the discard occurs the data must not be output and the Dual EC DRBG…
Honestly I don't know why. I generate 60 bytes of pseudorandom and that worked on first try.
Fixed. Sorry, French is my first language and I do my best in English, but I learn every day :)
I facepalmed so hard my forehead hurts
I wrote the article.
I didn't know that tool. Having different agents for different projects may be useful, especially if you're using Agent Forwarding. I don't like that you have to alias ssh or replace /usr/xxx/bin/ssh with a symlink to…
Compliance has very little to do with actual security unfortunately...
Have each team member generate his own key. Copy everyone's key in a folder and have a script to generate an authorized_keys file. Use puppet or chef (or anything else) to dispatch the authorized_keys on every server. A…
Unfortunately biometrics are near to useless for remote authentication. The only context in which biometrics work is when the whole authentication chain (reader, cable, computer, network) is tamper-proof. When one of…
I just noticed this an hour ago. Bad config on the server and too little ram. The link should work better now.
I did not test LastPass and 1Password, only FF sync & Keepass. And it was a while ago.
Sorry, I don't have time to do so much work just to log on quickly on my email the morning or when relogging for the 25th time in the ticket manager at work, that has too short sessions. Also, enjoy explaining your…
Seriously, blocking copy & paste, what are they thinking they protect from ? (blogpost writer here)
No, they plan on removing the PRNG from their release. I understand better why my POC worked without triggering the bug. From the mail archive: ". When the discard occurs the data must not be output and the Dual EC DRBG…
Honestly I don't know why. I generate 60 bytes of pseudorandom and that worked on first try.
Fixed. Sorry, French is my first language and I do my best in English, but I learn every day :)