Quick snippets, quotes, links, un-strucured posts, quick ideas or comments, things I like quickly but probably won’t use, news about security or clourd that I see important….

[infosec] Public Pen Testing Reports

Last update is a week ago and the repo has 4.7K stars https://github.com/juliocesarfort/public-pentesting-reports


[open-science] Sci-Hub Mirrors

Sci-Hub mirrors : https://sci-hub.41610.org/sci-hub-mirrors

Most recent list

  • https://sci-hub.cc
  • https://sci-hub.se
  • https://sci-hub.st
  • https://sci-hub.se
  • https://sci-hub.do
  • https://sci-hub.it.nf
  • https://sci-hub.es.ht
  • https://sci-hub.im
  • https://sci-hub.se
  • http://sci-hub.tw
  • http://sci-hub.si
  • http://sci-hub.vk


[security] Cybersecurity experts on Twitter

Top 21 cybersecurity experts you must follow on Twitter in 2021 via Security Boulevard


[music] Eight of the archetypal forms of dance music

Bruce Aisher explores eight of the archetypal forms of dance music bassline, from old-school classics to contemporary techniques.

link


[books] SRE related books I recently read and liked

1. Cloud Native Transformation, by P. Reznik, J. Dobson, M. Gienow 2019 - via O’Reilly

I do recommend to everybody who are working with Cloud, especially to consultants. Free via container-solutions.com

2. Security Warrior, by Cyrus Peikari, Anton Chuvakin 2004 - via O’Reilly

This book reveals how your systems can be attacked.

3. The Phoenix Project, Gene Kim et al. 2013 - via O’Reilly

A triller for SREs and CTOs

4. The Unicorn Project, by Gene Kim - via O’Reilly

It is again a nice novel about digital transformation developers and all kind of issues related with these two. A part II for the Phoenix Project


[software] Raycast (Free and light Alfred alternative)

Better than Alfred for Mac. Ligt, fast and productivity booster

Raycast lets you control your tools with a few keystrokes. It’s designed to keep you focused.

raycast.com

Best part is the custom script part: github.com/raycast/script-commands/tree/master/commands


[software] Semantic diffs

diffsitter - A tree-sitter based AST difftool to get meaningful semantic diffs

See it in action

diffsitter performs diffs on text files using the AST to compute the diff instead of using a naive text-based diff. This can give you more semantically meaningful diff information, which will prevent diffs from getting polluted by formatting differences, for example.

diffstter uses the parsers from the tree-sitter project to parse source code. As such, the languages supported by this tool are limited by the languages supported by the tree-sitter project.

A prefect diff tool shows the difference of two files semantically. It is unfortunately only for Rust language but it is very inspiring.


[music] Dario Fo, Italian popular songs and 1966

One of Dario’s early work “Canzonissima” is featured satirical songs and sketches depicting the lives of the working classes under the pressure of politics, industrialisation and economics. It’s often censored.

This is a nice example of his works, a play for the TV: Ci Ragiono E Canto

I liked the acting so much the play but also the music. So I continued listeing other records for other plays by Dario: The New Italian Canzoniere - Ci Ragiono E Canto 2 (Dario Fo 1966)


[paper] The Racist Critics of Ataturk and Kemalism, from the 1930s to the 1960s

Full paper - PDF

This article examines racist attitudes toward Atatu¨rk and Kemalism from the 1930s to the 1960s. Liberal, leftist and conservative-Islamist critics of republican Turkey’s founder and his policies have contributed to a widely shared image that, even if Kemalism was not essentially racist, the Kemalist approach to religious and ethnic minorities could hardly be described as egalitarian. Thus one is taken by surprise to uncover a parallel layer of virulent racist criticism, hidden under the deposit of decades of anti-Kemalist discourse


[Movie] Recently loved shorts

I follow “Dust” Youtube channel to watch curated short movies (mostly sci-fi but not only).

My recent favourite and discovery was “Macabre” in horror category. It was a realistic but disturbing taste. Multiple different historical and philosophical signs are included.

Strongly recommended : youtube.com/watch?v=Ywn-hWPCJ3Y

K just crashed his Mercedes-Benz into a tree, moments after trying to avoid running down a small wild animal that ran across his path. He is on a backwater road in the countryside and it’s a very dark night. His evening has only just begun... “Macabre” by Jerónimo Rocha and João Miguel Real


[Music] The Routes of Slavery

I recently discovered this album “The Routes of Slavery” by Jordi Saval. It is more like a project.

Many different artists contributed. It’s a multilinugual album. The booklet and the details fo the project is published during a live event PDF

The album is on Spotify and Youtube


[paper] Dialectical Logic and Boolean Algebra - Yaozhi Jiang

Full paper - PDF

Dialectical logic was founded by German famous philosopher F. Hegel, but it has not been laid on mathematics for a long time. In this paper author explains the dialectical logic pure mathematically, and shows that the classic formal logic, its mathematical expression is Boolean algebra(includes multiple value system), is a special case from dialectical logic, and the true-valued function for dialectical logic is a continuous function valued on closed interval and defined on time-space axes system. The Aristotle three laws of formal logic are expanded into expression of dialectical logic, and Russell paradox is expanded into the case of multiple order. Some new theorems for Boolean operators and the matrix expression for De Morgan’s theorem of multiple variables dialectical logic are given. At the end of the paper, linear or nonlinear dialectical logic are defined and analysis properties of dialectical logic true-valued function are pointed.


[paper] Heavy Metal in a Muslim Context - Pierre Hecker

Heavy Metal in a Muslim Context - Pierre Hecker Full paper - PDF


[paper] A paper by Google: Why container Security matters?

Understanding the container security concepts that impact your organization

Full paper - PDF

TLDR;

Scream these to your developer team:

  • Don’t let the shipping container imagery fool you; containers are not a special security boundary
  • Containers use primitives of the Linux kernel (cgroups, namespaces) toisolate processes in an environment
  • A “container image” is your application and its dependencies, and uses a “base image”as the basis for thecontainer image
  • Container registries host your container images. It’s important that you be able to trust your base and container images, and that you use a private, trusted registry