<?xml version="1.0" encoding="UTF-8"?>
 <rdf:RDF xmlns="http://purl.org/rss/1.0/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cc="http://web.resource.org/cc/" xmlns:syn="http://purl.org/rss/1.0/modules/syndication/" xmlns:admin="http://webns.net/mvcb/">
  <channel rdf:about="http://pinboard.in">
    <title>Pinboard (rcrowley)</title>
    <link>https://pinboard.in/u:rcrowley/public/</link>
    <description>recent bookmarks from rcrowley</description>
    <items>
      <rdf:Seq>	<rdf:li rdf:resource="https://github.com/zizmorcore/zizmor"/>
	<rdf:li rdf:resource="https://medium.com/message/everything-is-broken-81e5f33a24e1"/>
	<rdf:li rdf:resource="https://words.filippo.io/crqc-timeline/"/>
	<rdf:li rdf:resource="https://workos.com/blog/oauth-2-1-vs-oauth-2-0"/>
	<rdf:li rdf:resource="https://delve.co/blog/delve-sets-the-record-straight-on-anonymous-attacks"/>
	<rdf:li rdf:resource="https://delve.co/blog/response-to-misleading-claims"/>
	<rdf:li rdf:resource="https://alexgaynor.net/2026/apr/13/why-didnt-it/"/>
	<rdf:li rdf:resource="https://blog.yossarian.net/2026/04/11/Brocards-for-vulnerability-triage"/>
	<rdf:li rdf:resource="https://red.anthropic.com/2026/mythos-preview/"/>
	<rdf:li rdf:resource="https://codewall.ai/blog/how-we-hacked-mckinseys-ai-platform"/>
	<rdf:li rdf:resource="https://grith.ai/blog/clinejection-when-your-ai-tool-installs-another"/>
	<rdf:li rdf:resource="https://hey.paris/posts/appleid/"/>
	<rdf:li rdf:resource="https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns"/>
	<rdf:li rdf:resource="https://www.hacktron.ai/blog/supapwn"/>
	<rdf:li rdf:resource="https://fil-c.org/"/>
	<rdf:li rdf:resource="https://www.whitenoise.chat/"/>
	<rdf:li rdf:resource="https://lasuite.numerique.gouv.fr/en"/>
	<rdf:li rdf:resource="https://www.thecvefoundation.org/"/>
	<rdf:li rdf:resource="https://xeiaso.net/shitposts/no-way-to-prevent-this/CVE-2025-0725/"/>
	<rdf:li rdf:resource="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-enable-root-access.html"/>
	<rdf:li rdf:resource="https://blog.cloudflare.com/speeding-up-linux-disk-encryption/"/>
	<rdf:li rdf:resource="https://www.reddit.com/r/linuxadmin/comments/m3gy8a/huge_performance_impact_of_dmcrypt_on_ssd_raid/"/>
	<rdf:li rdf:resource="https://shd.mit.edu/"/>
	<rdf:li rdf:resource="https://aembit.io/blog/why-i-came-out-of-pseudo-retirement-to-help-solve-the-non-human-identity-challenge-as-aembits-ciso/"/>
	<rdf:li rdf:resource="https://fly.io/blog/macaroons-escalated-quickly/"/>
	<rdf:li rdf:resource="https://words.filippo.io/dispatches/geomys/"/>
	<rdf:li rdf:resource="https://security.apple.com/blog/private-cloud-compute/"/>
	<rdf:li rdf:resource="https://kellyshortridge.com/blog/posts/shortridge-makes-sense-of-verizon-dbir-2024/"/>
	<rdf:li rdf:resource="https://www.tbray.org/ongoing/When/202x/2024/04/01/OSQI"/>
	<rdf:li rdf:resource="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068024"/>
	<rdf:li rdf:resource="https://github.com/amlweems/xzbot"/>
	<rdf:li rdf:resource="https://tracebit.com/blog/2024/02/finding-aws-account-id-of-any-s3-bucket/"/>
	<rdf:li rdf:resource="https://summitroute.com/blog/2018/06/20/managing_aws_root_passwords_and_mfa/?ck_subscriber_id=512833553"/>
	<rdf:li rdf:resource="https://github.com/maxgoedjen/secretive"/>
	<rdf:li rdf:resource="https://github.com/primeharbor/sensitive_iam_actions"/>
	<rdf:li rdf:resource="https://blog.symops.com/2022/05/06/least-privilege-policies-from-aws-logs/"/>
	<rdf:li rdf:resource="https://www.chrisfarris.com/post/sensitive_iam_actions/?ck_subscriber_id=512833553"/>
	<rdf:li rdf:resource="https://github.com/Netflix/weep"/>
	<rdf:li rdf:resource="https://github.com/Netflix/consoleme"/>
	<rdf:li rdf:resource="https://smallstep.com/blog/trusted-platform-modules-tpms/"/>
	<rdf:li rdf:resource="https://simonwillison.net/2023/Apr/14/worst-that-can-happen/"/>
	<rdf:li rdf:resource="https://grayduck.mn/2023/04/17/refresh-vs-long-lived-access-tokens/"/>
	<rdf:li rdf:resource="https://fishinabarrel.github.io/"/>
	<rdf:li rdf:resource="https://opal.dev/"/>
	<rdf:li rdf:resource="https://www.antimatter.io/"/>
	<rdf:li rdf:resource="https://mattfrisbie.substack.com/p/spy-chrome-extension"/>
	<rdf:li rdf:resource="https://superuser.com/questions/526920/how-to-remove-quarantine-from-file-permissions-in-os-x"/>
	<rdf:li rdf:resource="https://www.chainguard.dev/unchained/building-the-first-memory-safe-distro-wolfi"/>
	<rdf:li rdf:resource="https://arxiv.org/abs/2211.03622"/>
	<rdf:li rdf:resource="https://simonwillison.net/2022/Sep/12/prompt-injection/"/>
	<rdf:li rdf:resource="https://xeiaso.net/blog/openssl-alarm-fatigue"/>
	<rdf:li rdf:resource="https://www.postgresql.org/docs/current/ddl-rowsecurity.html"/>
	<rdf:li rdf:resource="https://satoricyber.com/postgres-security/postgres-row-level-security/"/>
	<rdf:li rdf:resource="https://www.vivokey.com/"/>
	<rdf:li rdf:resource="https://go.dev/security/vuln/"/>
	<rdf:li rdf:resource="https://media.defense.gov/2022/Sep/01/2003068942/-1/-1/0/ESF_SECURING_THE_SOFTWARE_SUPPLY_CHAIN_DEVELOPERS.PDF"/>
	<rdf:li rdf:resource="https://swagitda.com/blog/posts/securing-the-supply-chain-of-nothing/"/>
	<rdf:li rdf:resource="https://www.skyflow.com/"/>
	<rdf:li rdf:resource="https://zerotrustroadmap.org/"/>
	<rdf:li rdf:resource="https://pluralistic.net/2022/08/15/deere-in-headlights/#doh-a-deere"/>
	<rdf:li rdf:resource="https://slsa.dev/"/>
	<rdf:li rdf:resource="https://scrty.io/"/>
	<rdf:li rdf:resource="https://fly.io/blog/soc2-the-screenshots-will-continue-until-security-improves/"/>
	<rdf:li rdf:resource="https://soatok.blog/2022/06/14/when-soatok-used-bugcrowd/"/>
	<rdf:li rdf:resource="https://alestic.com/2014/09/aws-root-password/?ck_subscriber_id=512833553"/>
	<rdf:li rdf:resource="https://ermetic.com/"/>
	<rdf:li rdf:resource="https://www.ockam.io/"/>
	<rdf:li rdf:resource="https://mvsp.dev/"/>
	<rdf:li rdf:resource="https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/"/>
	<rdf:li rdf:resource="https://commonfate.io/"/>
      </rdf:Seq>
    </items>
  </channel><item rdf:about="https://github.com/zizmorcore/zizmor">
    <title>GitHub - zizmorcore/zizmor: Static analysis for GitHub Actions · GitHub</title>
    <dc:date>2026-06-01T21:07:08+00:00</dc:date>
    <link>https://github.com/zizmorcore/zizmor</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>zizmor github githubactions security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:ffba00af92cf/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:zizmor"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:github"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:githubactions"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://medium.com/message/everything-is-broken-81e5f33a24e1">
