diff options
author | Paul Duncan <pabs@pablotron.org> | 2022-07-14 12:34:53 -0400 |
---|---|---|
committer | Paul Duncan <pabs@pablotron.org> | 2022-07-14 12:34:53 -0400 |
commit | decd2d71faca15ed5790cd8050ce889ec2ea795f (patch) | |
tree | ed867c6595ab791f284ba61aa45b126b252bcf44 | |
parent | 6383bdad881378f086fcd20914d7426717464ee9 (diff) | |
download | pablotron.org-decd2d71faca15ed5790cd8050ce889ec2ea795f.tar.bz2 pablotron.org-decd2d71faca15ed5790cd8050ce889ec2ea795f.zip |
TODO.md: refine several ideas
-rw-r--r-- | TODO.md | 12 |
1 files changed, 10 insertions, 2 deletions
@@ -64,6 +64,7 @@ this stuff may not make any sense. * detailed results are interesting * my tools 2021 (vim, irssi, screen, mutt/offlineimap/notmuch, irb, git, bash) * buttcoin: + * https://www.theonion.com/man-who-lost-everything-in-crypto-just-wishes-several-t-1848764551 * tulip mania * nerd sniping https://www.jwz.org/blog/2022/01/mozilla-blinked/ @@ -148,12 +149,14 @@ this stuff may not make any sense. * needed in a package manager - organizational namespacing - signing and/or global subdb + <https://blog.tidelift.com/the-state-of-package-signing-across-package-managers> - declarative install - typosquatting (see sqo vulns from may email) - starsquatting (requests, phpass): https://medium.com/checkmarx-security/typosquatting-attack-on-requests-one-of-the-most-popular-python-packages-3b0a329a892d - ref: https://kerkour.com/rust-crate-backdoor - (related, semver is garbage) <https://www.linode.com/blog/security/linode-security-digest-rubygems-and-rsyslogs-vulnerabilities/> + <https://earthly.dev/blog/programming-language-improvements/> - (problems w/ go modules) * radare2, ghidra * what would git look like with modern hash (sha-512/256/blake3), data @@ -178,8 +181,12 @@ this stuff may not make any sense. * markovian (golang markov chain generator) * secure C wiki is confluence!?!? <https://wiki.sei.cmu.edu/confluence/display/c/SEI+CERT+C+Coding+Standard> -* go-import support - <https://go.dev/ref/mod#vcs-find> +* write about go-import support <https://go.dev/ref/mod#vcs-find> +* fuzzing (afl) + <https://www.fuzzingbook.org/> + <https://wfuzz.readthedocs.io/en/latest/> +* update mathyd add link to texbox/texoid: + <https://pypi.org/project/texoid/> ## done * add project folders @@ -225,3 +232,4 @@ this stuff may not make any sense. - https://blog.suborbital.dev/foundations-wasm-in-golang-is-fantastic - see notes in ~/git/test/go/wasm/ * HTML escaping benchmarks (`git/fastest-js-html-escape`) +* go-import support <https://go.dev/ref/mod#vcs-find> |