On a monthly basis I will publish my reading recommendations which mainly focus on Information Security (InfoSec) and Outdoor Sports. All InfoSec Reading Lists can be found here.
Quotes from the Twitterverse
InfoSec
- Facebook calls for a more people-centric security industry - “The lack of focus on those more mundane problems came about because often security experts had little interest in or empathy for people, he said” - [link]
- Remote Code Execution In Source Games - Ever get remote code execution by fragging a player? - [link]
- LinkedIn reveals your personal email to your connections - the interesting part of this article is the discussion around the contextual integrity (CI) theory by Helen Nissenbaum - [link]
- Black Hat 20 & DEFCON 25 - summary and recommended talks - [link]
- Top 10 Most Obvious Hacks of All Time (v0.9) - [link]
- Breaking the Security Model of Subgraph OS - interesting discussion around the sandboxing capabilities of Qubes OS and Subgraph OS - [link]
- Be Prepared: Journalists and Security Researchers - - [link]
- Compartmentation is hard, but the Big Data playbook makes it harder still - [link]
- How the Twitter App Bypasses Paywalls - relying on referer and user-agent for authentication purposes is bad but obviously a desperate try to hold non-tech-savvy users off the paid web offers - [link]
- Yahoo Small Business (Luminate) and the Not-So-Secret Keys - [link]
- $10k host header - High School student gets 10,000 USD bug bounty for changing host header information - [link]
- What is the Horus scenario - The Horus scenario, is a scenario describing a large scale cyber attack targeting the vital electrical infrastructure. - [link]
- Mitigations: Completeness/Effectiveness vs Performance - [link]
- Learnings from analysing my compromised server (Linode) - writeup about what can go wrong in case you pick a weak root password for your sshd - [link]
- From Chrysaor to Lipizzan: Blocking a new targeted spyware family - [link]
Outdoor
- Whitewater Packrafting 101: 10 Things You Need to Know to Paddle Safe + Strong - [link]
- Arctic Alaska Packrafting Gear Suggestions: an Annotated Photo-list - very helpful post by Roman Dial on packrafting gear based on 50 years of experience - [link]
- The Garmin inReach: Merging Navigation & Communication - these are the new devices that merge the traditional Garmin GPS devices and Delorme’s InReach - I’m specifically astonished about the battery: “100 hours in 10-min tracking mode / 30 days in 30-min interval power saving mode” - [link]
- The man who went on a hike – and never stopped walking - [link]
- Vindelfjällens Traverse, a packrafting lesson. - interesting report about how quickly things can go wrong when going packrafting - [link]
- 400 Miles Jordan Hike - this sounds amazing and I would love to go back to Jordan anytime - [link]