    <title>Everything Is Broken. Once upon a time, a friend of mine… | by Quinn Norton | The Message | Medium</title>
    <dc:date>2026-05-04T22:33:26+00:00</dc:date>
    <link>https://medium.com/message/everything-is-broken-81e5f33a24e1</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>computing security privacy</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:c25db0dd724c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:computing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:privacy"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://words.filippo.io/crqc-timeline/">
    <title>A Cryptography Engineer’s Perspective on Quantum Computing Timelines</title>
    <dc:date>2026-04-26T19:24:19+00:00</dc:date>
    <link>https://words.filippo.io/crqc-timeline/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Rude awakening.]]></description>
<dc:subject>crypto postquantum quantum security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:4843480564be/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:postquantum"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:quantum"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://workos.com/blog/oauth-2-1-vs-oauth-2-0">
    <title>OAuth 2.0 vs OAuth 2.1: What changed, why it matters, and how to upgrade — WorkOS</title>
    <dc:date>2026-04-26T16:55:59+00:00</dc:date>
    <link>https://workos.com/blog/oauth-2-1-vs-oauth-2-0</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>oauth security auth authentication authorization</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:11be1c61cab2/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:oauth"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:auth"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:authentication"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:authorization"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://delve.co/blog/delve-sets-the-record-straight-on-anonymous-attacks">
    <title>Delve sets the record straight on anonymous attacks | Delve</title>
    <dc:date>2026-04-24T03:18:44+00:00</dc:date>
    <link>https://delve.co/blog/delve-sets-the-record-straight-on-anonymous-attacks</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[How dare they expose our obvious crimes?]]></description>
<dc:subject>delve compliance soc2 iso27001 security fraud</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:3059277263a6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:delve"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:compliance"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:soc2"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:iso27001"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:fraud"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://delve.co/blog/response-to-misleading-claims">
    <title>Response to Misleading Claims | Delve</title>
    <dc:date>2026-04-24T03:13:37+00:00</dc:date>
    <link>https://delve.co/blog/response-to-misleading-claims</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Extra-weak sauce.]]></description>
<dc:subject>delve compliance soc2 iso27001 security fraud</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:a09e6fbcc4ca/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:delve"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:compliance"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:soc2"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:iso27001"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:fraud"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://alexgaynor.net/2026/apr/13/why-didnt-it/">
    <title>If it could have, why didn't it? · Alex Gaynor</title>
    <dc:date>2026-04-22T15:00:49+00:00</dc:date>
    <link>https://alexgaynor.net/2026/apr/13/why-didnt-it/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Basically “put up or shut up.”]]></description>
<dc:subject>vulnerability staticanalysis security alexgaynor</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:cd897835d13f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:vulnerability"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:staticanalysis"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:alexgaynor"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://blog.yossarian.net/2026/04/11/Brocards-for-vulnerability-triage">
    <title>Brocards for vulnerability triage</title>
    <dc:date>2026-04-14T12:27:08+00:00</dc:date>
    <link>https://blog.yossarian.net/2026/04/11/Brocards-for-vulnerability-triage</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>security vulnerability</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:6757a755b70e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:vulnerability"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://red.anthropic.com/2026/mythos-preview/">
    <title>Claude Mythos Preview red.anthropic.com</title>
    <dc:date>2026-04-10T22:27:47+00:00</dc:date>
    <link>https://red.anthropic.com/2026/mythos-preview/</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>anthropic claude mythos ai ml llm vulnerability zeroday security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:75778ad9983e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:anthropic"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:claude"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:mythos"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ai"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ml"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:llm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:vulnerability"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:zeroday"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://codewall.ai/blog/how-we-hacked-mckinseys-ai-platform">
    <title>How We Hacked McKinsey's AI Platform — CodeWall.ai</title>
    <dc:date>2026-03-12T04:06:20+00:00</dc:date>
    <link>https://codewall.ai/blog/how-we-hacked-mckinseys-ai-platform</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[This is wild.

This is especially interesting: "Organisations have spent decades securing their code, their servers, and their supply chains. But the prompt layer — the instructions that govern how AI systems behave — is the new high-value target, and almost nobody is treating it as one. Prompts are stored in databases, passed through APIs, cached in config files. They rarely have access controls, version history, or integrity monitoring. Yet they control the output that employees trust, that clients receive, and that decisions are built on."]]></description>
