Ironically, according to my experience, the .well-known directory doesn’t do justice to its name. Even in use cases that would fit nicely in its original purpose. But I’m getting a bit ahead of myself. Let’s first start with what it is, then move to discuss where it’s used. But we’ll do this rapidly, otherwise this […]
Ten years ago, after it became clear to almost everyone that all our online activity was being tracked and stored, I wrote a blog post about simple steps a person could take to improve their privacy online. Essentially, it contains a few recommendations that everyone could follow to reduce their fingerprint without much effort. It […]
I’ve been looking into this area, of how to handle and manage a large quantity of secrets and users, for quite a while (old post), because when an organization or infrastructure grow, the number of “secrets” required for authentication and authorization increase as well. Is at this stage that bad practices (that are no more […]
Recently there was been a big fuss about “Mastodon“, an open-source project that is very similar to twitter. The biggest difference is that it is federated. So what it means? It means that it works like “email”, there are several providers (called instances) where you can create an account (you can setup your own server […]
This video about Gitlab was posted recently and is a very interesting case-study on how a company can normally function while having all of its employees working remotely.
A long time ago, most of the modern website analytics software made the shift from relying on server logs to use client-side code snippets to gather information about the user, in this last category we can include as examples Google Analytics and Piwik. In fact, this paradigm allows to collect information with greater detail about […]
A few hours ago, I published a small article on Whitesmith’s blog about sharing and managing secrets, inside a software development environment. At first I dig a little into this problem that is very common and later I explain how we are addressing these issues. You can check it through the following link: Managing Secrets […]
Last week I gave a small workshop during the lunch hour (the famous Whitesmith’s “Lunch’n Learn”) about openPGP. It only covered the most basic aspects so that non-technical people could be introduced to this tool, something that can be very useful when someone is sharing or working with sensitive information (either personal or work related). […]
Last week I’ve read a great post entitled “Web Design: The First 100 Years“, it is a long one but definitely worth reading. I will just leave here a quote (3 short paragraphs) because it puts into words something that already crossed my mind multiple times. “A further symptom of our exponential hangover is bloat. […]
2014 was a year where we witnessed a huge amount in Internet related security incidents, in the previous years, the world understood that our Internet usage is not only accessible to us and our service providers but to every middleman in the way as well. So it is natural that the recent trend is to […]