Detect outgoing port blocking with nmap and portquiz.net

This post will describe how to detect if your network is blocking outgoing ports. In this test, we’ll be using nmap and the fine website portquiz.net

. . . → Read More: Detect outgoing port blocking with nmap and portquiz.net

HPKP Best Practices for Let’s Encrypt

This post describes how to generate a few backup public key hashes to add to your HTTP Public Key Pinning (HPKP) config that might save you from bricking your domain if Let’s Encrypt ever gets untrusted like StartCom did.

If you have a healthy distrust of the X.509 PKI trust model, then you’ve probably heard . . . → Read More: HPKP Best Practices for Let’s Encrypt

Howto Guide: Whole House VPN with Ubiquiti + Cryptostorm (netflix safe!)

This post will describe what hardware to buy & how to configure it so that you have 2 wireless networks in your house: One that seamlessly forces all of the traffic on that network through a VPN–and one that connects to the Internet normally . When finished, the internet activity for any device connected to . . . → Read More: Howto Guide: Whole House VPN with Ubiquiti + Cryptostorm (netflix safe!)

Let’s Encrypt!

Finally, this website is (only) accessible over https!

. . . → Read More: Let’s Encrypt!

Tor->VPN in TAILS to bypass tor-blocking

This post will describe how to route outgoing traffic in a python script running on TAILS first through Tor, then through a SOCKS proxy created with an ssh tunnel. This is helpful when you want to use the anonymizing capabilities of tor, but you need to access a website that explicitly blocks tor exit nodes . . . → Read More: Tor->VPN in TAILS to bypass tor-blocking

pycurl through Tor without leaking DNS lookups

This article describes the correct way to use pycurl over Tor, such that both DNS lookup data and HTTP(S) traffic is sent through Tor’s SOCKS5 proxy.

If you google “pycurl tor”, one of the first results is a stackoverflow post that describes how to configure pycurl using the pycurl.PROXYTYPE_SOCKS5 setting. Indeed, even the tutorial To . . . → Read More: pycurl through Tor without leaking DNS lookups

Eavesdropping Analysis of PGP Metadata

This post attempts to answer the following question: If an evesdropper intercepts a message encrypted with gpg, how much information will they be able to extract from the message without a decryption key?

I will show the unencrypted metadata added to a GPG-encypted message, and I will present commands that can be used to extract . . . → Read More: Eavesdropping Analysis of PGP Metadata

Custom Synapse Shortcuts

I’ve been using Synapse for a few months now. This software is invaluable to my experience on my PC because: # I can *quickly* do what I want to do without fighting with a big, hierarchaial menu # It doesn’t require any huge dependencies (I use XFCE, so I don’t want something that requires Gnome . . . → Read More: Custom Synapse Shortcuts

UCF Wifi in Ubuntu

This month (September 2011), UCF officially killed the “UCF” SSID to be replaced by “UCF_WPA” and “UCF_WPA2.” Configuring Ubuntu Linux to connect to the UCF WPA2 network is neither trivial nor documented by UCF.

To aid other UCF Ubuntu users, I created a Wireless article on the unofficial UCF wiki. This includes links to the . . . → Read More: UCF Wifi in Ubuntu

My Search for The Best MP3 Player

I’m going on another cross-country cycling trip this summer, and I’m in the market for a good, solid MP3 player.

Disclaimer: I’m a software guy who likes my devices to be good quality and long lasting. I’m by no means an audiophile, hardware tech, or professional MP3 player reviewer. All of my research was . . . → Read More: My Search for The Best MP3 Player