In recent weeks, some of us were heavily involved in preparing and hosting a public CTF contest in the context of this year’s European Cyber Security Month (ECSM). More than 1,000 teams registered, nearly 600 solved at least one challenge. Unlike most oth…
+
The second topic of this year’s European Cyber Security Month is “Emerging Technology”. We decided to address IoT (Internet of Things) devices at your home since many different devices are connected to the internet nowadays.
+
+In this short article, we prese…
Last month, I gave you an update at the conclusion of a long series of travels.
-But, I wasn’t done yet - this month, I spent a week in Montreal for XDC.
-Simon Ser put up a great write-up which goes over a lot of the
-important things we discussed there. It wa…
+
It’s been too long since I last did a good hack, for no practical reason other
+than great hack value. In my case, these often amount to a nostalgia
+for an age of computing I wasn’t present for. In a recent bid to capture more of
+this nostalgia, I recently pi…
- I was having a conversation with a friend of mine recently and they were asking me why I don't use Facebook. Within my circle of friends, I'm the IT guy and most of them aren't really into IT, let alone priv…
+ There was a post on Fosstodon recently where one of our members shared their thoughts on what they think self-hosting is.
+
+
+
+Following the post, a conversation started about what different people considered …
via Blog
- October 12, 2019
+ October 26, 2019
diff --git a/_layouts/blog.html b/_layouts/blog.html
index 564585d..d174c0b 100644
--- a/_layouts/blog.html
+++ b/_layouts/blog.html
@@ -3,13 +3,6 @@ layout: default
description: Amolith's blog on various tech-related topics
---
{% include page/title.html %}
-
-
-For a list of articles I've read and think are worth reading, check out my other feed. This is generated using my feed reader of choice, Tiny Tiny RSS. They're blog posts from people I admire and it's all content I recommend reading.
-
diff --git a/contact.html b/contact.html
index 0b677ae..2d520db 100644
--- a/contact.html
+++ b/contact.html
@@ -45,7 +45,7 @@ These are some of my more public accounts; feel free to contact me at any of the
I also have Briar. Since they finished the feature that lets you add remote contacts, send me a message somewhere with your link and paste this into your client. It only works when we're both online so you may want to wait until I respond before you bother.
Running these services is not free and it's definitely not cheap; I'm paying for it all out of pocket so donations are greatly appreciated. I accept both fiat currencies as well as Bitcoin and Monero.
@@ -37,3 +39,5 @@ priority: 0.9
+
+
diff --git a/json/cards.json b/json/cards.json
index 83b6f72..b51860a 100644
--- a/json/cards.json
+++ b/json/cards.json
@@ -1,6 +1,13 @@
{
"cards" :
[
+ {
+ "name": "Email",
+ "description": "I run a mail server powered by Postfix, Dovecot, rspamd, ClamAV and a number of other components. The result is stable, private, and anonymous email for everone.",
+ "button_text": "Sign up!",
+ "link": "https://nixnet.email",
+ "tor":"#"
+ },
{
"name": "Jabber/XMPP",
"description": "Jabber/XMPP is a set of open technologies for instant messaging, multi-party chat, and voice/video calls. XMPP stands for the Extensible Messaging and Presence Protocol.",
diff --git a/mumble.md b/mumble.md
index f0142c8..44ec5b5 100644
--- a/mumble.md
+++ b/mumble.md
@@ -8,8 +8,6 @@ cover: /assets/pages/mumble.png
Visit Mumble's [Downloads](https://www.mumble.info/downloads/) page for installation information.
## Setup
-Simply launch the app and run through the audio setup wizard. If your OS supports it, you can simply click [here](mumble://nixnet.xyz:64738) and it will open automatically and connect to the server. Alternatively, launch Mumble, go to `Server -> Connect -> Add new`. Enter whatever username you want, use `nixnet.xyz` as the address, `64738` for the port, and label the server however you'd like.
+Simply launch the app and run through the audio setup wizard. If your OS supports it, you can click [here](mumble://nixnet.xyz:64738) and Mumble will open automatically and connect to the server. Alternatively, launch the app, go to `Server -> Connect -> Add new`, enter whatever username you want, use `nixnet.xyz` as the address, `64738` for the port, and label the server however you'd like. That's it!
