ninegunpi
- Karma
- 97
- Created
- October 4, 2017 (8y ago)
- Submissions
- 0
CTO at data security company. Opinions reflect my current state of mind and nothing else matters. I blog at http://www.ivychapel.ink about information security, risk and other things that amaze me.
- Preventing SQL Injections When WAF’s Not Enough (cossacklabs.com)
- Web app data leaks and how to prevent them 101 (hackernoon.com)
- Quiche: QUIC implementation in Rust (github.com)
- Hiring external security team: what you need to know (cossacklabs.com)
- Implementing tracing in modern distributed app (cossacklabs.com)
- Analysis of ProtonMail Cryptographic Architecture (eprint.iacr.org)
- Highlights of french cybersecurity strategy (blog.lukaszolejnik.com)
- Two types of engineering resiliency (medium.com)
- Meltdown, Spectre, and why hardware can be correct yet insecure (andrumyers.wordpress.com)
- SecureRandom is now secure in Ruby (paragonie.com)
- Hermes distributed access control scheme (cossacklabs.com)
- Disco – mixing Strobe and Noise protocol frameworks (cryptologie.net)
- Analysis of remote DoS vulnerability in VirtualBox (unimplemented.org)
- Standardizing Bad Cryptographic Practice [pdf] (eprint.iacr.org)
- Why TLS 1.3 isn't ready yet (feistyduck.com)
- An incident response blog post containing 0day vuln (security.infoteam.ch)
- Why decentralized social services fail (medium.com)
- Post-Quantum Crypto: From NewHope to Kyber [pdf] (cryptojedi.org)
- Affected products by Infineon RSA vulnerability (gist.github.com)
- On PGP cipher preferences and OpenPGP compliance (research.kudelskisecurity.com)
- Breaking Ed25519 in WolfSSL [pdf] (eprint.iacr.org)