From 6a08bb4c6d4dcc4da5f9a2ca7a5a35d84d218734 Mon Sep 17 00:00:00 2001 From: Paul Duncan Date: Wed, 8 Jun 2022 18:05:05 -0400 Subject: TODO.md: add ideas --- TODO.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/TODO.md b/TODO.md index 8a29649..08e1022 100644 --- a/TODO.md +++ b/TODO.md @@ -73,6 +73,7 @@ this stuff may not make any sense. https://thecorrespondent.com/655/blockchain-the-amazing-solution-for-almost-nothing/86714927310-8f431cae (not great technically) https://www.usenix.org/publications/loginonline/web3-fraud https://web3isgoinggreat.com/ + https://www.schneier.com/blog/archives/2022/04/de-anonymizing-bitcoin.html * syzkaller/syzbot: https://www.youtube.com/watch?v=YwX4UyXnhz0 * bpf: @@ -147,7 +148,13 @@ this stuff may not make any sense. - organizational namespacing - signing and/or global subdb - declarative install + - typosquatting (see sqo vulns from may email) + - starsquatting (requests, phpass): https://medium.com/checkmarx-security/typosquatting-attack-on-requests-one-of-the-most-popular-python-packages-3b0a329a892d - ref: https://kerkour.com/rust-crate-backdoor + - (related, semver is garbage) + + - (problems w/ go modules) +* radare2, ghidra ## done * add project folders -- cgit v1.2.3