Tag archive for "security"


Security is like onions, it has layers. Onions have layers. Security has layers. People sometimes have different opinions on which things are more relevant for security, or less. And hackers always wear hoodies, or was that crackers?

A while ago I published a snippet to generate an OTP auth token from the command line, but I recently got a new phone and had to re-add all my secret keys to a different authenticator app. As I keep all the secret keys backed up I made another script … more

Faucet requests May 2020 I run a bitcoin testnet faucet. Testnet coins are supposed to be worthless, but there is scarcity and some people try to get as many as they can. I try to prevent this to keep the faucet running and useful for as many people as possible, for as long as possible. more

My i3 desktop Inspired by a comment on reddit I am sharing my screen locking configuration in this post, I use i3, xautolock and a custom lock script. more

I use a custom screen locking script together with xautolock for automatic locking and manual locking when needed. To prevent multiple i3lock instances from starting I use an atomically created mutex. The script has somewhat excessive logging that still remains from the time it was buggy. more

I run multiple desktop environments, and they all come with their own screen locking tool. Sometimes I want to unlock a system remotely, that means from the command line. The script below can unlock mate, gnome and i3lock. more

I recently added OTP authentication using pam_google_authenticator.so to most of my machines. It's non-trivial to set up, especially if you have system users with limited capabilities that need to be able to log in non-interactively, but all in all it feels good to have a little more security. When logging … more

When Firefox always redirects local sites to https change the following setting in about:config more

SSH over tor


Tor Using SSH over tor has some benefits, and some downsides. I'll try to explain what they are and how to implement SSH over tor. more

What happened to bitcoin-24.com?


Bad: Licensing, Data leak, Password security, Accounting, DB integrity and Float arithmetic. Donations: 16zN9HGvB7fBmfWgysWpJ5wTNUf82fFDNN No BTC? 2020-04-16 Bitcoin24 and Corona Virus Who would have thought... seven years later and there are still things happening around Bitcoin24. The refund effort started by Jeff has made slow, steady progress over the years … more

Password protecting the wp-admin directory


Several places recommend to block the WordPress admin area with a password. While this certainly is a good idea, implementing it properly is non-trivial. One of the problems is that the WordPress Ajax handler script is located in the admin directory. So password-protecting the admin area will break all Ajax … more

DjangoPythonBitcoinTuxDebianHTML5 badgeSaltStackUpset confusedMoneyHackerUpset confusedX.OrggitFirefoxWindowMakerBashIs it worth the time?i3 window managerWagtailContainerNginxSilenceTorWorldInternet securityFont