Article 0
The top recommendation to move from #Substack seems to be @buttondown. Can anyone recommend any Buttondown sites that are doing good things and have great styling (I believe this is a feature)?Securing...
View ArticleArticle 0
Working on a new package aimed at making secure randomness a bit easier for folks who don't know how to implement some of the common use cases, such as OTPs, passwords with complexity rules, etc. Still...
View ArticleArticle 1
@eurosat7 Saw your deleted(?) reply to Random about the character sets for password generation.You're 100% right, it's ugly as hell!Your comment made me reconsider how I was going about it, and I've...
View ArticleArticle 0
The base set of functions in Random is complete, with (hopefully) comprehensive tests. Testing randomness is hard, but I've tried to make them logical and check the basics. 🤞Next up: custom Randomizer...
View ArticleArticle 0
Just tagged v0.1 of Random! 🎉All the initial features I wanted to include are there, so it's time! I'm really happy with how it's come together to wrap some complexity inside a simple API.Let me know...
View ArticleArticle 2
It's always exciting when the first full practice run of a new conference talk hits the time perfectly. Especially when it's a 10 minute lightning talk! 😎
View ArticleArticle 1
Introducing Random! 🤓Generate cryptographically secure random values for a range of common use cases.All the details: https://securinglaravel.com/p/in-depth-introducing-random
View ArticleArticle 0
Loving the fact Random has been out for only a few days and it's already had 3 new contributors and 6 PRs! 🥰It's great to see folks are interested in simple security packages that just do one thing well.
View ArticleArticle 1
Security is all about adding layers of defence. If you're using encrypted model casts in Laravel, it's a good idea to define a custom encryption key for model casts, so one key being compromised...
View ArticleArticle 0
Ever wondered how Laravel's encryption system works?I wrote an In Depth a few years ago that explains how it all works, and how you can use it in your own...
View ArticleArticle 0
Let's solve XSS with a bit of CSS! 🤓Next time you think about reaching for nl2br(), reach for a bit of CSS instead: `white-space: pre-line;`It'll do the same job without risking XSS sneaking...
View ArticleArticle 1
When writing Policies in Laravel, don't forget about Policies Filters! ⚠️Policy Filters let you run an authorisation check before every method within a Policy, which avoids repeated code, and...
View ArticleArticle 0
This time tomorrow, I'll be boarding a plane to Oslo for NDC Security! 🛫Leaving sunny warm Brisbane summer for Norway winter cold that I'm really not prepared for... I'm gonna freeze!! 🥶I'm only there...
View ArticleArticle 3
Laravel's config files are great, but don't forget to put sensitive values (i.e. secrets, passwords, tokens, etc) in your .env file!It sounds like such a simple thing, but it's so common that frequent...
View ArticleArticle 2
I forgot to get photos today (will try and get them tomorrow), but I'm finding it so weird that I can see the sunrise AND sunset from my hotel room window in Oslo... It's just weird having the sun...
View ArticleArticle 1
Rather than writing raw SQL queries and manually injecting parameters, get comfortable using Laravel's query builder and writing parameterised...
View ArticleArticle 0
Anyone know how to remove Paired devices from the @Windows Hello Passkey sign in dialog?I can't find anywhere in Settings where this is controlled, and the duplicated entry is really annoying.
View ArticleArticle 1
Two very different PRs for Laravel 11 submitted, I think it's time for bed! 😴Use HtmlString for Js::encode() 👇https://github.com/laravel/framework/pull/49641Use secure randomness in Arr::shuffle()...
View ArticleArticle 0
As promised, here is sunrise (@ 9:50am) AND sunset (@ 3pm) from my hotel room in Oslo... 🙃
View ArticleArticle 1
One of the first things I "fix" in a new Laravel project: SESSION_SECURE_COOKIE=trueSecure cookies are essential, so make sure they are...
View Article