z4yx

cbor = Dissector.get("cbor")
iso7816 = Dissector.get("iso7816")
ctap_proto = Proto("ctaphid","ctap hid")
-- Field Extractor
direction_fe = Field.new("usb.endpoint_address.direction")
udp_srcport_fe = Field.new("udp.srcport")

CTAPHID_COMMAND_CODE = {
    [0x03]='CTAPHID_MSG',
    [0x10]='CTAPHID_CBOR',

SalusaSecondus

Important organizational announcement Due to feedback from several people who wish to contribute, this project is being moved to it's own repository. The master copy is now at SalusaSecondus/CryptoGotchas. This will let us more easily take PRs/Issues and track contributions.

0xdabbad00

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "apigateway:*",
                "autoscaling:*",
                "cloudtrail:*",
                "cloudwatch:*",
                "cloudformation:*",

GuyBarros

{
  "variables": {
    "version": "",
    "memory" : "8196",
    "cpucorecount": "4"
  },
  "provisioners": [
    {
      "type": "file",
      "source": "bootcamp.rli",

kiran

Requiring ICs to demonstrate business impact for promotion is, at best, imprecise, and, at worst, disingenuous. Instead, two more valuable and precise measures are:

1. measuring project management & technical skills (can the engineer effectively/efficiently complete large, unscoped projects?), and
2. evaluating the engineer's contribution to the team's roadmap (can the engineer identify high-value projects within the team's responsibilities? do they push their team to evaluate the prioritization of their work?)

Engineering ICs cannot plan to affect business impact in a foolproof way -- even if an IC had the means to evaluate the impact of their project, it's rare that they are empowered to select projects. Impactful projects are driven partly by luck: whether the project was timely/actually important, whether you get assigned that project, and whether you are given the resources to make the project successful. The influence of luck on impact often pushes engineers to do short-term/unrisky work, when long-te

yossorion

What I Wish I'd Known About Equity Before Joining A Unicorn

Disclaimer: This piece is written anonymously. The names of a few particular companies are mentioned, but as common examples only.

This is a short write-up on things that I wish I'd known and considered before joining a private company (aka startup, aka unicorn in some cases). I'm not trying to make the case that you should never join a private company, but the power imbalance between founder and employee is extreme, and that potential candidates would

avillp

/*
Unportify is a script that exports your Google Play music to text.
Copyright (C) 2016  Arnau Villoslada
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

rawdigits

Blog post: Ryan Huber - Distributed Security Alerting
https://medium.com/several-people-are-coding

Video: Zane Lackey - Building a Modern Security Organization    
https://duo.com/blog/duo-tech-talk-building-a-modern-security-engineering-organization

Krebs on Security Blog
https://www.krebsonsecurity.com

Sony Breach

sleevi

On Twitter the other day, I was lamenting the state of OCSP stapling support on Linux servers, and got asked by several people to write-up what I think the requirements are for OCSP stapling support.

1. Support for keeping a long-lived (disk) cache of OCSP responses.

   This should be fairly simple. Any restarting of the service shouldn't blow away previous responses that were obtained. This doesn't need to be disk, just stable - and disk is an easy stable storage for most server

nelhage

#!/usr/bin/env python
import imaplib
import os
import logging
import optparse

# LABEL = 'support'
# QUERY = 'before:2015-06-01 -label:to-delete'
# DEST  = 'to-delete'
LABEL = 'to-delete'