Because it always feels dangerous *not* to follow security advice, the outdated and sometimes never justified security advice piles up.
Don't get bogged down by the hacklore.
hacklore.org
(Thanks to the always awesome @boblord.bsky.social for this initiative)
It supports terraform functions and datasources. Examples here: github.com/JosiahOne/te...
I've gotten so sick of debugging slightly invalid IAM policies in terraform code that I decided to write a provider that lets you automatically validate policies at planning time using AWS IAM policy validation APIs.
If this sounds interesting, check out: registry.terraform.io/providers/Jo...
I decided to articulate some thoughts on where I think security engineering needs some maturing, after finally hitting a decade in the software industry: riskytrees.com/blog/when-security-engineering-is-neither-security-nor-engineering.
We are deeply disappointed that the Court failed to require the strict First Amendment scrutiny required in a case like this, which would’ve led to the inescapable conclusion that the government's desire to prevent potential future harm had to be rejected as infringing millions of Americans’ constitutionally protected free speech. We are disappointed to see the Court sweep past the undisputed content-based justification for the law – to control what speech Americans see and share with each other – and rule only based on the shaky data privacy concerns. The United States’ foreign foes easily can steal, scrape, or buy Americans’ data by countless other means. The ban or forced sale of one social media app will do virtually nothing to protect Americans' data privacy – only comprehensive consumer privacy legislation can achieve that goal. Shutting down communications platforms or forcing their reorganization based on concerns of foreign propaganda and anti-national manipulation is an eminently anti-democratic tactic, one that the US has previously condemned globally.
EFF Statement on U.S. Supreme Court's Decision to Uphold TikTok Ban:
I had the privilege of working with Jellyfish's wonderful IT team to build a pretty slick approach for just-in-time, capability-based IAM access control scheme in AWS. If you're curious what that means or how it works, check out our blog post: jellyfish.co/blog/are-you...
