Recent searches

No recent searches

Search options

Only available when logged in.
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Administered by:

Server stats:

208
active users

eupolicy.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.1

#proofofconcept

1 post1 participant0 posts today
Replied in thread
*
Mx Verda

"Fairphone’s progress on core impact strategies, page 21.
Under the header "Levels of circularity: 8 R’s" are 3 shaded areas pointing to "KPI 2", "KPI 3", then "KPI 3 + 4". A banded arrow along the left bridges these areas, pointing upward. Its label is "Order of Priority" from "Low" to "High".

These point to KPI 2.
Refuse: prevent raw materials use.
Rethink: redesign product in view of circularity.

These point to KPI 3.
Reduce: decrease raw materials use.
Repair: maintain and repair product.
Refurbish: revive product.
Remanufacture: make new product from second hand.
Repurpose: re-use product but with other function.

This points to KPI 3 + 4.
Recycle: salvage material streams with highest possible value.

FAIRPHONE Impact report 2021"

Page 21 of fairphone.com/wp-content/uploa

If that's not great alt text, idk what is.

#AltText#AccessText#EaseOfAccess
xoron :verified:

File encryption with a browser.

I've been exploring the #WebCryptoAPI and I'm impressed!

When combined with the #FileSystemAPI, it offers a seemingly secure way to #encrypt and #store files directly on your device. Think #localstorage, but with #encryption!

I know #webapps can have #security vulnerabilities since the code is served over the web, so I've #OpenSourced my demo! You can check it out, and it should even work if #selfhosted on #GitHubPages.

Live Demo: dim.positive-intentions.com/?p

Demo Code: github.com/positive-intentions

Hook Code: github.com/positive-intentions

IMPORTANT NOTES (PLEASE READ!):
* This is NOT a product. It's for #testing and #demonstration purposes only.
* It has NOT been reviewed or audited. Do NOT use for sensitive data.
* The "password encryption" currently uses a hardcoded password. This is for demonstration, not security.
* This is NOT meant to replace robust solutions like #VeraCrypt. It's just a #proofofconcept to show what's possible with #browser #APIs.

dim.positive-intentions.com@storybook/core - Storybook
#Cryptography#JavaScript#Frontend
*
xoron :verified:

React-like functional webcomponents, but with vanilla HTML, JS and CSS

Introducing Dim – a new #Framework that brings #ReactJS-like functional #JSX-syntax with #VanillaJS. Check it out here:
🔗 Project: github.com/positive-intentions
🔗 Website: dim.positive-intentions.com

My journey with #WebComponents started with Lit, and while I appreciated its native browser support (less #Tooling!), coming from #ReactJS, the class components felt like a step backward. The #FunctionalProgramming approach in React significantly improved my #DeveloperExperience and debugging flow.

So, I set out to build a thin, functional wrapper around #Lit, and Dim is the result! It's a #ProofOfConcept right now, with "main" #Hooks similar to React, plus some custom ones like useStore for #EncryptionAtRest. (Note: #StateManagement for encryption-at-rest is still unstable and currently uses a hardcoded password while I explore #Passwordless options like #WebAuthn/#Passkeys).

You can dive deeper into the #Documentation and see how it works here:
📚 Dim Docs: positive-intentions.com/docs/c

This #OpenSource project is still in its early stages and very #Unstable, so expect #BreakingChanges. I've already received valuable #Feedback on some functions regarding #Security, and I'm actively investigating those. I'm genuinely open to all feedback as I continue to develop it!

GitHubGitHub - positive-intentions/dimContribute to positive-intentions/dim development by creating an account on GitHub.
#FrontendDev#JSFramework#Innovation
Tino Eberl

#KINews

#Gartner prognostiziert, dass 30 % der generativen #KIProjekte nach dem #ProofofConcept (PoC) abgebrochen werden. Aber das ist nicht unbedingt schlecht: Ein #PoC ermöglicht es Unternehmen, #Risiken und #Machbarkeit frühzeitig zu bewerten, #Kosten zu sparen und wertvolle Erfahrungen zu sammeln. So lassen sich ineffiziente Projekte stoppen, bevor sie teurer werden. Fazit: Ausprobieren lohnt sich und Abbrechen ist manchmal der bessere Weg.

#KI #Projektmanagement

tino-eberl.de/ki-news/gartner-

Tino Eberl · Gartner: 30 % der KI-Projekte werden nach PoC abgebrochen: Ja, gut so!
More from Tino Eberl
Replied in thread
Not Simon

Palo Alto Networks released additional details about CVE-2024-3400: the fact that it is a combination of two bugs in PAN-OS; how an attacker was exploiting it; how disabling telemetry initially worked; and how they fixed it. The timeline from discovery to remediation encompasses the whole blog post. Overall a comprehensive after-action review from a company that notified the public almost immediately of an exploited zero-day. 🔗paloaltonetworks.com/blog/2024

Palo Alto Networks Blog · More on the PAN-OS CVE-2024-3400By Chandan B.N.
#CVE_2024_3400#PaloAltoNetworks#zeroday
Continued thread
*
Not Simon

Zscaler observed exploitation of the Palo Alto Networks PAN-OS command injection zero-day vulnerability CVE-2024-3400 following the release of the PoC exploit code. Zscaler provides an attack flow diagram, and a technical analysis of the Upstyle backdoor and its layers. IOC provided. 🔗 zscaler.com/blogs/security-res

www.zscaler.comA Look at CVE-2024-3400 Activity and Upstyle Backdoor Technical AnalysisDelve into CVE-2024-3400, a zero-day command-injection flaw in PAN-OS. Uncover exploitation trends in Zscaler's intelligence network and a Python-based backdoor
#CVE_2024_3400#PaloAltoNetworks#zeroday
Continued thread
Not Simon

In case you missed it, Palo Alto Networks updated their security advisory in terms of product and mitigation guidance, exploit status, and PAN-OS fix availability: 🔗 security.paloaltonetworks.com/

  • Exploitation status: Proof of concepts for this vulnerability have been publicly disclosed by third parties.
  • Workarounds and mitigations: In earlier versions of this advisory, disabling device telemetry was listed as a secondary mitigation action. Disabling device telemetry is no longer an effective mitigation. Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.
  • Solution:
    • - 10.2.6-h3 (Released 4/16/24)
    • - 11.0.3-h10 (Released 4/16/24)
    • - 11.0.2-h4 (Released 4/16/24)
    • - 11.1.0-h3 (Released 4/16/24)
Palo Alto Networks Product Security Assurance · CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtectA command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurat...
#CVE_2024_3400#PaloAltoNetworks#zeroday
TrendingLive feeds
About