A few hours ago, I published a small article on Whitesmith’s blog about sharing and managing secrets, inside a software development environment. At first I dig a little into this problem that is very common and later I explain how we are addressing these issues. You can check it through the following link: Managing Secrets […]
Security is one of those areas where it is very hard to know if everything is taken care of. So you have been working on this project for a while and you want to deploy it into a production server, there are several settings on this new environment that should differ from your development one. […]
During the first couple of months of the year 2015 I’ve worked a “little” on the subject of security in the Internet of things world. Even though there is a lot of information about this topic and its crucial role on this new era of the IoT. So today I will share a small document […]
Last week I gave a small workshop during the lunch hour (the famous Whitesmith’s “Lunch’n Learn”) about openPGP. It only covered the most basic aspects so that non-technical people could be introduced to this tool, something that can be very useful when someone is sharing or working with sensitive information (either personal or work related). […]
Today I published a blog post about how to easily run and automate security tests while developing your websites and web applications using Zed Attack Proxy. The example uses Ruby on Rails framework but it is independent of any stack. I’m planning to write a follow up article on the same theme, so any feedback on […]
Please avoid what is happening right now with the student’s platform of my university, that is, letting your SSL certificate expire over the weekend. Initially it will raise suspicion and distrust based on the alert showed by the browser and if the issue lasts too long it will expose lots of users to phishing attacks, […]
Another week, another scandal. The general public might pass by without noticing the recent news about Lenovo computers but the tech community in the Internet is incredulous. What we witnessed was serious and a betrayal of the customer confidence, so in this post I will try to briefly cover everything that I’ve read about the […]
2014 was a year where we witnessed a huge amount in Internet related security incidents, in the previous years, the world understood that our Internet usage is not only accessible to us and our service providers but to every middleman in the way as well. So it is natural that the recent trend is to […]
When talking about privacy and online surveillance (a topic that has been in the spotlight over the last year) with friends, colleagues and people that haven’t given much thought about these issues, the most common answer i hear is (as you’ve already guessed) “I’ve nothing to hide”, which is fallacious argument. Arguing with someone that […]
Following this PRISM thing that’s going on for several weeks now, Internet privacy become a hot topic with extensive discussions and vast amounts of content being written about it (a good thing from my perspective). In this post I will try to sum some tips to improve your privacy and safety while surfing the web. […]