public marks

PUBLIC MARKS with tag security

This month

December 2017

sonarwhal

by dzc
a linting tool for the web: accessibility, speed, security, and more (best practices and common errors)

November 2017

FIR - ABOUT:CONFIG - Overview of Firefox's about:config security and privacy preferences | gHacks Technology News

by decembre
- dom.allow_scripts_to_close_windows Defines whether scripts can close windows in the browser. True: Scripts may close any window. False: Scripts may only close windows opened by scripts. (default) - dom.disable_image_src_set Determines whether JavaScript is allowed to manipulate images displayed in the browser. True: Scripts are allowed to change images. False: Scripts are not allowed (default) _ dom.event.clipboardevents.enabled Determines whether websites are allowed to access clipboard contents (check out: Block websites from reading or modifying Clipboard contents in Firefox for additional information). True: Websites may read or modify clipboard events. (default) False: Blocks access. - dom.event.contextmenu.enabled Determines whether websites are allowed to block access to the right-click context menu. True: Websites may manipulate the context menu. (default) False: Web pages won't be allowed to manipulate or block the context menu. - dom.popup_allowed_events Defines the JavaScript events that are allowed to create popup windows. change click dblclick mouseup reset submit touchend - Determines if location aware browsing is enabled. True: Location Aware browsing is enabled. (default) False: The feature is disabled which means that you won't get prompts on websites using it. - geo.wifi.uri The data provider used to power Firefox's geolocation feature. (Check out how to switch to a Mozilla operated service) https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_API_KEY% - network.http.referer.XOriginPolicy Defines when to set the referrer (the page a visit originated from). 0: Never send it. 1: only send if the base domain matches. 2: only send if hosts match. - plugin.state.flash The default state of the Flash plugin. See How to make sure Firefox plugins never activate again for more information. 0: turns off the Flash plugin in Firefox. 1: sets the Flash plugin to ask to activate. 2: enables the Flash plugin.

FIR 57> - CSP - ABOUT CONFIG - How to enable Firefox WebExtensions on Mozilla websites - Mozilla Firefox 57 - privacy.resistFingerprinting.block_mozAddonManager - TRUE - - FORUM HardWare.fr

by decembre
How to enable Firefox WebExtensions on Mozilla websites (in https://www.ghacks.net/2017/10/27/how-to-enable-firefox-webextensions-on-mozilla-websites/): - Load about:config in the Firefox web browser. - You can run a search for just to make sure it does not exist: privacy.resistFingerprinting.block_mozAddonManager. It does not in the most recent Firefox Nightly builds at the time of writing. - Right-click in the part of the window that lists the preferences, and select New > Boolean from the context menu. - Name the new Boolean value: privacy.resistFingerprinting.block_mozAddonManager. - Set its value to true.

October 2017

September 2017

August 2017

July 2017

May 2017

Let them paste passwords - NCSC Site

by Spone
We think that stopping password pasting (or SPP) is a bad thing that reduces security. We think customers should be allowed to paste their passwords into forms, and that it improves security.

Things to Use Instead of JWT | Kevin Burke

by Spone
You might have heard that you shouldn't be using JWT. That advice is correct - you really shouldn't use it. In general, specifications that allow the attacker to choose the algorithm for negotiation have more problems than ones that don't (see TLS). N libraries need to implement M different encryption and decryption algorithms, and an attacker only needs to find a vulnerability in one of them, or a vulnerability in their combination. JWT has seen both of these errors; unlike TLS, it hasn't already been deployed onto billions of devices around the world.

April 2017

VersionEye - Notification System for Software Packages

by dzc
notifies you about security vulnerabilities, license violations and out-dated dependencies in your Git repositories. Free : 1 private and 4 Open Source Projects

March 2017

Privacy Tools

by wabaus & 3 others
Tools for privacy on devices & across the Internet.

February 2017

January 2017

ZeroDisclo.com by YesWeHack ! The Right Path to Responsible Disclosure

by srcmax
In constant contact with its community of security researchers, YesWeHack can testify that it is complex for a security researcher and therefore, for a whistleblower to report security flaws -in a responsible way- to impacted organisations. Especially, if those organisations do not have a Bounty Bounty program registered on BountyFactory.io

December 2016

Parrot Security OS 3.3

by alamat & 1 other (via)
Palinuro has announced the release of Parrot Security OS 3.3, a new release of the project’s Debian-based, specialist distribution with a collection of utilities designed for penetration testing, computer forensics, reverse engineering, hacking, privacy and cryptography:

5 Ways to Secure Your Browser

by alamat & 1 other (via)
What’s the one piece of software you use more than anything else, day in and day out? For most people, the answer is easy: their web browser.

November 2016

Brace Yourself for Kaspersky’s “Hack-proof” Operating System

by alamat & 1 other (via)
Kaspersky is a security software developer and cyber security firm that is trusted by people globally. So, when the company states that it has created a hack-proof operating system, users are bound to feel overjoyed.

The WordPress megahack that wasn’t

by alamat & 1 other (via)
Since 2013, WordPress has been updating itself, which is a good thing.

PUBLIC TAGS related to tag security

apache +   api +   apple +   authentication +   best practices +   browser +   conception web +   cookies +   crypto +   cyber +   data +   development +   docker +   firefox +   github +   google +   hacking +   hashing +   html5 +   http +   https +   information +   intelligence +   internet +   java +   javascript +   linux +   mot de passe +   oAuth +   online +   password +   passwords +   php +   plugin +   privacy +   readme +   scanner +   secu +   securité +   server +   sécurité +   software +   spam +   ssl +   technology +   tool +   tools +   tracking +   web +   wordpress +  

Active users

sylvainulg
last mark : 03/01/2018 22:51

dzc
last mark : 19/12/2017 15:36

decembre
last mark : 13/12/2017 10:34

mfaure
last mark : 16/10/2017 09:18

François Hodierne
last mark : 13/09/2017 08:23

Spone
last mark : 26/07/2017 22:14

wabaus
last mark : 04/03/2017 16:49

manu
last mark : 02/02/2017 15:50

srcmax
last mark : 25/01/2017 09:59

alamat
last mark : 31/12/2016 03:40