-If you want a new channel made for something (game, podcast, private call, etc.), just [let me know](/contact) and I'll create one!
-
-If you would like to talk with me about something, check the [contact page](/contact) for the times I'll be available.
+If you want a new channel made for something (game, podcast, private call, etc.), just [let me know](/contact) and I'll create one. If you would like to talk with me about something, check the [contact page](/contact) for the times I'll be available.
diff --git a/privacy-policy.md b/privacy-policy.md
index 4eed1b3..0746b33 100644
--- a/privacy-policy.md
+++ b/privacy-policy.md
@@ -10,7 +10,7 @@ cover: /assets/posts/privacy.png
This will hopefully be the briefest "legal" document you've ever read as well as the most readable. If you need additional information [let me know](/contact) and I'll add it.
## IP Address
-Some applications (Gitea, Mastodon, Mumble, XMPP) collect your IP when you register. At the moment, that information is kept indefinitely. However, I'm working on either completely disabling it or setting something up that will periodically delete stored IP addresses. When I do, this document will be updated accordingly.
+Some applications (Gitea, Mumble, XMPP, and NixNet Mail) collect your IP when you register. At the moment, that information is kept indefinitely. However, I'm working on either completely disabling it or setting something up that will periodically delete stored IP addresses. When I do, this document will be updated accordingly.
If you don't want me to have that information to begin with, just use [Tor Browser](https://www.torproject.org/).
@@ -20,12 +20,10 @@ When you register for a service using an email address, that is obviously collec
**Note:** whatever address you use for git is visible in commits.
## Browser Fingerprint
-Your web browser communicates uniquely identifying information to all websites it visits by allowing the site to know details about your operating system, browser information, plugins installed, fonts installed, screen resolution, and [much more](https://panopticlick.eff.org/). I don't care about that either and, if some services do collect that for their own use (I'm 99% sure none of them do), I'm not going to look at it ¯\\_(ツ)\_/¯
+Your web browser communicates uniquely identifying information to all websites it visits by allowing the site to know details about your operating system, browser information, plugins installed, fonts installed, screen resolution, and [much more](https://panopticlick.eff.org/). As far as I know, nothing collects or uses any of that information.
## Usage and storage of collected information
-**For most services:** Whatever data is collected is stored on one server in Germany and won't be shared with any third parties whatsoever.
-
-**For Nextcloud:** Whatever data is collected is stored on one server in my living room and won't be shared with any third parties either. User's files are encrypted at rest so they wouldn't be of any use if someone hacked my server and stole them. I do have the encryption key so I *could* decrypt and view your files. I'm not going to bother with that though because I don't have any interest in looking at your personal stuff. That's your business and I won't invade your privacy.
+Whatever data is collected is stored on servers I have sole control over and it won't be shared with any third parties whatsoever.
## DNS services
In short:
@@ -45,7 +43,7 @@ To elaborate on Unbound's verbosity, if you have it installed, you can run `man
There's no warranty, no uptime assurance, etc. so I recommend using multiple [resolvers](https://wiki.lelux.fi/dns/resolvers); that also improves privacy because the DNS queries are spread across multiple providers
# Exceptions
-I do live in the US; I have three servers here, one in Germany, and another in Luxembourg. If, for whatever reason, I'm compelled by law enforcement to give up your email, IP address, or any other information, I will even though *I don't want to*. As such, I do whatever I can to make sure *I don't have that information*. If I don't have it, I can't share it.
+I do live in the US; I have three servers here, three in Germany, and another in Luxembourg. If, for whatever reason, I'm compelled by law enforcement to give up your email, IP address, or any other information, I will even though *I don't want to*. As such, I do whatever I can to make sure *I don't have that information*. If I don't have it, I can't share it.
