Skip to content
  • Home
  • Categories
  • Recent
  • Popular
  • World
  • Top
  • Tags
  • Users
  • Groups
  • Documentation
    • Home
    • Read API
    • Write API
    • Plugin Development
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo
v3.12.1 Latest
Buy Hosting
  1. Home
  2. Uncategorized
  3. Ideas and Execution

Ideas and Execution

Scheduled Pinned Locked Moved Uncategorized
4 Posts 4 Posters 7 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • soatok@furry.engineerS This user is from outside of this forum
    soatok@furry.engineerS This user is from outside of this forum
    Soatok Dreamseeker
    wrote last edited by
    #1

    Ideas and Execution

    5 free ideas that Soatok doesn't have the time or energy to execute on.

    http://soatok.blog/2024/12/09/ideas-and-execution/

    foxboron@chaos.socialF faz@infosec.exchangeF 2 Replies Last reply
    1
    0
    • foxboron@chaos.socialF This user is from outside of this forum
      foxboron@chaos.socialF This user is from outside of this forum
      Morten Linderud
      replied to Soatok Dreamseeker last edited by
      #2

      @soatok

      Hmm, I suspect threshold signatures with a TPM would be cool. Then you could have additional claims like the request coming from the correct machine as well as some identity claims.

      I experimented a little bit with this through an SSH CA thing, single-user though.

      https://linderud.dev/blog/ssh-ca-with-device-and-identity-attestation-ssh-tpm-ca-authority/

      But replacing the SSH CA with an OIDC thing would be cool.

      1 Reply Last reply
      0
      • faz@infosec.exchangeF This user is from outside of this forum
        faz@infosec.exchangeF This user is from outside of this forum
        Flo
        replied to Soatok Dreamseeker last edited by
        #3

        @soatok the cyclomatic complexity metrics as IoC sounds like a really straight-forward thing that should be part of all CD pipelines.

        risottobias@tech.lgbtR 1 Reply Last reply
        0
        • risottobias@tech.lgbtR This user is from outside of this forum
          risottobias@tech.lgbtR This user is from outside of this forum
          pasta la vida
          replied to Flo last edited by
          #4

          @faz @soatok @Nulhomme a starting point for the code stuff:

          https://github.com/DataDog/supply-chain-firewall
          https://github.com/some-natalie/bincapz-action
          https://github.com/chainguard-dev/malcontent (bincapz was renamed)

          1 Reply Last reply
          0

          Copyright © 2024 NodeBB | Contributors
          • Login
          • Don't have an account? Register
          • Login or register to search.
          Powered by NodeBB Contributors
          • First post
            Last post
          0
          • Home
          • Categories
          • Recent
          • Popular
          • World
          • Top
          • Tags
          • Users
          • Groups
          • Documentation
            • Home
            • Read API
            • Write API
            • Plugin Development