Comment by sashyo
2 months ago
I work at a small security startup on a project im pretty passionate about.
We are building open source tools to reduce how much sensitive stuff and power apps keep in one place.
One project is TideCloak, a Keycloak fork that keeps the familiar dx but changes the security model underneath: https://tide.org/tidecloak
Another is KeyleSSH, a keyless SSH/PAM prototype where there is no private key file sitting around as one thing to steal: https://github.com/sashyo/keylessh
Most of what I'm thinking about now is dx. Security tools dont matter much if normal devs cant understand, debug, or actually want to use them.
No comments yet
Contribute on Hacker News ↗