Okay, so I caught COVID a week ago, so I’m confined to quarters until I stop testing positive. This is fine. Except that the stateroom is a pretty effective Faraday cage and I can’t get online much. Tired of watching BBC adverts for BBC shows, and tired of playing video games, I started poking deeperContinue reading “Khaaaaaaaaan!”
Category Archives: security
Put a Computer In It, Part…A Jillion
Got an email just now, from the marketing department of a company that makes some server software that I occasionally use. The notification of new email popped up on my screen, with a snippet of the body saying that cyberattacks are increasing in sophistication and volume, so I should…presumably, the rest of the email wasContinue reading “Put a Computer In It, Part…A Jillion”
Haxor to the Maxor
Today’s entry in the “put a computer on it” dopeslap file comes from Ars Technica. Turns out that ancient IoT devices are actually a giant security risk. If only someone had pointed this out at some time… Okay, so, maybe sticking the Internet into everything isn’t such a great idea? Maybe? Imagine a world whereContinue reading “Haxor to the Maxor”
Capture *This*
You know what’s dumb? Putting a “Prove you aren’t a robot” widget on your invoice payment flow. Imagine for a moment that you’re a service provider and you’ve done some work for someone. You send them an invoice, and now they want to pay you some money. With me on this hypothetical journey? Good. Now.Continue reading “Capture *This*”
Put a Bird on It
I have been nerdsniped by the dratted Russian hackers. Those darned “hackers”, causing trouble and getting people all excited about security. So now I’ve got to deal with thoughts and suggestions in my peripheral awareness, and remind myself that I’ve already done the work of threat modeling and risk analysis for my data and forContinue reading “Put a Bird on It”
VPN, part 2
Well, the configuration I’d put together before turned out not to work when I was at a hotel and trying it out. I got distracted and didn’t do anything about it for a while, but today I had some time and I started digging around. Guess what? Someone solved this problem ages ago and someoneContinue reading “VPN, part 2”
So, VPN
A couple weeks ago I read an article about a guy who set up a caching DNS server for his home network on a Raspberry Pi. The main thrust of the article was, “Hey, checkitout, Cloudflare has a public DNS at 1.1.1.1 and they pinky-swear promise not to write down what IP address originated theContinue reading “So, VPN”
Stupid Email Tricks
I’ve been working on adding play-by-email support to my turn-based game server. The first problem I hit was that the PGP signatures on the server’s messages were invalid when I checked them on my email client. This led to lots of debugging and unit tests in my crypto utility. That’s not really wasted effort, butContinue reading “Stupid Email Tricks”
Once Again, Most Documentation Sucks
I have been having fun, recently, programming a couple of services that run in Google’s App Engine. One thing they do is maintain some data in that cloud’s version of a database, so one of the important aspects of the services is controlling just who, exactly, is allowed to see or modify the data. I’veContinue reading “Once Again, Most Documentation Sucks”
Why Crypto?
I know a few people who are concerned about their online privacy, but who don’t have a good handle on what to do about it. There is always some story about some company leaking private data, or some government spying on people, or some “hackers” stealing information for nefarious purposes. So people are worried, butContinue reading “Why Crypto?”