-
I think we should switch from Common Vulnerability Scoring System (CVSS) version 2.0 to version 3.0 in the criteria. Any objections?
We don’t need to do this quickly, but I’d like it to be in the …
-
Longterm user of your great addon (webext) on firefox and recently I found myself looking back on the css vulnerabilities you've detailed on your site for about 2 years. I'm also a ublock origin user …
-
Tracing it appears that it is failing to find `/etc/ld-musl-x86_64.path`?
```
12960 execve("/bin/lvm", ["lvm"], 0x7fbc459a2760 /* 28 vars */) = 0
12960 arch_prctl(ARCH_SET_FS, 0x7fa55302bd88) = 0…
-
For people who like 折腾
Note only \"ssl_stapling_file\" with single cert is supported. Use it as your own risk.
```patch
From 4be7f3188f18c64ef3de6cc35331220195de2b94 Mon Sep 17 00:00:00 2001
Fro…
-
I got this warning about failed s2s with jabber.org:
```
Establishing a secure connection from mdosch.de to jabber.org failed. Certificate hash: a360db6f6d8fec07e09ab62c0b6e4026669e25208dbcafb14f5…
-
## Description
@Hainish had an interesting suggestion: to ship the SecureDrop directory in Tor Browser directly via a HTTPS everywhere [SecureDrop ruleset channel](https://www.eff.org/deeplinks/201…
-
**URL**: https://mychart.ucsd.edu/UCSD/Billing/PrevBalPayment/ShowPaymentResults?id=Kbq2seNCoZJ8VzTJOjKA7H3Wn9DCEnA5%2b21%2bMTg327Ya1oWxaCh0pzEshFG2QFfm
**Browser / Version**: Firefox 68.0
**Oper…
-
It would be cool if you could opt to use LibreSSL, BoringSSL, or (and probably the most interesting from security standpoint) [rustls](https://github.com/ctz/rustls) / [mesalink](https://github.com/me…
-
The JavaDocs for `CertificatePinner` recommends creating pins for every certificate in the chain, as reported by the "Peer certificate chain" output in LogCat when a pin fails. So, at the moment, the …
-
See #202... what attacks do we see in the post snowden landscape, what can we do to protect the citizen against them?
Starting off with a bit of a brainstorm, random thoughts in no particular order:
…