security-articles

Security engineering articles

• 2022-04-23 How SHA-256 Works Step-By-Step Boot.dev
• 2022-04-23 Very Basic Intro to Hash Functions SHA-256, MD5, etc Boot.dev
• 2022-04-23 Basic Intro to Key Derivation Functions Boot.dev

  By Lane Wagner on Dec 30, 2019

• 2022-04-20 What an X.509 Certificate Is & How It Works Sectigo® Official
• 2022-04-20 What is an X.509 certificate?
• 2022-06-01 📺 7 Cryptography Concepts EVERY Developer Should Know - YouTube

Books and Courses

• 2022-01-19 🎥 Security engineering course Light Blue Touchpaper
• 2022-01-19 📕 Security Engineering - A Guide to Building Dependable Distributed Systems

Articles

• 2024-02-09 Technology-best-practices/it_security/server_security/README.md at master · vaquarkhan/Technology-best-practices · GitHub

• 2022-03-05 Badly implementing encryption

  Low-level security in Rust

• 2022-02-22 ⭐⭐⭐ veeral-patel/how-to-secure-anything: How to systematically secure anything: a repository about security engineering

  Security engineering is the discipline of building secure systems. Its lessons are not just applicable to computer security. In fact, in this repo, I aim to document a process for securing anything, whether it's a medieval castle, an art museum, or a computer network.

2023-06-12 Desktop Linux Hardening | PrivSec - A practical approach to Privacy and Security

ToC

• During Installation
  • Drive Encryption
  • Encrypted Swap
• Privacy Tweaks
  • NetworkManager Trackability Reduction
  • Other Identifiers
    • System Counting
  • Keystroke Anonymization
• Application Confinement
  • Flatpak
  • Snap
  • Firejail
  • Mandatory Access Control
  • Making Your Own Policies/Profiles
  • Securing Linux Containers
• Security Hardening
  • Umask 077
  • Microcode Updates
  • Firmware Updates
  • Firewall
  • Kernel Hardening
    • Runtime Kernel Parameters (sysctl)
    • Boot Parameters
      • CPU mitigations
      • Kernel
      • Entropy generation
      • DMA mitigations
    • Kernel Modules
    • Restricting access to /proc and /sys
    • linux-hardened
    • grsecurity
  • Hardened Memory Allocator
  • Mountpoint Hardening
  • Disabling SUID
  • DNSSEC
  • Time Synchronization
  • Pluggable Authentication Modules (PAM)
  • Storage Media Handling
    • UDisks
    • autofs
  • USB Port Protection
• Secure Boot
  • Enrolling your own keys
  • Unified Kernel Image
  • Encrypted /boot
    • openSUSE
    • Other Distributions
  • Notes on Secure Boot

NGINX

• 2022-02-22 Avoiding the Top 10 NGINX Configuration Mistakes - NGINX

TLS

• 2022-08-03 The Illustrated TLS 1.3 Connection: Every Byte Explained

  Every byte explained and reproduced In this demonstration a client connects to a server, negotiates a TLS 1.3 session, sends "ping", receives "pong", and then terminates the session. Click below to begin exploring.

Notes

• 2022-11-28 Downloading the official binaries — Tabletop Club master documentation

# Windows
certutil -hashfile TabletopClub_vX.X.X_Windows_64.zip SHA512

# macOS
shasum -a 512 TabletopClub_vX.X.X_OSX_Universal.zip

# Linux / *BSD
sha512sum TabletopClub_vX.X.X_Linux_64.zip

Tools

OpenSSL

• 2022-06-14 How to encrypt a big file using OpenSSL and someone's public key
• 2022-06-14 Encrypting and decrypting files with OpenSSL Opensource.com

  Stay on top of the latest thoughts, strategies and insights from enterprising peers.

Messengers

• 2022-06-14 Off-the-Record Messaging