Gabriel Corona
Gabriel Corona
I guess, the `--tid` flag should do the trick: https://github.com/brendangregg/FlameGraph/blob/57589a4edd210d2297664137ed5bd6cb88d73d65/stackcollapse-perf.pl#L106
What about using [HTTPS proxy](https://www.mozilla.org/en-US/firefox/33.0/releasenotes/)? Using different domain names (by asking people to lend you some domain name) and not publishing the whole list in one central location would make...
> Sadly it [doesn't work on Fastly's CDN](https://trac.torproject.org/projects/tor/wiki/doc/meek#Fastly) so easy because they check SNI against Host:, you need to request it by IP without SNI. @komachi [Domain fronting](https://petsymposium.org/2015/papers/03_Fifield.pdf) seems to...
My main point of view is of a security-minded software developer foremost (doing some architecture work as well) who happens to stumble upon security issues and who would like to...
> 2.2.3 Verify that the application ensures that combinations of related data items are reasonable according to the pre-defined rules. I agree that the wording on this one is quite...
@tghosth: I don't know :) Very-strawman proposal: > 6.4.X Verify that when a symmetric key is encrypted by another key, this key encryption key has at least as much entropy...
Proposition: add a note in the appendix such as, > Warning: a symmetric key should always be wrapped by a key of at least the same length in bits. @danielcuthbert...
@danielcuthbert, your branch is based on the status of the repo from beginning of April and is now in conflict with the current branch. I think you'd need to rebase...
> OAuth2 has become industry standard for API protection and the also the basis for federated login using OpenID Connect (OIDC). This chapter highlights core best current practices for OAuth2...
> Note that additional OAuth2 features such as JAR, RAR, Resource indicators, Token exchange etc are considered out of scope. Is it? There are some interesting things which could be...