<dc:subject>mckinsey security ai</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:e78a9c2b91d8/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:mckinsey"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ai"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://grith.ai/blog/clinejection-when-your-ai-tool-installs-another">
    <title>A GitHub Issue Title Compromised 4,000 Developer Machines | grith</title>
    <dc:date>2026-03-06T04:34:52+00:00</dc:date>
    <link>https://grith.ai/blog/clinejection-when-your-ai-tool-installs-another</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[It's a good time to be a security researcher.]]></description>
<dc:subject>security github githubactions ai llm agent npm cline openclaw</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:7d9a555ac208/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:github"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:githubactions"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ai"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:llm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:agent"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:npm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:cline"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openclaw"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://hey.paris/posts/appleid/">
    <title>20 Years of Digital Life, Gone in an Instant, thanks to Apple | hey.paris</title>
    <dc:date>2025-12-14T16:05:08+00:00</dc:date>
    <link>https://hey.paris/posts/appleid/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Reminds me of the “how to own me” security intro to one of my old talks. terrifying to be so thoroughly at one company’s mercy.]]></description>
<dc:subject>apple icloud security identity fraud</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:16abc4e129c1/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:apple"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:icloud"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:identity"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:fraud"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns">
    <title>We should all be using dependency cooldowns</title>
    <dc:date>2025-11-29T22:18:02+00:00</dc:date>
    <link>https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Go-style explicit upgrades help, too, but even there a cooldown on `go get -u ./…` would harden things still further.]]></description>
<dc:subject>deps supplychain security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:391549946d20/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:deps"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:supplychain"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.hacktron.ai/blog/supapwn">
    <title>SupaPwn: Hacking Our Way into Lovable's Office and Helping Secure Supabase | Hacktron AI</title>
    <dc:date>2025-11-19T01:16:11+00:00</dc:date>
    <link>https://www.hacktron.ai/blog/supapwn</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Postgres superuser trickery seems like an area ripe for bug bounties.]]></description>
<dc:subject>supabase postgres security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:efbaade71555/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:supabase"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:postgres"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://fil-c.org/">
    <title>Fil-C</title>
    <dc:date>2025-11-15T17:37:14+00:00</dc:date>
    <link>https://fil-c.org/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[This seems too good to be true. Also I wonder what stops it compiling the Linux kernel in addition to the userland.]]></description>
<dc:subject>c c++ fil-c memory safety security compiler</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:066d6e890453/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:c"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:c++"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:fil-c"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:memory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:safety"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:compiler"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.whitenoise.chat/">
    <title>White Noise</title>
    <dc:date>2025-09-23T17:31:29+00:00</dc:date>
    <link>https://www.whitenoise.chat/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Unclear why this would be preferred to Signal. Seems to have some very serious Bitcoin undertones. Neither of the organizations it claims support it have anything about it on their own websites.]]></description>
<dc:subject>whitenoise nostr security privacy chat bitcoin</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:8c87a9df71c7/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:whitenoise"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:nostr"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:chat"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:bitcoin"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://lasuite.numerique.gouv.fr/en">
    <title>La Suite numérique</title>
    <dc:date>2025-04-24T16:26:12+00:00</dc:date>
    <link>https://lasuite.numerique.gouv.fr/en</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Big fuck-you to Google and Microsoft and I love it.]]></description>
<dc:subject>productivity wordprocessing googledocs google microsoft antitrust security privacy france</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:b5910f09a493/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:productivity"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:wordprocessing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:googledocs"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:google"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:microsoft"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:antitrust"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:france"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.thecvefoundation.org/">
    <title>CVE Foundation</title>
    <dc:date>2025-04-16T15:46:17+00:00</dc:date>
    <link>https://www.thecvefoundation.org/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[The US government sucks ass.]]></description>
<dc:subject>cve security mitre vulnerability</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:a7ab2d58294d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:cve"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:mitre"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:vulnerability"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://xeiaso.net/shitposts/no-way-to-prevent-this/CVE-2025-0725/">
    <title>&quot;No way to prevent this&quot; say users of only language where this regularly happens - Xe Iaso</title>
    <dc:date>2025-03-26T17:15:38+00:00</dc:date>
    <link>https://xeiaso.net/shitposts/no-way-to-prevent-this/CVE-2025-0725/</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>c memory safety security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:f310aae95270/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:c"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:memory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:safety"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-enable-root-access.html">
    <title>Centralize root access for member accounts - AWS Identity and Access Management</title>
    <dc:date>2024-11-25T15:14:49+00:00</dc:date>
    <link>https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-enable-root-access.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Where was this seven years ago?]]></description>
<dc:subject>aws organizations iam sts security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:3922e921a3c0/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aws"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:organizations"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:iam"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:sts"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://blog.cloudflare.com/speeding-up-linux-disk-encryption/">
    <title>Speeding up Linux disk encryption</title>
    <dc:date>2024-11-13T07:45:58+00:00</dc:date>
    <link>https://blog.cloudflare.com/speeding-up-linux-disk-encryption/</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>linux dmcrypt luks crypto security perf cloudflare</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:88c473025f20/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:dmcrypt"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:luks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:perf"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:cloudflare"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.reddit.com/r/linuxadmin/comments/m3gy8a/huge_performance_impact_of_dmcrypt_on_ssd_raid/">
    <title>Huge performance impact of dm-crypt on SSD RAID : r/linuxadmin</title>
    <dc:date>2024-11-13T07:45:42+00:00</dc:date>
    <link>https://www.reddit.com/r/linuxadmin/comments/m3gy8a/huge_performance_impact_of_dmcrypt_on_ssd_raid/</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>linux dmcrypt luks crypto security perf</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:a4a8af7f2aaa/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:dmcrypt"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:luks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:perf"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://shd.mit.edu/">
    <title>Home | MIT Secure Hardware Design</title>
    <dc:date>2024-11-11T15:42:21+00:00</dc:date>
    <link>https://shd.mit.edu/</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>mit hardware security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:5ad4682f4f3d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:mit"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:hardware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://aembit.io/blog/why-i-came-out-of-pseudo-retirement-to-help-solve-the-non-human-identity-challenge-as-aembits-ciso/">
    <title>Why I Came Out of (Pseudo) Retirement to Help Solve the Non-Human Identity Challenge as Aembit's CISO Why I Came Out of (Pseudo) Retirement to Help Solve the Non-Human Identity Challenge</title>
    <dc:date>2024-10-16T06:18:39+00:00</dc:date>
    <link>https://aembit.io/blog/why-i-came-out-of-pseudo-retirement-to-help-solve-the-non-human-identity-challenge-as-aembits-ciso/</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>security identity iam marioduarte</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:176c38f7e773/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:identity"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:iam"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:marioduarte"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://fly.io/blog/macaroons-escalated-quickly/">
    <title>Macaroons Escalated Quickly · The Fly Blog</title>
    <dc:date>2024-08-16T23:45:02+00:00</dc:date>
    <link>https://fly.io/blog/macaroons-escalated-quickly/</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>macaroons flyio security crypto</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:2d1a6c02abe7/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:macaroons"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:flyio"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://words.filippo.io/dispatches/geomys/">
    <title>GEOMYS, A BLUEPRINT FOR A SUSTAINABLE OPEN SOURCE MAINTENANCE FIRM</title>
    <dc:date>2024-07-09T04:23:15+00:00</dc:date>
    <link>https://words.filippo.io/dispatches/geomys/</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>opensource geomys golang security crypto</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:a60e903d8c16/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:opensource"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:geomys"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:golang"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://security.apple.com/blog/private-cloud-compute/">
    <title>Blog - Private Cloud Compute: A new frontier for AI privacy in the cloud - Apple Security Research</title>
    <dc:date>2024-06-11T03:41:51+00:00</dc:date>
    <link>https://security.apple.com/blog/private-cloud-compute/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[In general it seems like they’ve raised the price of an attack a lot.

Here’s the hand-wave:
“””
The PCC client on the user’s device then encrypts this request directly to the public keys of the PCC nodes that it has first confirmed are valid and cryptographically certified. This provides end-to-end encryption from the user’s device to the validated PCC nodes, ensuring the request cannot be accessed in transit by anything outside those highly protected PCC nodes.
“””
This sounds a lot like where SGX breaks down. I think it’s decently compensated by a lot of their other work but I do still think it’s possible for production nodes to run software other than their published images and then lie about it.

How much do you trust code-reviewed log_error to not log sensitive shit, oof?
“””
Instead, only pre-specified, structured, and audited logs and metrics can leave the node, and multiple independent layers of review help prevent user data from accidentally being exposed through these mechanisms.
“””

“Target diffusion” is a cute name for random load balancing.]]></description>
<dc:subject>apple encryption ai ml sgx pcc security privacy</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:1f56931d3581/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:apple"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:encryption"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ai"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ml"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:sgx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pcc"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:privacy"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://kellyshortridge.com/blog/posts/shortridge-makes-sense-of-verizon-dbir-2024/">
    <title>Shortridge Makes Sense of the 2024 Verizon DBIR | Sensemaking by Shortridge</title>
    <dc:date>2024-05-02T05:25:20+00:00</dc:date>
    <link>https://kellyshortridge.com/blog/posts/shortridge-makes-sense-of-verizon-dbir-2024/</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>verizon dbir security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:efb6dc557773/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:verizon"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:dbir"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.tbray.org/ongoing/When/202x/2024/04/01/OSQI">
    <title>ongoing by Tim Bray · OSQI</title>
    <dc:date>2024-04-22T04:58:59+00:00</dc:date>
    <link>https://www.tbray.org/ongoing/When/202x/2024/04/01/OSQI</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[I'd work here.]]></description>
<dc:subject>osqi timbray software supplychain safety security quality qa opensource infrastructure</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:ba7219da3b4e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:osqi"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:timbray"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:software"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:supplychain"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:safety"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:quality"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:qa"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:opensource"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:infrastructure"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068024">
    <title>#1068024 - revert to version that does not contain changes by bad actor - Debian Bug report logs</title>
    <dc:date>2024-04-02T03:35:33+00:00</dc:date>
    <link>https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068024</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Maintainer life looks really challenging.]]></description>
<dc:subject>xz linux debian security packaging versioning</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:810c75fc6635/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:xz"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:debian"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:packaging"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:versioning"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/amlweems/xzbot">
    <title>amlweems/xzbot: notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)</title>
    <dc:date>2024-04-02T03:25:33+00:00</dc:date>
    <link>https://github.com/amlweems/xzbot</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>xz linux security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:4f2abaadcfd8/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:xz"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://tracebit.com/blog/2024/02/finding-aws-account-id-of-any-s3-bucket/">
    <title>How to find the AWS Account ID of any S3 Bucket</title>
    <dc:date>2024-02-28T20:44:27+00:00</dc:date>
    <link>https://tracebit.com/blog/2024/02/finding-aws-account-id-of-any-s3-bucket/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[We did something like this with IPv4 addresses in DNS responses to get folks’ DNS client IP address in a browser at OpenDNS.]]></description>
<dc:subject>aws cloudtrail iam s3 security sidechannel</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:af5cdd37e711/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aws"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:cloudtrail"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:iam"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:s3"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:sidechannel"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://summitroute.com/blog/2018/06/20/managing_aws_root_passwords_and_mfa/?ck_subscriber_id=512833553">
    <title>Summit Route - Managing AWS root passwords and MFA</title>
    <dc:date>2023-11-24T22:40:03+00:00</dc:date>
    <link>https://summitroute.com/blog/2018/06/20/managing_aws_root_passwords_and_mfa/?ck_subscriber_id=512833553</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[No amount of tinfoil is enough for this hat!]]></description>
<dc:subject>aws security 2fa totp</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:355b5a821b08/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aws"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:2fa"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:totp"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/maxgoedjen/secretive">
    <title>maxgoedjen/secretive: Store SSH keys in the Secure Enclave</title>
    <dc:date>2023-11-15T22:54:11+00:00</dc:date>
    <link>https://github.com/maxgoedjen/secretive</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>ssh tpm hsm security mac macos</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:f9354a8c582e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssh"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tpm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:hsm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:macos"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/primeharbor/sensitive_iam_actions">
    <title>GitHub - primeharbor/sensitive_iam_actions: Crowdsourced list of sensitive IAM Actions</title>
    <dc:date>2023-09-27T19:37:09+00:00</dc:date>
    <link>https://github.com/primeharbor/sensitive_iam_actions</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Possible successor to my modifications to ReadOnlyAccess?]]></description>
<dc:subject>aws iam security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:3bf08ac9be7a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aws"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:iam"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://blog.symops.com/2022/05/06/least-privilege-policies-from-aws-logs/">
    <title>Tools That Use AWS Logs to Help with Least Privilege</title>
    <dc:date>2023-09-27T01:17:33+00:00</dc:date>
    <link>https://blog.symops.com/2022/05/06/least-privilege-policies-from-aws-logs/</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>aws iam leastprivilege security policy</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:e23dae0504c4/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aws"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:iam"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:leastprivilege"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:policy"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.chrisfarris.com/post/sensitive_iam_actions/?ck_subscriber_id=512833553">
    <title>Defining the Sensitive IAM Actions - Chris Farris</title>
    <dc:date>2023-09-03T20:55:21+00:00</dc:date>
    <link>https://www.chrisfarris.com/post/sensitive_iam_actions/?ck_subscriber_id=512833553</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[I like my solution here, honestly.]]></description>
<dc:subject>aws security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:c1c5fe3a7dfc/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aws"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/Netflix/weep">
    <title>GitHub - Netflix/weep: The ConsoleMe CLI utility</title>
    <dc:date>2023-07-07T21:35:42+00:00</dc:date>
    <link>https://github.com/Netflix/weep</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[The other half of a bit of Netflix’s version of a bit of Substrate.]]></description>
