Skip to content

Instantly share code, notes, and snippets.

View auxesis's full-sized avatar

Lindsay Holmwood auxesis

190 followers · 63 following
View GitHub Profile
@auxesis
auxesis / devops-talks-sydney-2023.markdown
Created April 19, 2023 12:21

DevOps and Data Security: where Aussie orgs are at

Optus. Medibank. Latitude. The last 12 months have seen a reckoning for data security in corporate Australia.

But are these examples really that out of step with how we actually do security in our own organisations (not just what we tell ourselves about how we do it)?

What do Australian organisations doing devops actually think about data security? Who do they think they are defending against? What steps are they taking to safeguard customer data?

This talk will explore two years of qualitative interviews with Australian organisations about how they think and act on data security.

@auxesis
auxesis / pg.rb
Created March 31, 2023 05:23
# -*- ruby -*-
# frozen_string_literal: true
# The top-level PG namespace.
module PG
major_minor = RUBY_VERSION[ /^(\d+\.\d+)/ ] or
raise "Oops, can't extract the major/minor version from #{RUBY_VERSION.dump}"
begin
@auxesis
auxesis / cipherstash-license.txt
Created December 1, 2022 04:14
CipherStash Client Library Licence Agreement
0. Background
This licence sets out the terms on which you are permitted to use client side
components of software provided by CipherStash to query encrypted databases
(CipherStash Client Software).The operation of the CipherStash Client Software
is dependent on encryption keys generated by server software operated or
licensed by CipherStash.
@auxesis
auxesis / gmail-housekeeping.js
Created October 16, 2022 23:14
//
// Housekeeping script to trim Gmail Inbox.
//
// Automatically archives threads in inbox older than n days.
// Useful for cleaning up threads I forget to archive.
//
// Requires authorization to run.
// Google will occasionally prompt to remove permissions, warning "this app has access to everything" and "it is not trusted".
// If you do remove the authorization, running the script here should prompt for re-authorization.
@auxesis
auxesis / active_stash.rake
Created August 23, 2022 01:51
# lib/tasks/active_stash.rake
def model_fields(model)
model.column_names
end
def models
Rails.application.eager_load!
ApplicationRecord.descendants
end
@auxesis
auxesis / apidays 2022 talk proposal.markdown
Created August 4, 2022 13:52

Your API ain't as secure as you think

Preparing for the next 5 years of threats, today

The Bad News:

Last year OWASP published a new top 10, with some surprising changes. Broken access control rocketed from #5 to #1, and cryptographic failures moved up from #3 to #2.

Data breaches are costing organisations more than ever. According to IBM, the average cost of a data breach has climbed 12.7% since 2020.

APIs are at the centre of many of these attacks. Either through misuse or exploitation by attackers.

@auxesis
auxesis / broadcast-meeting-status.sh
Last active April 26, 2022 05:33
#!/bin/sh
HOME_NETWORK_NAME="MI WIFI SU WIFI"
function currentWifiNetworkName() {
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -I | awk -F: '($1 ~ "^ *SSID$"){print $2}' | cut -c 2-
}
log stream --predicate 'subsystem contains "com.apple.UVCExtension" and composedMessage contains "Post PowerLog"' |
while read event; do
@auxesis
auxesis / nextjs.wardley
Last active December 20, 2021 12:20
https://onlinewardleymaps.com/
title Next.js on Vercel
anchor Customer [1.0, 0.75]
component Browser [0.9, 0.72]
component Next.js Frontend [0.79, 0.3] label [15, 5]
component Serverless Functions [0.4, 0.39] label [10, -25]
component Datahopper [0.3, 0.71] label [10, -25]
component Prisma [0.25, 0.75] label [20, -20]
component Postgres [0.15, 0.8]
@auxesis
auxesis / .vimrc
Last active November 1, 2021 00:47
" Much of this cribbed from https://github.com/JoshCheek/dotfiles/blob/908ad88eec6bbcc2bb64beba1b8b1a189dcb46a6/vimrc
"
" Load in plugins
execute pathogen#infect()
" ===== Smallest Viable Configuration =====
set nocompatible " Behave more usefully at the expense of backwards compatibility (this line comes first b/c it alters how the others work)
set encoding=utf-8 " Format of the text in our files (prob not necessary, but should prevent weird errors)
filetype plugin on " Load code that configures vim to work better with whatever we're editing
filetype indent on " Load code that lets vim know when to indent our cursor
@auxesis
auxesis / Article.markdown
Last active October 23, 2021 01:39

AirTree, Nexus back encrypted data storage platform CipherStash

Anthony Macdonald, Yolanda Redrup and Kanika Sood

Oct 22, 2021 – 1.03pm

Encrypted data storage technology start-up CipherStash has added AirTree Ventures and Nexus Venture Partners to its register in an oversubscribed seed round. The company, which raised $3.3 million, also scored the support of Linktree CTO Zak Islam, as well as Buildkite’s Keith Pitt.

CipherStash CEO and founder Dan Draper has raised $3.3 million.