Secure Software Blogwatch Rejoice, devs and all! Privacy Pass standard nukes CAPTCHAs Richi Jennings Apple is to support the new Privacy Pass standard, to “attest” that its users aren’t robots. Google is expected to be... Read More
Software Supply Chain Security Software supply chain alert: ‘7 million’ cleartext access tokens in Travis CI logs Richi Jennings Travis CI cleartext logs are trivially easy to access—all 770 million of them. And researchers have found lots of... Read More
Secure Software Blogwatch How to make C++ memory-safe? Chrome targets UAF bugs with garbage collection Richi Jennings The solution to use-after-free bugs is to *not* free memory. Google’s Chrome team is the latest group to jump on the... Read More
Secure Software Blogwatch Proposal: It’s time to regulate and license devs Richi Jennings Software engineers are engineers. So why don’t we regulate them—as we do other professions that build critical... Read More
Secure Software Blogwatch Rejoice, devs and all! Privacy Pass standard nukes CAPTCHAs Richi Jennings Apple is to support the new Privacy Pass standard, to “attest” that its users aren’t robots. Google is expected to be... Read More
Software Supply Chain Security Software supply chain alert: ‘7 million’ cleartext access tokens in Travis CI logs Richi Jennings Travis CI cleartext logs are trivially easy to access—all 770 million of them. And researchers have found lots of... Read More
Secure Software Blogwatch How to make C++ memory-safe? Chrome targets UAF bugs with garbage collection Richi Jennings The solution to use-after-free bugs is to *not* free memory. Google’s Chrome team is the latest group to jump on the... Read More
Secure Software Blogwatch Proposal: It’s time to regulate and license devs Richi Jennings Software engineers are engineers. So why don’t we regulate them—as we do other professions that build critical... Read More