So this website was pretty much free of trackers with one notable exception, the fonts provided by the Twenty Fifteen theme. By its use of the Google Fonts API, most visitors were still leaking data back to the great chocolate factory. However, as the fonts are open source we’re free to use them outside of Google’s realm.

‘Tis the season to be cracking.
In the webhosting business we’re used to seeing an increase in attacks during the holidays, as most people by then are busy with real life. If you’re a cracker though, this is your favorite time of the year.

SimpleScreenRecorder (ssr) is a feature-rich screen recorder for Linux that supports X11 and OpenGL. SimpleScreenRecorder is available as a SlackBuild script from slackbuilds.org, but by only installing the listed dependency, namely FFmpeg, you’ll end up with a rather limited set of supported codecs.

By now most people have gotten up to speed with latest news regarding the attack against the Linux Mint infrastructure and the ripples it created within the Mint community. If not, here is yet another quick and superficial recap:

• The Linux Mint website was compromised.
• The Mint forum database containing 145k accounts was sold online.
• The Mint 17.3 Cinnamon edition was reassembled and bundled with malware.

Due to a city wide power outage I lost just short of 300 days of uptime on the RPi2. The RPi2 did boot back up when the power returned, but since I had received a new IP address I needed to make a DNS update before the server was reachable again. That’s obviously the downside of running a server on a dynamic IP space, but hey it doesn’t cost me a cent. I have a 300 seconds TTL (Time To Live) on my blog.paranoidpenguin.net A record so I think it’s good enough for a hobby project.

The symptom is rather ominous, your wp-content/cache/supercache folder is suddenly populated by additional domain name folders having no connection to your website. What could have caused this? Has your website been compromised or is there some reasonable explanation for this behavior.

Who would have thought, right? :-)

After installing my certificate from Let’s Encrypt last week I was immediately confronted with the fact that I had made the wrong choice in regard to key sizes. By using a 4096-bit private key I was relying too heavily on the RPi2’s CPU. This became abundantly clear as page load times were increased by 500 – 1000ms.

I had some issues today with the Akonadi server failing on my Slackware 14.1 box at the office, so I resorted to killing X for a quick revival. However, issuing startx only resulted in the following errors:

By working in the “web business” I do get my hands on a fair share of malware kits as attackers continuously try to infect any website available with their automated scripts.