Collaborate Disseminate
Suppose I am using a web browser to look at example.com. Now, from the same web browser tab, I enter example.org in the address bar and go to that completely different website operated by another entity.
Does example.org know that the prev… Continue reading Do websites know which previous website I visited?
Suppose there are three computers: (1) my laptop, (2) a server that has a public static IP address, and (3) a Raspberry Pi behind a NAT. I connect from (1) to (3) via (2) as explained below.
On the server (2), I add GatewayPorts yes to /et… Continue reading SSH reverse tunnels: can the intermediate server eavesdrop on an SSH session?
I have just extended the expiry date of my GPG key by following these instructions: Can you extend the expiration date of an already expired GPG key? I have previously backed-up my key. Do I need to backup again after extending its expiry … Continue reading Do I need to backup my GPG key again after extending its expiry date?
Today I received an email from a person in "critical health condition" who wants to give me about $10 million. It is clearly some kind of scam. What should I do with the email besides not replying? Is there an organization I can … Continue reading Whom should I report spam emails to?
SRP (secure remote password) needs an exchange of hash signatures to verify that both parties have the same shared key (RFC2945):
At this point, the client and server should have a common session key
that is secure (i.e. not known… Continue reading SRP confirmation of shared keys
In comparison to keyloggers, mouse recorders do not seem to be able to obtain much sensitive information. For example, passwords, credit card numbers, email addresses, names, passport numbers, etc. can be obtained using keyloggers. But wha… Continue reading What information can mouse recorders get?
Suppose I have a user account on a remote server run by a friend.
I create a SOCKS tunnel on my computer that forwards connections from a local port to the remote server: ssh -N -D 12345 john@10.1.1.5 (i.e. all local connections to localh… Continue reading What are the security implications of connecting to Tor through an SSH SOCKS proxy?
I have established an SSH tunnel to an untrusted machine:
ssh -N -D 12345 john@example.com
Next, I set up Firefox’s connection settings to use the SSH tunnel by setting the SOCKS host to 127.0.0.1, and the SOCKS port to 12… Continue reading Is it safe to browse the web through an SSH SOCKS5 connection to an untrusted proxy?