Twitter | Pretraživanje | |
Lukas Weichselbaum
Staff Information Security Engineer . Passionate about Web Security. Opinions are my own.
520
Tweetovi
406
Pratim
1.498
Osobe koje vas prate
 
Prikaži više fotografija
Tweetovi
Lukas Weichselbaum 1. velj
Odgovor korisniku/ci @TAhmadyar @AAMills
Wozu? Vielleicht sollten Sie lieber an Ihrer Rechtschreibung/Grammatik arbeiten bevor Sie sich ueber Umlaute beschweren 🤦‍♂️ "auch in Englichen Tastaturlayout"
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 1. velj
Odgovor korisniku/ci @TAhmadyar @AAMills
Sehr empathisch.. ich verwende beruflich auch eine Tastatur mit einem englischen Tastaturlayout.
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum proslijedio/la je tweet
Google Vulnerability Reward Program (VRP) 30. sij
2019 has been a record-breaking year on lots of fronts - thanks to you all! Keep up your awesome discoveries.
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 30. sij
Odgovor korisniku/ci @RBahia86 @slekies i 2 ostali
Yes, I'd say so.
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 30. sij
Odgovor korisniku/ci @arturjanc @terjanq i 3 ostali
Huge +1, really looking forward to working with you!!
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 30. sij
Odgovor korisniku/ci @RBahia86 @slekies i 2 ostali
Most common are browser extensions. But malware could also patch your browser or other places. Not sure what Kaspersky is doing.
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 29. sij
Odgovor korisniku/ci @ndm @randomdross
we also see a lot of these... Really not great, if an AV lowers the security of a site by messing with its CSP :/
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 28. sij
Congrats to !
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum proslijedio/la je tweet
Rowan Merewood 27. sij
More 🍪 cookie news: 0️⃣ Intent to **prototype** 1️⃣ tl;dr you can't share 🍪 across HTTP / HTTPS 2️⃣ 3P 🍪 need to be Secure anyway ➡️ unaffected 3️⃣ Consider HTTPS by default (again) 4️⃣ HTTP➡️HTTPS may mean transferring 🍪 👋 Happy to discuss!
Prikaži podatke · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum proslijedio/la je tweet
Jasvir Nagra 27. sij
Δ My new team at just managed to convince me that my opinion of CSP has been overly pessimistic & in spite of it's warts, they are real world cases where the mitigation it provided was worth the pain of deployment.
Prikaži podatke · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 27. sij
Odgovor korisniku/ci @SeanWrightSec @LewisArdern i 2 ostali
There are also other fallbacks. E.g. in presence of 'strict-dynamic' all host allowlist entries like https:, , etc are ignored. Doesn't make CSP easier to understand, but is necessary to not break users of incompatible browsers (like Safari).
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 27. sij
Odgovor korisniku/ci @SeanWrightSec @LewisArdern i 2 ostali
We tried to summarize some of this at Happy to answer any questions 🙂
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 24. sij
Our research on Safari's Intelligent Tracking Prevention (ITP) is now available on cc
Prikaz fotografije · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 24. sij
Odgovor korisniku/ci @kcotsneb @PhilippeDeRyck @mikewest
You're absolutely right! I'm really happy about more and more people getting interested in this space and that you provide a dedicated platform for them! Also big +1 for unsolicited feedback. Please also feel free to chime in on the many GitHub issues and spec drafts.
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 24. sij
Odgovor korisniku/ci @kcotsneb @PhilippeDeRyck @mikewest
Will consider that! Usually we send our crazy ideas directly to 😅
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 24. sij
Odgovor korisniku/ci @PhilippeDeRyck
I wish the web would have an easier way to deprecate old/insecure patterns and APIs. Till then we'll have to work with opt-ins (like CSP, COOP, TrustedTypes, ...) for reducing dangerous patterns. Origin-(policy-)manifest[1] should make this easier :) [1]
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 23. sij
Odgovor korisniku/ci @randomdross
fixed
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 23. sij
Odgovor korisniku/ci @randomdross
Good idea ;)
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 22. sij
Odgovor korisniku/ci @ChrisJohnRiley @kkotowicz
Three possible explanations: a) koto was in the same meeting b) you got compromised c) hash collision in universe simulation
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Lukas Weichselbaum 22. sij
👇
Prikaži podatke · Reply Retweet Označi sa "sviđa mi se"
Učitaj starije tweetove