threatbus
TextSecure
threatbus | TextSecure | |
---|---|---|
4 | 985 | |
254 | 24,915 | |
0.0% | 0.4% | |
0.0 | 9.9 | |
about 1 year ago | 4 days ago | |
Python | Java | |
BSD 3-clause "New" or "Revised" License | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
threatbus
-
Ask HN: Who is hiring? (September 2021)
Tenzir | C++, ReasonML, Rust, Python | Hamburg, Germany or Remote (EU timezones) | Open-source | Full-time | https://tenzir.com
Tenzir is an early-stage startup that builds a next generation data-plane for modern Security Operations Centers. It is our mission to help defenders pull ahead by integrating widely used open source tools and building solutions that reduce the time to detect attacks and help with post-mortem investigations. To that end, we develop the high-performance C++ database [VAST](https://github.com/tenzir/vast) with a ReasonML-based frontend that is served by a Rust API. We also develop [Threat Bus](https://github.com/tenzir/threatbus), a dissemination layer for threat intelligence, which orchestrates detection and response products in a publish/subscribe architecture.
We're currently hiring for
-
Ask HN: Who is hiring? (July 2021)
Tenzir | Hamburg, Germany| DevOps Platform Engineer | FULL-TIME | REMOTE | €70-80k | https://tenzir.com
Tenzir is seeking an experienced and passionate DevOps / Platform engineer who enjoys bringing open-core security technology into production deployment shape. We cultivate a UNIX-centric mindset: security operators use our high-performance C++ database VAST (https://github.com/tenzir/vast) to hunt in telemetry data, either via the CLI or our ReasonML-based frontend getting its data through a Rust API.
We also develop Threat Bus (https://github.com/tenzir/threatbus), a messaging layer for federating security content.
=== Role & Responsibilities ===
- Improve our CI/CD pipelines for continuous releases with GitHub Actions to build projects of different languages on various platforms and to automate unit and integration testing.
- Automate continuous deployment strategies in different environments, for our own staging and production clusters, but also on-prem (appliances) or with different cloud providers.
- Implement a reliable backend infrastructure for appliance and fleet management, configuration management and multi-layer VPNs.
- Write integrations with other tools from the (security) ecosystem to support a wider range of data formats.
- Be responsible for entire infrastructure segments, from whiteboard design to implementation and automation for production systems.
=== Interview Process ===
1. Fill out the application form at https://tenzir.com/career/devops-platform-engineer/
2. Phone call to get to know each other and identify potential roadblocks (30min)
3. Technical interview(s) (1-2h)
---
If you are interested in cutting-edge C++ freelance work, or look for a local sysadmin position, please reach out directly to us at [email protected].
-
Ask HN: Who is hiring? (April 2021)
Tenzir | DevOps Platform Engineer | FULL-TIME | €70k | Hamburg, Germany | http://tenzir.com
Tenzir is seeking an experienced and passionate DevOps / Platform engineer who enjoys bringing open-core security technology into production deployment shape. We cultivate a UNIX-centric mindset: security operators use our high-performance C++ database VAST (https://github.com/tenzir/vast) to hunt in telemetry data, either via the CLI our our ReasonML-based frontend getting its data through a Rust API. We also develop Threat Bus (https://github.com/tenzir/threatbus), a dissemination layer for threat intelligence, which orchestrates detection and response.
=== Role & Responsibilities ===
As a key contributor to our infrastructure, you will improve and automate critical processes for building, packaging, and deploying our technology in test and production environments. Concretely:
-
[Hiring] Senior DevOps Platform Engineer | Cyber Security | +/-3h from Germany
Tenzir is seeking an experienced and passionate DevOps / Platform engineer who enjoys bringing open-core security technology into production deployment shape. We cultivate a UNIX-centric mindset: security operators use our high-performance C++ database VAST to hunt in telemetry data, either via the CLI our our ReasonML-based frontend getting its data through a Rust API. We also develop Threat Bus, a dissemination layer for threat intelligence, which orchestrates detection and response.
TextSecure
-
The xz sshd backdoor rabbithole goes quite a bit deeper
Moxie's reasons for disallowing Signal distribution via F-droid always rang a little flat to me ( https://github.com/signalapp/Signal-Android/issues/127 ). Lots of chatter about the supposedly superior security model of Google Play Store, and as a result fewer eyes independently building and testing the Signal code base. Everyone is entitled to their opinions, but independent and reproducible builds seem like a net positive for everyone. Always struggled to understand releasing code as open source without taking advantage of the community's willingness to build and test. Looking at it in a new light after the XZ backdoor, and Jia Tan's interactions with other FOSS folk.
- WhatsApp forces Pegasus spyware maker to share its secret code
-
Signal: Keep your phone number private with Signal usernames
Signal has documentation on how to reproduce their Play Store builds and compare them with what you've installed locally:
https://github.com/signalapp/Signal-Android/blob/main/reprod...
-
Signal v7.0.0 with phone number privacy
There's nothing on Signal blog as of yet, but Signal's git repository was tagged with v7.0.0 yesterday and we can see from the commit history since the previously tagged version (v6.74.4) that there will be a setting to hide one's phone number [1], as well as disabling the previous default behavior of advertising that one is on Signal to all their contacts already using it [2].
[1] https://github.com/signalapp/Signal-Android/commit/8797236b5... (PNP stands for "Phone Number Privacy")
[2] https://github.com/signalapp/Signal-Android/commit/6097e6c30...
-
What are you shocked people are still doing nowadays?
Signal works the same but without the user tracking from Meta/Facebook. Many people use it as well but I'm surprised that a majority sticks to WhatsApp.
-
Apple has seemingly found a way to block Android’s new iMessage app
Telegram and Signal solve this.
-
Apple Just Confirmed Governments Are Spying on People’s Phones With Push Notifications
Sadly yes: Looks like an open issue 13290 for Signal, sounds like they were/are indeed still interacting through google's push notification service, wat, and per a link at that issue it was a chore for Tutanota to break away once they realised it was a problem some years ago (though at least they thought about it years ago? wtf Signal...)
-
Building end-to-end security for Messenger – Engineering at Meta
Here is one: https://github.com/signalapp/Signal-Android/tree/main/reprod...
- Are Signal Notifications Encrypted ?
-
Facebook & Messenger finally get end-to-end encryption
Rule 1: Posts to r/signal must relate to Signal.
What are some alternatives?
Grafana - The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
undiscord - Undiscord - Delete all messages in a Discord server / channel or DM (Easy and fast) Bulk delete
StratosphereLinuxIPS - Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
Signal-TLS-Proxy
misp-galaxy - Clusters and elements to attach to MISP events or attributes (like threat actors)
duckduckgo-locales - Translation files for <a href="https://duckduckgo.com"> </a>
gnomad-browser - Explore gnomAD datasets on the web
session-desktop - Session Desktop - Onion routing based messenger
tenzir - Open source security data pipelines.
MaterialAudiobookPlayer - Minimalistic audiobook player
misp-wireshark - Lua plugin to extract data from Wireshark and convert it into MISP format
Signal-Android - Patches to Signal for Android removing dependencies on closed-source Google Mobile Services and Firebase libraries. In branches whose names include "-FOSS". Uses new "foss" or "gms" flavor dimension: build with "./gradlew assemblePlayFossProdRelease".