Collaborate Disseminate
My project has a csp policy
Content-Security-Policy script-src ‘self’ ‘unsafe-inline’ https://*.mycompanycdn.com; report-uri mycompany.in/reportcsp
In the violation logs I found
with blocked-uri https://static.mycompanycdn.com/myscript…. Continue reading CSP blocking whitelist domains in web application
I have been using an rsyncd server for backups for what feels like a decade.
I saw that rsyncd has no transport encryption (not even for username and password).
I wonder what other security issues this software has?
Here is my config (/etc… Continue reading Is rsyncd secure? (except for the lack of transport encryption)
Quote from Hardware for Protecting Privacy and Security
Microphone Blocker
A microphone blocker is a device that prohibits audio hacking, in the form of a hardware accessory for a smartphones,
laptops etc. It functions as a dummy mic jack… Continue reading secure Microphone Blocker for Apple devices (macOS and iOS)
I am considering using OpenZFS on FreeBSD. I am not quite sure how secure native OpenZFS encryption is? If somebody steals my server and the disks, is he able to decrypt the files?
In a Discord room I found a possible answer:
Native ZFS e… Continue reading Is native OpenZFS (on FreeBSD) block-level encryption secure?
Since the early days of s3cmd I use it in combination with random generated filenames (uuidgen loop) and a complex passphrase (pwgen -n1 -c 32 -y). On security.stackexchange.com search there is only 1 result for s3cmd.
I use Amazon S3 (Gla… Continue reading Can’t Amazon see my files if I use s3cmd/gpg with a complex password?
I use an “anonymous” mail address (cock.li provider in my case). I have found that mainstream news sites in particular don’t send their newsletters to such an addresses. It looks like the domains blacklisted.
What is the reason? I can und… Continue reading Why certain sites don’t send newsletters to "anonymous" mail addresses?
Because privacytools.io recommends Joplin I am switching my notes to it. I add the text files to Git, and wonder if I can also use a public Repo and/or a cloud hosted Git server?
I will paste sensitive info like API tokens and passwords i… Continue reading Is the End-To-End Encryption (E2EE) of Joplin (notes app) secure enough for public Git repo?
Quote from Challenge Bypass Extension
The Privacy Pass extension implements the Privacy Pass protocol for
providing a private authentication mechanism during web browsing.
Privacy Pass is currently supported by Cloudf… Continue reading Can I trust Cloudflare’s Privacy Pass extension? Does it brings risks and side effects regarding privacy?
I use WireGuard on iOS and was wondering if there is a kill switch. Developers wrote very short:
It’s on by default.
Any details about that? I did not found anything in menu navigation (called different?). How to test i… Continue reading How to test WireGuard killswitch for iOS? More details about it? [on hold]
Soon FM radio will be switched-off in Europe. I wish to buy a DAB+ device and read in Wikipedia about it.
I really don’t understand what consumer privacy DAB+ offers me. Does the radio channel know that I am listening at 20:… Continue reading DAB+ (Digital audio broadcasting) privacy