Internet Discoveries between 28 July and 4 August

  • All I Know About Certificates – Certificate Authority
  • Cyber ransom payments will need to be disclosed by businesses under new laws
  • ACCC shifts support for broadband tax on 4G and 5G fixed wireless
  • DigiCert Revocation Incident (CNAME-Based Domain Validation)
  • Introducing Artifact Attestations–now in public beta
  • NIST releases open-source platform for AI safety testing
  • Highlights from Git 2.46
  • ssoready/ssoready
  • Our audit of Homebrew
  • Free Shadow IT Scanner
  • Artifact Attestations is generally available
  • Announcing Flux: The Next Leap in Text-to-Image Models
  • IPv4 Turf War
  • OpenAI’s Sam Altman is becoming one of the most powerful people on Earth. We should be very afraid

Interesting details

All I Know About Certificates – Certificate Authority - One of the crucial steps in the TLS handshake is for the server to prove its identity to the client. While there is plenty of content explaining the principles of the handshake, there’s less information about certificates, which are a critical component of TLS/SSL.

Cyber ransom payments will need to be disclosed by businesses under new laws - The Cyber Security Act would force businesses to disclose when they pay ransom to a hacker, and prevent the information from being passed on to regulators. The proposal is designed to lift the lid on a flourishing practice of secret payments, which in turn fuel further ransomware attacks.

ACCC shifts support for broadband tax on 4G and 5G fixed wireless - The ACCC has made a case for the ‘broadband tax’ on NBN-equivalent services to be expanded to 4G and 5G fixed wireless, after years of resistance to lobbying by NBN Co.

DigiCert Revocation Incident (CNAME-Based Domain Validation) - Browsers require Certificate Authorities to verify each domain included in a TLS certificate request before issuing a certificate. One of the allowed methods of DCV is called “Method 7” or “DNS-based verification”.

Introducing Artifact Attestations–now in public beta - June 25, 2024 update: Artifact Attestations is now generally available! Get started today. There’s an increasing need across enterprises and the open source ecosystem to have a verifiable way to link software artifacts back to their source code and build instructions.

NIST releases open-source platform for AI safety testing - The National Institute of Standards and Technology (NIST) released a new open-source software tool for testing the resilience of machine learning (ML) models to various types of attacks.

Highlights from Git 2.46 - The open source Git project just released Git 2.46 with features and bug fixes from over 96 contributors, 31 of them new. We last caught up with you on the latest in Git back when 2.45 was released.

ssoready/ssoready - We’re building dev tools for implementing Enterprise SSO. You can use SSOReady to add SAML support to your product this afternoon, for free, forever. You can think of us as an open source alternative to products like Auth0 or WorkOS. For full documentation, check out https://ssoready.com/docs.

Our audit of Homebrew - This is a joint post with the Homebrew maintainers; read their announcement here! Last summer, we performed an audit of Homebrew.

Free Shadow IT Scanner - An identity governance and administration tool.

Artifact Attestations is generally available - We’re thrilled to announce the general availability of GitHub Artifact Attestations! Artifact Attestations allow you to guarantee the integrity of artifacts built inside GitHub Actions by creating and verifying signed attestations.

Announcing Flux: The Next Leap in Text-to-Image Models - We are excited to introduce Flux, the largest SOTA open source text-to-image model to date, brought to you by Black Forest Labs—the original team behind Stable Diffusion.

IPv4 Turf War - Claim The Land At Your IP (What is this?) Top Players Loading top players… All /8 Address Blocks Loading…

OpenAI’s Sam Altman is becoming one of the most powerful people on Earth. We should be very afraid - On 16 May 2023, Sam Altman, OpenAI’s charming, softly spoken, eternally optimistic billionaire CEO, and I stood in front of the US Senate judiciary subcommittee meeting on AI oversight. We were in Washington DC, and it was at the height of AI mania. Altman, then 38, was the poster boy for it all.

All this was saved to my GetPocket over the week