After the GhostProject started offering access to 1.4 billion credentials in the form of usernames with clear text passwords, I’ve seen an expected increase in attacks against customers e-mail accounts.
I recently read a thread on reddit titled “A Privacy & Security Concern Regarding GNOME Software” that addressed a few issues regarding the fwupd daemon. The developer eventually responded and was able to justify and debunk most of the claims made against his software. However, that prompted me to have a closer look at the traffic originating from GNOME Software.
So I noticed this new “Recrawl now” link that had suddenly appeared in Google Search Console (beta edition) and was immediately enticed. The result however was not what I had in mind. I can deal with being fooled on April Fool’s day, but getting Rickrolled in 2018… now that’s just pure evil. Anyhow, enjoy an animated gif of Google’s trolling below.
I’ve never owned a single Apple product but lately I’ve been wondering how good a real UNIX certified operating system might actually be. To get my feet wet, I decided to try out macOS Sierra in a VirtualBox session on a Linux host. I’m aware that much of the Apple experience is closely connected to the hardware, but personally I was more interested in the isolated OS experience.
So the 34. Chaos Communication Congress is currently in progress and the boys (and girls) attending were kind enough to send some thoughtful wishes to working sysadmins around the globe. The following entry appeared in my server log earlier today:
On the 18th of December Wordfence posted the following entry describing an ongoing distributed brute force-attack campaign targeting WordPress installations. It was accompanied by a dramatic chart highlighting the number of attacks per hour. According to Wordfence, it was the most aggressive campaign they’ve seen so far. However, as a WordPress hosting provider I’ve found no data to support these claims.
I’ve not experienced any increase in dictionary attacks or other malicious traffic against WordPress installations on our web hosting platform. Curiously enough, this would mark the first time that we have completely dodged such a large scale attack.
I wanted to register a new domain name and decided to go with the privacy-aware domain registration service from Njalla. Unlike other domain registration services, Njalla actually purchases the domain for themselves and acquires full legal ownership and responsibility for the domain name. Njalla however grants you full control over the domain as long as you abide by their terms and conditions.
A short story detailing my experiences with hackers, SIGINT and the inherent depravity of humankind. In truth though, this story may lack all the aforementioned ingredients.
A year ago I decided to offer my visitors “absolute” privacy in the shape of a Tor hidden service. Believing others were as fed up as myself with the constant mining of our personal data, I was eager to see what kind of traffic my hidden service would receive.
So the annual “Slackware needs PAM and Kerberos” thread is going strong over at linuxquestions.org at the moment. This particular topic always seem to awaken a collective inferiority complex within the Slackware community, where users are aggressively refuting any claim that Slackware is not a viable choice for business use (you can do anything with some lines of bash right?…). At the opposite side you have users arguing that Slackware has become a niche hobbyist distribution due to its reluctance to implement mainstream technologies.
Let’s Encrypt suffered from a major service disruption today leaving users unable to access various services. The cause of the problem seems to have been an update to Boulder (ACME CA) which has since been reversed.