<dc:subject>netflix aws iam security aaa</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:507ec969e698/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:netflix"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aws"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:iam"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aaa"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/Netflix/consoleme">
    <title>GitHub - Netflix/consoleme: A Central Control Plane for AWS Permissions and Access</title>
    <dc:date>2023-07-07T21:34:58+00:00</dc:date>
    <link>https://github.com/Netflix/consoleme</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Netflix’s version of a bit of Substrate.]]></description>
<dc:subject>netflix aws iam security aaa</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:b04a51d914b7/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:netflix"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aws"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:iam"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aaa"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://smallstep.com/blog/trusted-platform-modules-tpms/">
    <title>All About TPMs</title>
    <dc:date>2023-05-23T22:37:06+00:00</dc:date>
    <link>https://smallstep.com/blog/trusted-platform-modules-tpms/</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>smallstep tpm crypto security secureboot linux pkcs11</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:af3781b72bdd/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:smallstep"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tpm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:secureboot"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pkcs11"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://simonwillison.net/2023/Apr/14/worst-that-can-happen/">
    <title>Prompt injection: What’s the worst that can happen?</title>
    <dc:date>2023-05-03T16:42:47+00:00</dc:date>
    <link>https://simonwillison.net/2023/Apr/14/worst-that-can-happen/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[It’s like we learned nothing from SQL injection.]]></description>
<dc:subject>ai ml llm openai chatgpt gpt3 gpt4 simonw promptinjection security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:c61467bdfb59/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ai"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ml"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:llm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openai"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:chatgpt"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:gpt3"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:gpt4"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:simonw"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:promptinjection"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://grayduck.mn/2023/04/17/refresh-vs-long-lived-access-tokens/">
    <title>April King — Refresh vs. Long-lived Access Tokens</title>
    <dc:date>2023-04-19T18:37:04+00:00</dc:date>
    <link>https://grayduck.mn/2023/04/17/refresh-vs-long-lived-access-tokens/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[This didn’t honestly convince me of much.]]></description>
<dc:subject>oauth oauth2 oauthoidc security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:9a7df60be43d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:oauth"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:oauth2"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:oauthoidc"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://fishinabarrel.github.io/">
    <title>Fish in a Barrel</title>
    <dc:date>2023-04-15T14:52:32+00:00</dc:date>
    <link>https://fishinabarrel.github.io/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[lol]]></description>
<dc:subject>memory c++ c memorysafety security fuzzing cve alexgaynor</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:b29781997c2d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:memory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:c++"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:c"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:memorysafety"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:fuzzing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:cve"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:alexgaynor"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://opal.dev/">
    <title>Opal | Access Management Platform | Scalable Least Privilege</title>
    <dc:date>2023-03-26T17:18:54+00:00</dc:date>
    <link>https://opal.dev/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[A bit like Indent but selling more on audit and compliance.]]></description>
<dc:subject>acl authorization aaa opal security approval workflow indent</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:0f09d0b35b28/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:acl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:authorization"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aaa"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:opal"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:approval"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:workflow"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:indent"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.antimatter.io/">
    <title>Antimatter provably secures customer data in B2B SaaS</title>
    <dc:date>2023-03-09T06:47:03+00:00</dc:date>
    <link>https://www.antimatter.io/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Another EKM-like thing as a service.]]></description>
<dc:subject>antimatter ekm security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:68d9b51cb97f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:antimatter"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ekm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://mattfrisbie.substack.com/p/spy-chrome-extension">
    <title>Let's build a Chrome extension that steals everything</title>
    <dc:date>2023-02-23T01:55:06+00:00</dc:date>
    <link>https://mattfrisbie.substack.com/p/spy-chrome-extension</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[When’s the next trip through the browsers-got-too-bloated-let’s-reset loop?]]></description>
<dc:subject>chrome extension security exfiltration</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:ead4053f2af1/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:chrome"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:extension"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:exfiltration"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://superuser.com/questions/526920/how-to-remove-quarantine-from-file-permissions-in-os-x">
    <title>macos - How to remove Quarantine from file permissions in OS X - Super User</title>
    <dc:date>2023-02-09T19:24:54+00:00</dc:date>
    <link>https://superuser.com/questions/526920/how-to-remove-quarantine-from-file-permissions-in-os-x</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[`xattr -d com.apple.quarantine filename` is how to make it shut up.]]></description>
<dc:subject>macos mac xattr security quarantine apple safari</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:3935f67c2fd9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:macos"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:xattr"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:quarantine"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:apple"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:safari"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.chainguard.dev/unchained/building-the-first-memory-safe-distro-wolfi">
    <title>Building the first memory safe distro</title>
    <dc:date>2023-02-06T05:31:22+00:00</dc:date>
    <link>https://www.chainguard.dev/unchained/building-the-first-memory-safe-distro-wolfi</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[I have a lot of questions but this is certainly an exciting-sounding thing.]]></description>
<dc:subject>chainguard wolfi linux rust rustls tls curl memory safety security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:0a0bda4dd695/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:chainguard"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:wolfi"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:rust"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:rustls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:curl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:memory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:safety"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://arxiv.org/abs/2211.03622">
    <title>[2211.03622] Do Users Write More Insecure Code with AI Assistants?</title>
    <dc:date>2023-01-20T18:22:14+00:00</dc:date>
    <link>https://arxiv.org/abs/2211.03622</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[AI coding assistants make programmers confidently wrong just like ChatGPT is often confidently wrong.
