diff options
| author | Paul Duncan <pabs@pablotron.org> | 2022-06-08 18:05:05 -0400 |
|---|---|---|
| committer | Paul Duncan <pabs@pablotron.org> | 2022-06-08 18:05:05 -0400 |
| commit | 6a08bb4c6d4dcc4da5f9a2ca7a5a35d84d218734 (patch) | |
| tree | d20a50fbc68113318e32019700d5541b53fb1d0b | |
| parent | b7c6be69d5d1bef40ac0e4b469a3b51ef926c630 (diff) | |
| download | pablotron.org-6a08bb4c6d4dcc4da5f9a2ca7a5a35d84d218734.tar.bz2 pablotron.org-6a08bb4c6d4dcc4da5f9a2ca7a5a35d84d218734.zip | |
TODO.md: add ideas
| -rw-r--r-- | TODO.md | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -73,6 +73,7 @@ this stuff may not make any sense. https://thecorrespondent.com/655/blockchain-the-amazing-solution-for-almost-nothing/86714927310-8f431cae (not great technically) https://www.usenix.org/publications/loginonline/web3-fraud https://web3isgoinggreat.com/ + https://www.schneier.com/blog/archives/2022/04/de-anonymizing-bitcoin.html * syzkaller/syzbot: https://www.youtube.com/watch?v=YwX4UyXnhz0 * bpf: @@ -147,7 +148,13 @@ this stuff may not make any sense. - organizational namespacing - signing and/or global subdb - declarative install + - typosquatting (see sqo vulns from may email) + - starsquatting (requests, phpass): https://medium.com/checkmarx-security/typosquatting-attack-on-requests-one-of-the-most-popular-python-packages-3b0a329a892d - ref: https://kerkour.com/rust-crate-backdoor + - (related, semver is garbage) + <https://www.linode.com/blog/security/linode-security-digest-rubygems-and-rsyslogs-vulnerabilities/> + - (problems w/ go modules) +* radare2, ghidra ## done * add project folders |