Fascinating article, perhaps real: “He Was a Hacker for the NSA and He Was Willing to Talk. I Was Willing to Listen.”

Glenn Norman

Mr. Robot has spawned or reinforced a dozen stereotypes about hacker-types. A lot of them are pretty unfortunate, like the association of hacking with mental illness. This article goes deep on a reporter’s interviews with a post-CIA hacker willing to talk about “the business.” https://theintercept.com/2016/06/28/he-was-a-hacker-for-the-nsa-and-he-was-willing-to-talk-i-was-willing-to-listen/

[ Hacker Night School ] :: [ Hiding Your Ass ] :: [ Using a Proxy Server ]

Glenn Norman
This entry is part 6 of 17 in the series [ Hacker Night School ]

One of the trickiest things about hacking is knowing what kind of anonymity tool to use, when. If what you are doing involves only the Internet (i.e. web pages and web sites), the right anonymity tool is a proxy server. “Proxy” means “stand-in” or “intermediary” (look it up; research is your specialty, right?), and a …

[ Hacker Night School ] Being Anonymous: VPNs

Glenn Norman
This entry is part 7 of 17 in the series [ Hacker Night School ]

Sometimes you can go about your business out in the open, on the Internet and everywhere. But sometimes you don’t want to be seen. It’s a good thing there are lots of privacy apps and options. It’s a bad thing that most people don’t know when – and why – to use a particular tool. …

Swarm Steps — The Cheatsheet For Social Change

Rob Sutherland

This weeks’ guest post is by Rob Sutherland, Coder, Analyst, Writer, SF Fan. Derived from ‘Swarmwise’ by Rick Falkvinge and edited and formatted by Rob Sutherland, this article offers some terrific insights into how groups form and accomplish goals. Isn’t that what we’re trying to do here? What is a Swarm? A swarm is a …

[ Security for Web Developers ] :: 16: Best Practices

Blue Security Goddess

This is post 16 of 16 in the series “Security for Web Developers” You should: Change the default user name directly in the database. Put files that contain login credentials outside your webroot. Don’t allow writable directories. (With details….) Don’t allow users to upload anything. Sorry. Avoid toxic data. Patch like mad. Use a security …

[ Security for Web Developers ] :: 15: Testing Guides and Aids


This is post 15 of 16 in the series “Security for Web Developers” By the Book There are lots of methodologies, more or less formal, for testing your web app’s security. OWASP is, of course, a biggie. https://www.owasp.org/images/5/52/OWASP_Testing_Guide_v4.pdf And don’t forget tools for particular platforms, for instance WordPress. http://wpscan.org/ (this is great) Next: https://schoolforhackers.com/security-web-developers-best-practices/