- Password Manager: Tavis Ormandy's opinion on Password Managers, also fatal flaws in deterministic password managers. How did LastPass master passwords get compromised, how their source code was stolen, how password vaults were obtained and even a year after the disastrous breach, LastPass has not improved. Bitwarden design flaw: Server side iterations. (In)Security of the Unix "Pass" password manager. KeePass's InSecurity against local attackers, A Case Study in Attacking KeePass Part 1, 2
- Networking 101 YouTube
- The Six Dumbest Ideas in Computer Security
- How to test your DNS (security & privacy)
- How to test website (security, privacy & cookies)
- How to test your eMail provider (security & privacy)
- Why the FBI can’t get your browsing history from Apple iCloud (and other scary stories)
- Why GPG/ (Open-)PGP isn't recommend and what the numerous problems are
- Check if your email/ phone number or password is in a data breach
- Understand the security risks of permissions for browser extensions and why even manifest v3 does not protect you sufficiently against abusing
- Some examples why browser extensions are bad - since at least 2015 until today - even big ones like Skype or Adobe and how they make your fingerprint unique or bypass your 2FA and Chrome extensions can steal your passwords from websites
- read what countless security experts and Washington Post have to say about linux insecurity/ Security Circus, hacks, dangerous configurations and All vendor kernels are plagued with security vulnerabilities (encryption is also broken)
- Some Thoughts about the NSO Group's Pegasus
- An Antivirus does not improve your security and even collect and sell your data
- Enumerating badness
- (Electron; nodejs) Applications that run Chromium without the Sandbox
- test your ISP (Internet Service Provider) Border Gateway Protocol (BGP) security
- Stop using (encrypted) Email
- FLOSS doesn't imply security
- Email Security Pitfalls
- End-to-End Encryption in Web Apps
- Docker - the security nightmare of dependencies and hidden place for malware, exposed secrets and private keys and also with "Hub" a place for millions of malicious repositories
- SIM Card Hijacking: How it works and what you can do about it
- SS7 Attacks: Intercepting SMS and calls as easy as ABC
- Messenger (problems): Whatsapp's Backups, Signal's Sealed Sender, Telegram's Cryptanalysis and very old InSecurity, Three Lessons from Threema, Converso - how to uncover extraordinary claims, Tox handshake vulnerablity
- Browser Insecurity: Pale Moon, ungoogled-Chromium, Brave
- SMS phishing is way too easy
- Why you shouldn't use VPN services with their leaks. If needed, use MPRs
- avoid Electron based programs
- Matrix InSecurity, concerns and big potential metadata issues
- Phishing with Chromium's Application Mode
- Browser in the Browser (BITB) Attack
- Chrome Browser Exploitation Part 1
- graphics about PassKeys in detail and an overview of supporting websites
- What happens when you swipe a credit card and what are the differences
- What are the differences between bare metal, virtual machines, and containers
- HTTP/1 to HTTP/2 to HTTP/3 - a Deep Dive
- The Rising Threat to Consumer Data in the Cloud
- Common pitfalls of breaking up HTTPS connections
- (Motherboard vendor) MSI's (in)Secure Boot
- "Sign in with" Apple
- Building a Trusted Ecosystem for Millions of Apps
- Protecting Chrome Traffic with Hybrid Kyber KEM
- fail2ban sucks
- iMessage with PQ3 post-quantum cryptographic protocol - external security review 1, 2
- Security problems with Routers like from Netgear
- how Apple handle the Digital Markets Act
- Breaking the DECT Standard Cipher with Lower Time Cost
- IoT Device Security Specification 1.0
- Cloud InSecurity: Nextcloud E2EE broken
- About Apple threat notifications and protecting against mercenary spyware
- WiFi - The SSID Confusion Attack
- Leveraging DNS Tunneling for Tracking and Scanning