For the best experience on desktop, install the
Chrome extension
to track your reading on news.ycombinator.com
×
Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
|
history
|
from
register
Mixing Up Public and Private Keys in OpenID Connect Deployments
(
hboeck.de
)
6 points
by
todsacerdoti
on Feb 25, 2025
|
past
Private Keys in the Fortigate Leak
(
hboeck.de
)
4 points
by
hannob
on Jan 17, 2025
|
past
How Heartbleed Could've Been Found (2015)
(
hboeck.de
)
2 points
by
udev4096
on Oct 20, 2024
|
past
|
1 comment
Don't update NTP – stop using it (2014)
(
hboeck.de
)
1 point
by
crcastle
on April 27, 2024
|
past
How to Create a Secure, Random Password with JavaScript
(
hboeck.de
)
2 points
by
hannob
on Feb 5, 2024
|
past
|
2 comments
Please do not put IP addresses into DNS MX records
(
hboeck.de
)
228 points
by
hannob
on Feb 21, 2021
|
past
|
176 comments
File Exfiltration via LibreOffice in BigBlueButton and JODConverter
(
hboeck.de
)
32 points
by
hannob
on Oct 21, 2020
|
past
|
5 comments
Generating Crime Safe CSRF Tokens
(
hboeck.de
)
35 points
by
zdw
on April 13, 2020
|
past
|
7 comments
Generating Crime Safe CSRF Tokens
(
hboeck.de
)
2 points
by
hannob
on April 13, 2020
|
past
Userdir URLs like https://example.org/~username/ are dangerous
(
hboeck.de
)
155 points
by
hannob
on April 6, 2020
|
past
|
131 comments
#include </etc/shadow>
(
hboeck.de
)
406 points
by
goranmoomin
on Dec 17, 2019
|
past
|
121 comments
Security Issues with PGP Signatures and Linux Package Management
(
hboeck.de
)
2 points
by
goranmoomin
on Dec 17, 2019
|
past
#include </etc/shadow>
(
hboeck.de
)
16 points
by
hannob
on Dec 16, 2019
|
past
|
1 comment
Security Issues with PGP Signatures and Linux Package Management
(
hboeck.de
)
3 points
by
UkiahSmith
on Sept 13, 2019
|
past
My Bug Bounty Program Turned into a Free Security Audit for the Serendipity Blog
(
hboeck.de
)
2 points
by
hannob
on Nov 12, 2018
|
past
Efail: HTML Mails have no Security Concept and are to blame
(
hboeck.de
)
2 points
by
zeveb
on June 28, 2018
|
past
Efail: HTML Mails have no Security Concept and are to blame
(
hboeck.de
)
2 points
by
hannob
on June 27, 2018
|
past
Efail: Outdated Crypto Standards Are to Blame
(
hboeck.de
)
4 points
by
hannob
on May 22, 2018
|
past
|
1 comment
Introducing Snallygaster – a tool to scan for secrets on Web servers
(
hboeck.de
)
2 points
by
zeveb
on April 18, 2018
|
past
Introducing Snallygaster – A Tool to Scan for Secrets on Web Servers
(
hboeck.de
)
3 points
by
hannob
on April 11, 2018
|
past
OCSP Stapling in Apache and Nginx are broken
(
hboeck.de
)
2 points
by
okket
on Jan 29, 2018
|
past
Some Minor Security Quirks in Firefox
(
hboeck.de
)
1 point
by
hannob
on Nov 16, 2017
|
past
In Search of a Secure Time Source
(
hboeck.de
)
3 points
by
dankohn1
on Sept 16, 2017
|
past
|
1 comment
In Search of a Secure Time Source
(
hboeck.de
)
1 point
by
hannob
on Sept 7, 2017
|
past
Abandoned Domain Takeover as a Web Security Risk
(
hboeck.de
)
1 point
by
grey_shirts
on Sept 6, 2017
|
past
Abandoned Domain Takeover as a Web Security Risk
(
hboeck.de
)
2 points
by
hannob
on Sept 5, 2017
|
past
How I Tricked Symantec with a Fake Private Key
(
hboeck.de
)
200 points
by
hannob
on July 20, 2017
|
past
|
38 comments
Don't Leave Coredumps on Web Servers
(
hboeck.de
)
87 points
by
hannob
on June 15, 2017
|
past
|
32 comments
OCSP Stapling, Must Staple and Why Certificate Revocation Is Still Broken
(
hboeck.de
)
5 points
by
Anthony-G
on June 2, 2017
|
past
Why Certificate Revocation is still broken
(
hboeck.de
)
3 points
by
hannob
on May 19, 2017
|
past
More
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
×
HN For You
Display Mode
Highlight
Top
Only
Debug mode
Sign Out
API Key:
Connect
Create an account
to get your API key.
