Maybe a way out of the supply chain attacks? Will take time and adoption of course.

That shows one of the issues of the kind of centralization IoT as currently done pushes for. Breach in one company? Plenty more people impacted...

Best part of the article is probably the stated motives:
"Kottmann said their reasons for hacking are “lots of curiosity, fighting for freedom of information and against intellectual property, a huge dose of anti-capitalism, a hint of anarchism -- and it’s also just too much fun not to do it.”"

Now that looks like a very fun decide for hackers. I definitely want one. :-)

A nice list of easy mistakes one can make in their Nginx configuration opening the door to security issues.

Nice and very approachable introduction to the use of elliptic curves for cryptography. I think I finally understood properly how those work. :-)

Very interesting new supply chain attack. Shows one of the big downsides of the very convenient packaging tools everyone uses lately. Interestingly in that particular case it seems less risky only with the publicly available components, it's in the context of private repositories that the risk arises. Root cause seems to be the lack of control on how those tools resolve between private and public repositories.