Episode #2022-01

Posted on
azure brave cache pki tplink wiz

TP-Link was setting up hidden networks and thinking that was a good idea. 1

Same-origin may not be sufficient for privacy protection, and Brave browser is introducing partitioning in various kinds of web components. 2

Wiz found that Azure App service pushes .git directory to public, and then use a blacklist that only works with IIS to stop serving it. 3

Emily Stark discussed the limitations of PKI and what are the viable alternatives. 4

A large number of cache poisoning in popular websites were revealed. 5

1. Hidden Networks in TP-Link Routers (jahed.dev)

See also:

2. Partitioning Network-State for Privacy (brave.com)

See also:

3. NotLegit: Azure App Service vulnerability exposed hundreds of source code repositories (www.wiz.io)

See also:

4. When a web PKI certificate won’t cut it (emilymstark.com)

See also:

5. Cache Poisoning at Scale (youst.in)

See also: