Tweetovi

	Artur Janc proslijedio/la je tweet
	majek04 @majek04	31. sij
	S2 Systems joined Cloudflare: blog.cloudflare.com/cloudflare-and… Cloudflare is now hiring web browser experts! cloudflare.com/careers/depart… If you are an engineer in Seattle, and want to get your hands dirty with Chromium, WebAssembly, Typescript, Docker and Terraform - consider applying!
	Prikaz sažetka ·

	Artur Janc proslijedio/la je tweet
	Dimitrios Vytiniotis @dvytin	30. sij
	Our team at @DeepMind is hiring engineers and researchers in PL, compilers, systems etc. Come work with us on challenging problems and help shape the next generation of AI infrastructure! deepmind.com/careers/jobs/1… deepmind.com/careers/jobs/4…
	Prikaži podatke ·

	Artur Janc proslijedio/la je tweet
	Google Vulnerability Reward Program (VRP) @GoogleVRP	30. sij
	2019 has been a record-breaking year on lots of fronts - thanks to you all! Keep up your awesome discoveries. security.googleblog.com/2020/01/vulner…
	Prikaz sažetka ·

	Artur Janc @arturjanc	30. sij
	Odgovor korisniku/ci @terjanq @Google i 2 ostali We're lucky to have you, and look forward to pwning All The Things with XS-leaks together! (also to fixing some things, because that makes future pwning more fun)
	Prikaz razgovora ·

	Artur Janc proslijedio/la je tweet
	terjanq @terjanq	30. sij
	What a year! 2019 was the year of my growth and success. 2121 of you clicked the follow button on my avatar🤪unbelievable. No words can describe the feeling of becoming an inspiration to you guys! As for a small update, In march I'm joining @Google infosec😁 #MyTwitterAnniversary pic.twitter.com/fKVE3Pj4jZ
	Prikaz fotografije ·

	Artur Janc proslijedio/la je tweet
	Andrew R. Whalley @arw	29. sij
	Read about all the great things the @googleChrome Security team has been up to recently! dev.chromium.org/Home/chromium-…
	Prikaži podatke ·

	Artur Janc proslijedio/la je tweet
	Stephen Shankland @stshank	28. sij
	Improving @googlechrome privacy too fast could break the web by scaring advertisers away, Chrome leader @justinschuh says. But Mozilla's @TanviHacks disagrees. A discussion from #enigma2020 privacy & security conference. cnet.co/2TZSjxz
	Prikaz sažetka ·

	Artur Janc proslijedio/la je tweet
	Ricky Mondello @rmondello	29. sij
	We’ve published an explainer about an idea to harden SMS-delivered one-time passwords by allowing senders to associate the codes with a website. We’ve been talking about the idea with some folks at Google, and would like more feedback. github.com/WebKit/explain…
	Prikaz sažetka ·

	Artur Janc proslijedio/la je tweet
	John Wilander @johnwilander	29. sij
	Into TLS? Like helping teams and individuals reach their goals? Come manage Apple’s Secure Transports Team: jobs.apple.com/en-us/details/…
	Prikaži podatke ·

	Artur Janc proslijedio/la je tweet
	Nafeez @skeptic_fx	29. sij
	Odgovor korisniku/ci @mikispag @randomdross We recently deployed Strict, nonce based CSP to Cloudflare dash as well :) We use an intermediary like Cloudflare Workers to do the job. But it changes the threat model a little bit. Since it’s react based, we are not worried about reflected html based injections.
	Prikaz razgovora ·

	Artur Janc proslijedio/la je tweet
	Nathaniel Fruchter @nhfruchter	28. sij
	Odgovor korisniku/ci @enigmaconf @ericlaw i 2 ostali Chrome privacy sandbox highlights: 1. Remove tracking surfaces - make it harder to track 2. Audit and attestation - can't entirely rely on tech measures 3. Privacy preserving APIs - meet use cases devs need 4. Anti-abuse - still need to catch things that fall through #enigma2020
	Prikaz razgovora ·

	Artur Janc proslijedio/la je tweet
	baseband javascript rce nightmare scenario @randomdross	28. sij
	Strict, nonce-based CSP now deployed on a good portion of Postmates.com. Yay!
	Prikaz sažetka ·

	Artur Janc proslijedio/la je tweet
	John Wilander @johnwilander	27. sij
	SameSite=Lax cookie issues imminent for AMP-enabled websites since the AMP cache loads under a faux first party: blog.amp.dev/2020/01/27/coo…
	Prikaz sažetka ·

	Artur Janc proslijedio/la je tweet
	Parisa Tabriz @laparisa	28. sij
	.@LeaKissner: Can y'all compare and contrast the different approaches to browser privacy? @ericlaw: You're asking us to rank our neighbor's children! 😂 #enigma2020
	Prikaži podatke ·

	Artur Janc proslijedio/la je tweet
	Aaron Alva @ missing ShmooCon :( @aalvatar	28. sij
	Odgovor korisniku/ci @ericlaw @TanviHacks @justinschuh #enigma2020 @justinschuh We don't want to throw out what makes the web so great: - Open Standards - No Single Entity Control (low barrier to entry to do something on the web) - Ephemerality (users can seamlessly migrate between sites)
	Prikaz razgovora ·

	Artur Janc proslijedio/la je tweet
	Jasvir Nagra @jasvir	27. sij
	#CMV Δ My new team at @Dropbox just managed to convince me that my opinion of CSP has been overly pessimistic & in spite of it's warts, they are real world cases where the mitigation it provided was worth the pain of deployment.
	Prikaži podatke ·

	Artur Janc @arturjanc	25. sij
	Odgovor korisniku/ci @arturjanc From a defender's point of view this looks much less optimistic. There's still a large number of patterns that developers frequently get wrong (including "easy" things like XSS prevention), and new patterns (SWs, JWT|localStorage) create new bug classes. You can still have fun!
	Prikaz razgovora ·

	Artur Janc @arturjanc	25. sij
	As much as I'd like to retire, I'd guess that once the dust settles a large number of the applications worth attacking will set `SameSite=none`, so don't write off CSRF / XS-Leaks just yet :) twitter.com/filedescriptor…
	Prikaži podatke ·

	Artur Janc proslijedio/la je tweet
	Ezequiel Pereira @epereiralopez	24. sij
	From June 8th to September 4th, I'll be a Security Engineer intern at Google Zurich🇨🇭🥳 pic.twitter.com/vcKgp6iHoJ
	Prikaz fotografije ·

	Artur Janc proslijedio/la je tweet
	Lukas Weichselbaum @we1x	24. sij
	Our research on Safari's Intelligent Tracking Prevention (ITP) is now available on research.google/pubs/pub48871/ cc @arturjanc @kkotowicz @empijei pic.twitter.com/JvbLIhGDXd
	Prikaz fotografije ·