Back in 1994, a book was published that I read at the time and up to this day, I am not sure how serious the people who wrote it were about it. Its title: ‘The Unix Haters Handbook‘. Having been in my bookshelf for the better part of the last 20 years, I recently stumbled over it again because quite some time ago, the authors have made an online version available to download for free.
Category: Uncategorized
Raising the Shields – Part 15b – Email Privacy!
Back in 2013 I set out to decentralize and to end-to-end encrypt as much of my private communication as possible (see here how it all began and here for the overall history). It’s been the year of the Snowden revelations and I was (and still am) more than just a bit concerned. Since then I’ve come a long way. It started with installing the Off-The-Record (OTR) plugin in my XMPP desktop messenger, checking certificates with Certificate Patrol, making sure an encrypted connection is always used when I send emails, using TOR for especially sensitive web sessions, automatically deleting cookies when the browser closes, using Nextcloud (Owncloud back then) for file sharing and synchronizing contacts and calendars between my devices, installing my own XMPP messaging server at home, encrypting my frequent remote screen sharing sessions and I started using my own VPN server at home. Lately, Nextcloud talk has become available for voice and video communication, so I’ve also regained a secure and end-to-end encrypted voice and video channel. There are a lot of other small things I have also implemented over the years but one major service has so far only been inadequately protected: eMail! Well, I’ve finally got a fix for that as well.
Continue reading Raising the Shields – Part 15b – Email Privacy!
Mastodon A Few Weeks Later
Back in mid-June I decided to have a look at Mastdon despite not being a social media type of person. But due to being federated and private, it was different so I went ahead and gave it a try. So how did it work out for me?
Still Lots of ‘Red Text’ in the 5G NR Standalone RRC Spec
These days, there is a lot of hype in the press about the race to get 5G networks off the ground. All press reports I’ve come across so far are about non-standalone network deployments in which the 4G network is the anchor for the connection and 5G resources are added when available. For an intro see my post from back last year on 5G Dual Connectivity (EN-DC). At some point, however, we will also see networks that support 5G in standalone mode in which there will be a 5G core network and devices that only talk to to 5G base stations (the gNode-Bs). Today, I wanted to take a look at how the RRC (Radio Resource Control) specification for 5G standalone looks like and was quite surprised that major parts are still missing from the corresponding specification document 3GPP TS 38.331.
Continue reading Still Lots of ‘Red Text’ in the 5G NR Standalone RRC Spec
The FDroid Store Compiles Apps Itself!
For quite some time now, I do not only use LineageOS (previously CyanogenMod) on my smartphone but, for very few exceptions, I also only use open source applications from the F-Droid app store. What I only recently learned, however, was that all applications offered via F-Droid are compiled by F-Droid out of their respective repositories.
Security Headers for the Blog
The Internet is a dangerous place, lots of bots have nothing better to do than probe for weaknesses everywhere. As you might know, I use WordPress to run this blog and they are pretty quick to fix security issues when they come up. But since I’m quite a bit on the security conscious side, I decided to add an extra layer of armor with HTTP Security Headers for extra protection for me and of course, you, the reader.
Internet History – 2 x 10 Years
If you’ve been around that long, think back how the Internet looked like 20 years ago in 1998, 10 years ago in 2008 and today in 2018. To me, these dates symbolize three very different epochs.
In-Flight Internet in the EU
I’m on planes quite often and on many intercontinental flights, airlines are offering satellite Internet access these days. Unfortunately, quality over the years has significantly deteriorated, the satellites used for the service are probably quite busy these days or airlines artificially throttle throughput to save costs. Who knows… In the US, ground based Internet connectivity on short-haul flights has been available for many years but in the EU, there was nothing similar up to now. However, this is now changing, and when I recently flew from Dublin to Düsseldorf, I could try the new European Aviation Network (EAN) for the first time as a paying customer.
Certificate Pinning vs. Transparency
As you are probably aware I am one of those people who don’t like their private data to be absorbed, analyzed and sold, so I am hosting most of the services I use over the network myself. Over the years, my Nextcloud instance has become the central instance for this as I host files I exchange there as well as my calendars and my address books. Also, I use it as a platform for private voice and video communication.
This is a great thing and the main threat vectors that remain are that my instance is hacked from the outside with a zero day exploit or someone gets to the data I have stored there with a https man-in-the-middle attack. Both require signification dedication, effort and resources. When I think about it, I feel most vulnerable on the https front as I do not control which certificates are accepted by the various applications on the PC and by apps on my mobile devices that interact with my Nextcloud instance.
In the past, I’ve been using HTTPS Public Key Pinning (HPKP) to add an extra layer of protection. As the scheme hasn’t really caught on over the years, I’ve been thinking a lot lately about the value Certificate Transparency (CT) provides to me. Time for a quick summary.
5G – What’s The Difference Between Option 3, 3A And 3X?
As if there weren’t already enough deployment options for the upcoming 5G network standard, it turns out that for 5G Non-Standalone Option 3, there are actually 3 different variants: 3, 3A and 3X. So what exactly is the difference between them?
Continue reading 5G – What’s The Difference Between Option 3, 3A And 3X?