Security
Posts tagged with Security.
14 Jun 2025
Building My Own Sovereign RAG for Secure Code Analysis
Lately, I’ve been taking a closer look at some code analysis tools that claim to detect security vulnerabilities in software projects. The idea itself is solid. I got one of these tools recommended to me and decided to dig deeper to see what’s really behind these solutions.
Pretty quickly I noticed a pattern: these platforms are far from cheap. Some offer limited free plans, but we all know how this game works. When something that good is offered for “free”, the real price usually comes from somewhere else — data collection, vendor lock-in, black-box models processing your code in someone else’s cloud. And since I’ve been deeply studying AI lately, especially Retrieval-Augmented Generation (RAG), the question came naturally: why not build my own pipeline, fully local, sovereign, using open-source tools, running on my own machine, and depending on no one?
20 May 2025
Ran my site through MDN’s security scanner and kept tweaking until I hit 120/100 (A+).
Checked the scan history and the very first one, back in 2018, scored 20/100 (F).
Always improving.
10 May 2025
An open-source project called Deep-Live-Cam is gaining traction on GitHub — and for good reason.
With just a single still image, it can mimic anyone’s face in a live video call. In real-time. Running locally. No cloud required.
The implication is clear: you can no longer trust a video call at face value.
So here’s the question: how do we verify identity in a world where faces can be forged on demand?
27 Apr 2025
Why You Should Start Using GPG Now
If you’re not using GPG to sign or encrypt your files and messages yet, it’s time to reconsider. It’s not just about looking like a 90s movie hacker — it’s about protecting your communication and digital identity in an increasingly hostile world.
🔐 What is GPG?
GPG (GNU Privacy Guard) is a free implementation of the OpenPGP standard. It allows you to create cryptographic key pairs to digitally sign files and messages, as well as encrypt them to ensure confidentiality. It’s an essential tool for anyone serious about digital security.
13 Oct 2024
Yesterday, I published a blog post introducing my new open-source project, ShadowData.
This post is just to inform anyone interested that I have made some updates today.
New Features Added to the Project:
- Email address anonymization
- Phone number anonymization
- Symmetric cryptography for encryption and decryption
- Minor improvements to tests and code quality
You can look the code at the Github repository.
See you.
12 Oct 2024
I am deeply concerned about how to handle sensitive data in the projects I work on. Nowadays, there are laws in various countries addressing this issue, and the topic becomes increasingly important as time goes on.
Therefore, I decided to create a Python library that can help me deal with scenarios where it is necessary to process data to prevent any individual from being identified if the information is accessed. The library also handles data transformations, encryption, and the detection of sensitive personal data.
05 Jun 2024
Setting up sudo for use with Touch ID on macOS Sonoma in just a few steps is very easy.
Locate the file /etc/pam.d/sudo_local.template and make a copy as shown in the example below:
sudo cp /etc/pam.d/sudo_local.template /etc/pam.d/sudo_local
Then edit the file and remove the # character from the beginning of line 3, it should look like this:
# sudo_local: local config file which survives system update and is included for sudo
# uncomment following line to enable Touch ID for sudo
auth sufficient pam_tid.so
Detailed Steps to Edit the File
To edit the file, use a text editor like nano or vim. For example, with nano: