Tootfinder

Opt-in global Mastodon full text search. Join the index!

@qbi@freie-re.de
2024-08-13 16:10:14

Die #NIST hat drei neue Standards zur #Verschlüsselung vorgestellt:
- FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism Standard

Federal Information Processing Standard (FIPS) 203, Module-Lattice-Based Key-Encapsulation Mechanism Standard
A key-encapsulation mechanism (KEM) is a set of algorithms that, under certain conditions, can be used by two parties to establish a shared secret key over a public channel. A shared secret key that is securely established using a KEM can then be used with symmetric-key cryptographic algorithms to perform basic tasks in secure communications, such as encryption and authentication. This standard specifies a key-encapsulation mechanism called ML-KEM. The security of ML-KEM is related to the compu…

@kurtsh@mastodon.social
2024-10-05 07:48:01

IronNet goes bankrupt. Nope, I hadn't heard of 'em either.
"Collapse of national security elites' cyber firm leaves bitter wake" | AP News
apnews.com/article/keith-alexa

Collapse of national security elites' cyber firm leaves bitter wake
IronNet, a cybersecurity startup, had promised it would combat hackers using a unique blend of expertise and software. Helmed by a former director of the National Security Agency, the firm went public in 2021, and its value shot past $3 billion. Then it collapsed. The firm declared bankruptcy last year, leaving behind a trail of bitter investors and former employees who remain angry at the company and say it misled them about its financial health and potential. National security experts, former…

@Jeff@mastodon.opencloud.lu
2024-07-18 17:04:45

via #NATO

"At the 2024 NATO Summit in Washington, D.C., Allies agreed to establish the NATO Integrated Cyber Defence Centre to enhance network protection, situational awareness and the implementation of cyberspace as an operational domain."
read more:

Cyber defence
Cyber threats to the security of the Alliance are complex, destructive and coercive, and are becoming ever more frequent. Cyberspace is contested at all times and malicious cyber events occur every day, from low-level to technologically sophisticated attacks. NATO and Allies are responding by strengthening the Alliance’s ability to detect, prevent and respond to malicious cyber activities. NATO and its Allies rely on strong and resilient cyber defences to fulfil the Alliance’s three core ta…

@x_cli@infosec.exchange
2024-10-04 13:32:55

Unpopular opinion on software development
Yesterday, I came across CI cultists.
They were preaching one should merge in main multiple times a day.
Quite frankly, I associate this behaviour to lab rats compulsively clicking the button to get gratifications (please don't do that to rats).
I think developers should refrain from becoming merge junkies. Code review is essential for good code quality. Automated tests suck at detecting logical errors, security vulnerabilities, and even decent code coverage.
Also, I believe pair programming is absolutely not a strategy to allow continuous integration. Everybody involved in the development process is drunk on their own bullshit reasons they made up to justify their poor design. Either the code review should be done by someone else, or the developers should sober up for a fortnight before code reviewing their own code.
PS: I am a software developer. I get drunk on my own bullshit as well.
#software #development #ci #codereview