I have always seen the benefits of the cloud. Having your data readily available wherever you are in the world, is extremely convenient. Similarly I’ve always been wary of the cloud. Putting your data in the hands of private businesses for free? There has to be a catch, right? And there is: they use it for profiling, data mining and training their AI all while allowing various government agencies access to this information. The answer to my worries is Nextcloud, a secure and private cloud platform. Nextcloud does pretty much everything I want but there’s one thing I am missing. Where is the Nextcloud assistant?Continue reading “Where is the Nextcloud assistant?”
Top 10 signs you work in IT security
The following is just a top 10 list of signs you work in IT security. It’s intended to be funny, not be used as guidelines for actual IT security.
I run my weblog on my server, both out of hobby and because it gives me complete control over the underlying operating system, available software and security mechanisms. As a result, I see all that goes on with this machine, both good and bad.
Certain factions within the US Congress and the FBI are insisting on the government requiring US technology companies to grant the government special access to devices and cryptographic measures. In essence, they are asking for US technology to be insecure by design.
Adding a backdoor for US government agencies is possible but there are serious implications for the future.
While there are plenty of good (and not so good) anti-spam solutions available, most of them cost a bit of money in terms of purchasing and licensing fees. Even without a dedicated appliance, there are several ways you can harden the Postfix MTA against spam and other internet nasties. In this article, we’re going to look at some ways of hardening postfix that I’ve found effective. Continue reading “Hardening Postfix”
If you have any kind of system connected to the Internet, you are no doubt aware that no matter how small or unimportant it might seem, it is frequently probed, tested or subject to various attempts at abuse. These attacks come from so many malicious hosts that it is impossible to keep track by hand. So I started looking for a way to implement an automated blacklist to use with iptables. Continue reading “Using blacklists with iptables”