]]></description>
<dc:subject>ai openai codex stanford danboneh security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:aab29a522787/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ai"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openai"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:codex"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:stanford"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:danboneh"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://simonwillison.net/2022/Sep/12/prompt-injection/">
    <title>Prompt injection attacks against GPT-3</title>
    <dc:date>2022-12-06T21:30:39+00:00</dc:date>
    <link>https://simonwillison.net/2022/Sep/12/prompt-injection/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[What's the Postel's Law for AI?]]></description>
<dc:subject>ai gpt gpt3 chatcpt promptinjection security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:6e26186181a9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ai"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:gpt"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:gpt3"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:chatcpt"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:promptinjection"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://xeiaso.net/blog/openssl-alarm-fatigue">
    <title>OpenSSL gave everyone alarm fatigue - Xe</title>
    <dc:date>2022-11-02T03:39:20+00:00</dc:date>
    <link>https://xeiaso.net/blog/openssl-alarm-fatigue</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Alarm fatigue, indeed.]]></description>
<dc:subject>openssl security vulnerability incidentresponse</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:23e421fc49e2/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:vulnerability"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:incidentresponse"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.postgresql.org/docs/current/ddl-rowsecurity.html">
    <title>PostgreSQL: Documentation: 14: 5.8. Row Security Policies</title>
    <dc:date>2022-10-04T06:22:14+00:00</dc:date>
    <link>https://www.postgresql.org/docs/current/ddl-rowsecurity.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Seems like it would take a whole heap of work to make row-level security meaningful in the context of a webapp.]]></description>
<dc:subject>postgres sql security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:870d5b000a74/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:postgres"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:sql"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://satoricyber.com/postgres-security/postgres-row-level-security/">
    <title>PostgreSQL Row Level Security (RLS): Basics and Examples</title>
    <dc:date>2022-10-04T06:21:08+00:00</dc:date>
    <link>https://satoricyber.com/postgres-security/postgres-row-level-security/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[I'm left with more questions than answers but it sure would be cool to be able to extend identity from a browser all the way down into a database.]]></description>
<dc:subject>postgres security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:aefcf784e297/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:postgres"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.vivokey.com/">
    <title>VivoKey Cryptobionic Identity</title>
    <dc:date>2022-09-20T16:53:57+00:00</dc:date>
    <link>https://www.vivokey.com/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[No, thank you.]]></description>
<dc:subject>biometric implant 2fa security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:029549b91a64/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:biometric"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:implant"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:2fa"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://go.dev/security/vuln/">
    <title>Go Vulnerability Management - The Go Programming Language</title>
    <dc:date>2022-09-20T03:44:22+00:00</dc:date>
    <link>https://go.dev/security/vuln/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Like CVE but Go-only and very tightly integrated into the Go toolchain.]]></description>
<dc:subject>golang security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:df4d80b1b238/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:golang"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://media.defense.gov/2022/Sep/01/2003068942/-1/-1/0/ESF_SECURING_THE_SOFTWARE_SUPPLY_CHAIN_DEVELOPERS.PDF">
    <title>Securing the Software Supply Chain: Recommended Practices Guide for Developers - ESF_SECURING_THE_SOFTWARE_SUPPLY_CHAIN_DEVELOPERS.PDF</title>
    <dc:date>2022-09-17T04:20:35+00:00</dc:date>
    <link>https://media.defense.gov/2022/Sep/01/2003068942/-1/-1/0/ESF_SECURING_THE_SOFTWARE_SUPPLY_CHAIN_DEVELOPERS.PDF</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Awful advice from the US Government.]]></description>
<dc:subject>security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:74af02fe85ed/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://swagitda.com/blog/posts/securing-the-supply-chain-of-nothing/">
    <title>Securing the Supply Chain of Nothing | Kelly Shortridge</title>
    <dc:date>2022-09-17T04:09:36+00:00</dc:date>
    <link>https://swagitda.com/blog/posts/securing-the-supply-chain-of-nothing/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Go ahead and don't read the US Government's recommendations on software supply chain security.]]></description>
<dc:subject>security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:6f0fd3e49afe/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.skyflow.com/">
    <title>Skyflow - What if privacy had an API?</title>
    <dc:date>2022-08-19T12:48:33+00:00</dc:date>
    <link>https://www.skyflow.com/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Another data vault variant of EKM-as-a-service.]]></description>
<dc:subject>ekm skyflow security privacy</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:6358dc7a9c86/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ekm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:skyflow"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:privacy"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://zerotrustroadmap.org/">
    <title>A Roadmap to Zero Trust Architecture</title>
    <dc:date>2022-08-19T04:13:58+00:00</dc:date>
    <link>https://zerotrustroadmap.org/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[I still hate the term “zero trust.”]]></description>
<dc:subject>architecture security zerotrust cloudflare</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:aaf099af0c22/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:architecture"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:zerotrust"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:cloudflare"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://pluralistic.net/2022/08/15/deere-in-headlights/#doh-a-deere">
    <title>Pluralistic: 15 Aug 2022 – Pluralistic: Daily links from Cory Doctorow</title>
