If you read my previous blog post about an undocumented ProtonMail feature, and how I've been receiving spam, well, then you know that I've been receiving spam from the same attacker. The spammers are including a nefarious link, as one would expect. But here's the interesting part: They're using the [...]
A serious security hole that is actively being exploited puts your Windows machines at risk. A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then [...]
Background Some time ago, at the end of last year or so, I did set up a Minecraft server at home. It's public, in the sense that anyone can join, but it's not listed anywhere other than on its small website. So, for now it's used by friends only. But [...]
In this guide I will show you a possible fix for Windows not detecting your YubiKey. I was using Windows on my laptop, when I required to set up GPG so that I can SSH to a server, using my YubiKey. I did set up GPG4Win as I usually would, [...]
I am writing this post because Thunderbird 78.x has issues for advanced PGP users
I met someone through this very blog. We have been emailing back and forth, and eventually the question arised why I'm so interested in IT security. My response was, that there's no particular reason and I guess it's just "obvious" to me. To which he replied seemingly perplexed, that I [...]
Not really, or at least that's not the goal. Let me explain. So, people have been posting about the new macOS update being evil and sending an application hash to Apple before allowing you to open the application (unless you're offline, then it will just open the application). This sounded [...]
I had some thoughts about password hashing and password strength, and would like to share those with you. First we'll look into hashing and then into the topic of commonly used passwords, password strength, and possible ways to enforce strong passwords.
Today we'll set up a DoH forwarder which will act as DNS server that will accept queries and forward them to a DNS over HTTPS provider of your choosing. This is useful when you want to run a local forwarder so that your ISP or attackers cannot spy on- or [...]
You might have encountered websites with a pretty onion address that contains a human-readable prefix. I will show you how to get a custom onion address, using your GPU! Whats an onion address? An onion address can only be reached through Tor. It's like a domain name but which ends [...]