"Do the easy boring job regularly, instead of the hard scary job in a panic."
"How clicking a link can give away your precise location"
"... bought the domain name used in the NS delegations for the ccTLD of the Democratic Republic of Congo (.cd) and temporarily took over 50% of all DNS traffic for the TLD ..."
"A Glossary of Blind SSRF Chains"
ProTip: Remember to check your URLs for "utm_*" parameters
E.G. If I see:
"?utm_source=reddit.com" at the end of the URL you shared, I know you got it from Reddit
Or "utm_campaign=newsletter0120" tells me you probably copied it from an email sent in January of last year
These are never needed to actually reach the page you're sharing. They're just for analytics (UTM tracking modules) and will reveal where you get your information (to us and the site), which may cause privacy issues
"If a discussion will matter after today, don’t have it in a chat room. "
"Understanding systemd-resolved, Split DNS, and VPN Configuration"
"To summarize, the maintainer recently updated their chrome store package. The update raised red flags for some users, because the changelog was not modified and there was no tag created in GitHub. On investigation, it appeared that the extension was now connecting to various third-party servers, and executing code from them."
"Comparing the Github and Gitlab pull request workflow to the Git built-in email workflow."
Strong encryption is key to digital privacy and free speech, yet governments are eager to access your devices and communications instead of securing them. Technologist Bruce Schneier breaks down the new Crypto Wars in our first EFF30 Fireside Chat. https://www.eff.org/deeplinks/2020/12/eff-30-saving-encryption-cryptographer-bruce-schneier
"Types of dark pattern"
"Build a Tiny Certificate Authority For Your Homelab"
More Xmas presents from KDE: Say hello to NeoChat, the new instant messaging app for the Matrix network. Find out how it works on mobile and desktops, learn about its cool features and how you can contribute to its success in the launch announcement.
This is an excellent and accessible read on implementing end-to-end encryption for developers.
"Yes, we run workloads that your nephew can run on his Raspberry Pi 4, but this is the future of enterprise."
"This means that passwords that result in hashes that, for instance, don’t contain bytes between 0x00 and 0x3B match every other password hash that don’t contain them. Passing this check means an attacker doesn’t need a byte-for-byte match with the stored hash value,"
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
[Header photo by Colin Watts, source Unsplash]
This is a personal and private instance.