Open Security News week 13-2022

Cyber security is a process, not a destination to arrive at. Designing a cyber security architecture for your use case is the process of choosing between “less safe” and “more safe” and continuing this process until you reach “safe enough” for the information you want to protect.

1 If you’re not using SSH certificates you’re doing SSH wrong

SSH is great and a must use for unix system administration. But using SSH is as with any tool no guaranty for ultimate security. Reading this blog made me think: Should I write better SSH tutorial? Maybe in future, but know that the best guide for doing SSH correct is still using the great ssh man pages!


2 Implementing a toy version of TLS 1.3

Anyone who claims to fully understand TLS 1.3 and PKI should not be trusted. Real experts know that the complexity of programming, cryptography, PKI and tcp requires multiple subject matter experts that can really cooperate. TLS 1.3 is constantly evolving. This blog touches some aspects when playing with TLS 1.3.


3 Using a laptop, encryption code designed to prevent a quantum attack was cracked

Security in an age when quantum computing is about to explode is one of the major concerns for all of the protection systems the world over.


4 Germany’s Cybersecurity Architecture

This is a must read if you want detailed and complete information on Germans Security. The overview page is nice and clickable. The report (I read the English version) is great with many nice resources included. A country’s cybersecurity architecture includes all actors, government agencies, platforms, organizations, that are part of the ecosystem.


5 Enarx

Enarx is a project to follow since it is partly on WebAssembly. In this blog a good overview on why Enarx is important. Of course the reference to the project is included in the Security Reference Architecture.


6 Free Cybersecurity Services and Tools

ISA has compiled a list of free cybersecurity tools and services to help organizations further advance their security capabilities. This living repository includes cybersecurity services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community.


7 Quantum Computing and the Future Internet

One of the biggest concerns among cybersecurity professionals these days is the hype around quantum computing, its incomprehensible power, and its implications. This article discusses quantum computing key concepts, with a special focus on quantum Internet, quantum key distribution, and related challenges.
(arXiv Link)

8 Which programming languages do hackers use?

There are numerous articles about the programming languages most commonly used by hackers. Among them, however, there are hardly any scientific studies.
(arXiv Link)

Our Partners:


The Open Security newsletter is an overview of cyber security news with a core focus on openness. Pointing out what went wrong after a cyber security breach is easy. Designing good and simple measurements is hard. So join the open Security Reference Architecture collaboration project to create better solutions together. Or become a partner to support this project. Use our RSS or ATOM feed to follow Open Security News.