Sheogorath 🦊 @sheogorath@shivering-isles.com

Want to tame Firefox and make sure it follows your organization's regulations?

Here is my little write up on how you can do this on Fedora:

https://shivering-isles.com/Manage-Firefox-on-Fedora

It'll explain how to generate a policy to enforce your DoH settings and also provide a very basic RPM spec file on how to deploy such a policy to your systems.

#Firefox #DoH #Fedora #Linux

Oh awesome, RedHat has open sourced quay!

https://www.redhat.com/en/blog/red-hat-introduces-open-source-project-quay-container-registry

This is awesome, because it comes along with a decent web UI and nice features like integrated container scanning and alike.

If you selfhost a container registry, it's definitely worth a look.

#RedHat #Quay #container #docker #linux

Credits go to @blacklight447 for pointing me to the article in my Matrix room.

You might don't want to stay around #Tutanota… I'm sorry for the guys working there, but not only do they have to comply with this court rule which forces them to provide some information in plaintext to the police, it also shows the biggest problem with their system:

Nonstandardized proper end-to-end encryption.

Just use OpenPGP with a generated key *on your device* and a regular IMAP inbox.

https://www.sueddeutsche.de/digital/tutanota-verschluesselung-e-mail-ueberwachung-polizei-1.4676988

#email #privacy #infosec

Original post: https://microblog.shivering-isles.com/@sheogorath/101830853777149977

[Repost due to dead URL]

There was recently a lot of news about DNS over HTTPS. Some people say it's bad for privacy because it centralizes the DNS requests on Google, Cloudflare and Quad9.

Time to change that and run your own DNS over HTTPS server. I spend some time today in writing, documenting and arranging a small container setup to allow you to do this:

https://git.shivering-isles.com/container-library/dns-over-https

#DNSoverHTTPS #DoH #Docker #privacy #infosec #selfHosting #DNS

And for those who wonder how it works, well, it's all publicly available:

https://git.shivering-isles.com/shivering-isles/infrastructure

For the non-federated services (CodiMD and GitLab) you can actually sign-up on keycloak and get access to them.

It's easy, it's fast and the entire backend is encrypted. There are also automated daily backups to another cloud provider. And hosting static websites is available as well.

Take time, build things slowly but steady and you'll get wonderful integrated services.

There are reasons why I'm proud of my "home" setup:

1. It just works.
2. I know what I build, so I can fix it.
3. It's all a single login.
4. Maintenance is fully automated.
5. It federates in many ways and therefore doesn't limit, but enable me to share things.

What runs on my setup?

- #Keycloak for authentication
- #Mastodon as microblog
- #Nextcloud for storage
- Synapse for #Matrix as chat
- Postfix/dovecot/SOGo for email
- #CodiMD for notes
- And #GitLab to rule and maintain it.

Just read this blog post:

https://jstrieb.github.io/posts/digit-length/

I enjoyed it until I read the last section, calling a method to solve the problem invalid because "strings have not yet been covered in the course". Why forbid people from using their knowledge?

Instead you should let them do this and then tell them to calculate the string length for the binary or hex representation of the number and finally a generic representation.

By forbidding solutions you frustrate people instead of teaching them.

If you still use #Windows 7, you might want to keep in mind that it's end-of-life at 14th January 2020.

This means you are at latest with the begin of February in significant risk to become part of Botnet that might just attacks other people, but could also steal your data, fool your online banking and delete everything from your computer.

Please talk to your kids, parents, friends, … whoever your local tech support is, for help in order to switch away from Windows 7.

#infosec #privacy

Interesting Twitter Threads about "first start" browser communication:

#Firefox: https://twitter.com/jonathansampson/status/1165858896176660480

#Chrome: https://twitter.com/jonathansampson/status/1165493206441779200

#Chromium: https://twitter.com/jonathansampson/status/1168421117884850176

Others: https://twitter.com/jonathansampson/status/1165392803687542790

It's amazing and concerning at the same time to see the amount of data that is transmitted by browsers nowadays. Keep in mind: None of those browser have been used. Just 20 minutes of idling.

#privacy #infosec #browser