The Weekly Dev - 202225
Lock down your online resources
We are now starting to see the spread of weird passwordless solutions. Before we understand how they really work, probably our private data is no longer that private any more...
If you really care about your data, who can access it and who doesn't, there is some work to do and learn about PKI, OTP, certificates and all that jazz.
It's not easy, but it's a good learn, important for survival, if you're somewhat planning to rely on any kind of online services.
Data-Intensive Applications
Inconsistent thoughts on database consistency
Source: alexdebrie.com
Boring Security
"What the hell are Security Headers?" I hear you saying... well, they are somewhat important. Apart from learning what they really are, you have a way to check them on the commandline with the following tool:
shcheck - Security Header Check
Source: github.com/santoru
You're well versed in enterprise-y software, but sometimes with the same tools you don't want to depend on $bigframework. A library for MFA might come handy:
Time-based One Time Password (MFA) Library for Java
Source: github.com/samdjstevens
If you're really getting serious about security, you don't want anyone to be able to export your private keys. Therefore, the should not reside on the filesystem, rather on a security device like the following:
How to configure SSH with YubiKey Security Keys U2F Authentication
Source: cryptsus.com
For more light-weight scenarios, you might want to consider a mobile application like FreeOTP to generate second factor auth with TOTP:
Set Up SSH Two-Factor Authentication
Source: linuxbabe.com
[linux] [certificate] [security] [java] [git]