This blog really became 4 years old. When I started to write it was mostly for practicing written english. But my intention was always to give something back to the open-source community. I failed terribly with the first point. My english is as bad as it was before, but I have readers and get responses to some articles. It seems that I didn't failed with "giving something back to the open-source community".
Thank you to all my readers.
According to the project-page "PHKP is an implementation of the OpenPGP HTTP Keyserver Protocol (HKP) in PHP".
The legendary portscanner nmap was released 20 years ago in Phrack #51. Happy Birthday nmap.
Sysadmins are the heros who bring back our cat-pictures from the heights of the filesystem-tree. So let's honour our firefighters of the internet.
Many people are scared because Microsoft bought GitHub. I wonder why people are so shocked now. Github is just another cloud-thingy and cloud means: "it's just the computer of someone else". If "someone else" will shutdown or wipe his computer, then we better have backups. Having this in our minds I would say that it's time to make (auto)backups. I wrote this little ruby-script that clones all public repositories of a user into a directory.
I proudly pronounce the first (pre-)release of cryptorecord. Cryptorecords is a ruby gem that provides an API and scripts for creating crypto-related dns-records(e.g. DANE). Currently it supports TLSA, OPENPGPKEYS and SSHFP but I plan to support other records in future. The API doesn't create any keys or certificates. It just takes existing keyfiles to create the DNS-records.
TLS via SMTP is opportunistic which makes connections vulnerable to man-in-the-middle-attacks. In order to prevent mitm-attacks, DANE could be used. The sender-server will first check the domain-records if dnssec is in use(and valid) and if a TLSA-record is published(and valid). If a TLSA-record is valid and matches with the certificate of the recipient-server the connection could be encrypted and the encryption is verified.
DNS is one of the oldest but also one of the most important network protocols we have and actively use. Dan Kaminsky discovered 2008 some serious flaws in DNS which is very well explained on this site. DNSsec is supposed to solve those problems.
I am very surprised that statx-fun got one of my most popular git repositories. Arkadiusz Miśkiewicz even created a PLD-Linux-package for it. I didn't expect that.
Every time I replace an old hard disk by a newer or bigger one I think that I'll wipe it later. Now I have a big amount of hard disks to wipe. Since wiping takes ages, I don't want to use my personal computer for that. I would prefer a small device with low energy consumption just for wiping. That's why I am going to build a "Nukestation". Basically it's just a Raspberry Pi with nwipe on it and a udev-rule for automatically wipe attached hard disks. But some extras would be nice...