# Recommendations
To mitigate invasions of privacy like this, use a throwaway email address for registration, such as one from [anonbox](https://anonbox.net/) if you want a temporary address or [cock.li](https://cock.li/) for something a bit more permanent. Also provide a [fake name](https://fakena.me/fake-name/) and use the service from behind [Tor](https://www.torproject.org/) or a VPN. Rather than a VPN, however, I *strongly* recommend using Tor across all devices. They have an [Android version](https://www.torproject.org/download/#android) now and there's another browser they recommend for iOS called [Onion Browser](https://apps.apple.com/us/app/onion-browser/id519296448). I don't use iOS so I can't say whether or not it's any good, just that the Tor Project recommends it.
diff --git a/warrant-canary.md b/warrant-canary.md
new file mode 100644
index 0000000..231f237
--- /dev/null
+++ b/warrant-canary.md
@@ -0,0 +1,54 @@
+---
+layout: page
+title: Warrant Canary
+subtitle: The FBI has not been here
+description: Watch this page carefully for changes and read up on warrant canaries. I may not be able to state anything clearly.
+cover: /assets/pages/canary.png
+---
+**Updated**: 2019-10-29 21:33 UTC
+
+**Valid until**: 2019-11-29 23:49 UTC
+
+# Recent stories in my RSS feed
+* [Uber sues Los Angeles as the fight over scooter data escalates](https://www.theverge.com/2019/10/29/20938212/uber-lawsuit-la-ladot-scooter-data-mds)
+* [The California fires show how unprepared we are for climate change](https://www.theverge.com/2019/10/29/20936979/california-kincade-fire-wild-climate-change-disaster-preparedness)
+* [50 Years Ago, the Internet Was Born In Room 3420](https://tech.slashdot.org/story/19/10/29/1557212/50-years-ago-the-internet-was-born-in-room-3420)
+* [Security Updates for Tuesday](https://lwn.net/Articles/803381/rss)
+* [The Pirate Bay was recently down for over a week due to a DDoS attack](https://thehackernews.com/2019/10/the-pirate-bay-down.html)
+
+# Statement
+I have not been contacted by any member of law enforcement from any nation regarding this site, the associated servers, the services/applications running on them, or any of the users. This is accurate as of 2019-10-29 21:33 UTC.
+
+# Further information
+Read this page carefully and watch for changes. The [Wikipedia](https://en.wikipedia.org/wiki/Warrant_canary) article may prove useful if you're not sure what something means.
+
+
+# Signed version for verification
+```
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+**Updated**: 2019-10-29 21:33 UTC
+
+**Valid until**: 2019-11-29 23:49 UTC
+
+# Recent stories in my RSS feed
+* [Uber sues Los Angeles as the fight over scooter data escalates](https://www.theverge.com/2019/10/29/20938212/uber-lawsuit-la-ladot-scooter-data-mds)
+* [The California fires show how unprepared we are for climate change](https://www.theverge.com/2019/10/29/20936979/california-kincade-fire-wild-climate-change-disaster-preparedness)
+* [50 Years Ago, the Internet Was Born In Room 3420](https://tech.slashdot.org/story/19/10/29/1557212/50-years-ago-the-internet-was-born-in-room-3420)
+* [Security Updates for Tuesday](https://lwn.net/Articles/803381/rss)
+* [The Pirate Bay was recently down for over a week due to a DDoS attack](https://thehackernews.com/2019/10/the-pirate-bay-down.html)
+
+# Statement
+I have not been contacted by any member of law enforcement from any nation regarding this site, the associated servers, the services/applications running on them, or any of the users. This is accurate as of 2019-10-29 21:33 UTC.
+
+# Further information
+Read this page carefully and watch for changes. The [Wikipedia](https://en.wikipedia.org/wiki/Warrant_canary) article may prove useful if you're not sure what something means.
+-----BEGIN PGP SIGNATURE-----
+
+iHUEARYIAB0WIQQ1KbDpa5YVrqxZvETKPvxAZiwZugUCXbiwYQAKCRDKPvxAZiwZ
+ui4gAQC5C/uVkoNy98HdV5zbI6lD7jRu54NuufErPd0A6mgBQQEA6PkSPAZ4cR7E
+4Ea4wr2JR6L0DSmUIGoygBwnSKfh/Q8=
+=k2U2
+-----END PGP SIGNATURE-----
+```