    <dc:date>2022-08-15T20:01:02+00:00</dc:date>
    <link>https://pluralistic.net/2022/08/15/deere-in-headlights/#doh-a-deere</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[That’s one brand of tractor to avoid.]]></description>
<dc:subject>johndeere security defcon fvsr</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:9801fd685bcb/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:johndeere"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:defcon"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:fvsr"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://slsa.dev/">
    <title>SLSA • Supply-chain Levels for Software Artifacts</title>
    <dc:date>2022-08-09T15:21:55+00:00</dc:date>
    <link>https://slsa.dev/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Like codesigning but…more?]]></description>
<dc:subject>slsa security supplychain chainguard</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:5ad5ab30f9f0/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:slsa"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:supplychain"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:chainguard"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://scrty.io/">
    <title>Starting Up Security</title>
    <dc:date>2022-08-06T19:16:47+00:00</dc:date>
    <link>https://scrty.io/</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:2f7b51d57dad/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://fly.io/blog/soc2-the-screenshots-will-continue-until-security-improves/">
    <title>SOC2: The Screenshots Will Continue Until Security Improves · Fly</title>
    <dc:date>2022-07-13T13:53:33+00:00</dc:date>
    <link>https://fly.io/blog/soc2-the-screenshots-will-continue-until-security-improves/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Rhymes with a lot of what I tell people in the workshop.]]></description>
<dc:subject>soc2 compliance fly security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:d185aeec5844/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:soc2"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:compliance"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:fly"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://soatok.blog/2022/06/14/when-soatok-used-bugcrowd/">
    <title>When Soatok Used Bugcrowd - Dhole Moments</title>
    <dc:date>2022-06-16T08:16:27+00:00</dc:date>
    <link>https://soatok.blog/2022/06/14/when-soatok-used-bugcrowd/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[This is a bad look for Bugcrowd.]]></description>
<dc:subject>bugcrowd bugbounty security crypto</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:9a0d2e4b1c88/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:bugcrowd"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:bugbounty"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://alestic.com/2014/09/aws-root-password/?ck_subscriber_id=512833553">
    <title>Throw Away The Password To Your AWS Account - Alestic.com</title>
    <dc:date>2022-05-18T22:21:20+00:00</dc:date>
    <link>https://alestic.com/2014/09/aws-root-password/?ck_subscriber_id=512833553</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Not entirely insane but seems a bit of an overreaction.]]></description>
<dc:subject>aws password security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:a67ef424b23c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aws"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:password"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://ermetic.com/">
    <title>Secure Your Cloud. Identity First. - Ermetic</title>
    <dc:date>2022-05-13T03:41:42+00:00</dc:date>
    <link>https://ermetic.com/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[TIL what CIEM is. Shrug.]]></description>
<dc:subject>ermetic aws gcp azure iam security ciem</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:e8611cf1f5f6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ermetic"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aws"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:gcp"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:azure"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:iam"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ciem"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.ockam.io/">
    <title>Ockam | Homepage</title>
    <dc:date>2022-05-02T04:50:45+00:00</dc:date>
    <link>https://www.ockam.io/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Sounds like Nebula and Smallstep muddled together.]]></description>
<dc:subject>ockam smallstep nebula security identity</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:4d36f1b4479e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ockam"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:smallstep"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:nebula"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:identity"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://mvsp.dev/">
    <title>Minimum Viable Secure Product</title>
    <dc:date>2022-04-28T04:31:01+00:00</dc:date>
    <link>https://mvsp.dev/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Gonna have to start recommending this over CAIQ, perhaps, since Slack helped make it.]]></description>
<dc:subject>security questionnaire infosec compliance risk mvsp caiq</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:a2f3332969e4/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:questionnaire"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:compliance"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:risk"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:mvsp"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:caiq"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/">
    <title>CVE-2022-21449: Psychic Signatures in Java – Neil Madden</title>
    <dc:date>2022-04-20T02:00:20+00:00</dc:date>
    <link>https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[This is a tremendous bug. For context, Java 15 was released Seotember 15, 2020.]]></description>
<dc:subject>java jvm crypto security ecdsa</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:d2a1a45217b5/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:java"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:jvm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ecdsa"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://commonfate.io/">
    <title>Common Fate</title>
    <dc:date>2022-04-20T00:41:11+00:00</dc:date>
    <link>https://commonfate.io/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[A lot to like here.]]></description>
<dc:subject>commonfate aws iam security ciem</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:0d41747c7e91/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:commonfate"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aws"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:iam"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ciem"/>
</rdf:Bag></taxo:topics>
</item>
</rdf:RDF>