The Internet is a dangerous place, lots of bots have nothing better to do than probe for weaknesses everywhere. As you might know, I use WordPress to run this blog and they are pretty quick to fix security issues when they come up. But since I’m quite a bit on the security conscious side, I decided to add an extra layer of armor with HTTP Security Headers for extra protection for me and of course, you, the reader.
If you’ve been around that long, think back how the Internet looked like 20 years ago in 1998, 10 years ago in 2008 and today in 2018. To me, these dates symbolize three very different epochs.
I’m on planes quite often and on many intercontinental flights, airlines are offering satellite Internet access these days. Unfortunately, quality over the years has significantly deteriorated, the satellites used for the service are probably quite busy these days or airlines artificially throttle throughput to save costs. Who knows… In the US, ground based Internet connectivity on short-haul flights has been available for many years but in the EU, there was nothing similar up to now. However, this is now changing, and when I recently flew from Dublin to Düsseldorf, I could try the new European Aviation Network (EAN) for the first time as a paying customer.
As you are probably aware I am one of those people who don’t like their private data to be absorbed, analyzed and sold, so I am hosting most of the services I use over the network myself. Over the years, my Nextcloud instance has become the central instance for this as I host files I exchange there as well as my calendars and my address books. Also, I use it as a platform for private voice and video communication.
This is a great thing and the main threat vectors that remain are that my instance is hacked from the outside with a zero day exploit or someone gets to the data I have stored there with a https man-in-the-middle attack. Both require signification dedication, effort and resources. When I think about it, I feel most vulnerable on the https front as I do not control which certificates are accepted by the various applications on the PC and by apps on my mobile devices that interact with my Nextcloud instance.
In the past, I’ve been using HTTPS Public Key Pinning (HPKP) to add an extra layer of protection. As the scheme hasn’t really caught on over the years, I’ve been thinking a lot lately about the value Certificate Transparency (CT) provides to me. Time for a quick summary.
As if there weren’t already enough deployment options for the upcoming 5G network standard, it turns out that for 5G Non-Standalone Option 3, there are actually 3 different variants: 3, 3A and 3X. So what exactly is the difference between them?
Continue reading 5G – What’s The Difference Between Option 3, 3A And 3X?
I’m sure you’ve been at this point before: There’s an image shown in a wrong orientation on your screen because the camera’s orientation sensor got it wrong, or your computer got it wrong, or something in between got it wrong, and you had trouble rotating it into the right orientation. If it’s a single image you can try until you succeed with various programs just to find out that the next image viewer again shows it in the wrong orientation. It might be a nuisance for a few images but when you deal with hundreds of images at a time that should all be in portrait orientation with many of them marked as landscape, it becomes more than just a frustrating exercise to manually re-orient the images. At some point I became so frustrated that I spent some time to find the ultimate fix for this.
A couple of days ago I suddenly had strange intermittent problems to connect to my services at home. It worked one minute and the servers were not found the next. At first I thought it must be a DSL problem but I quickly figured out that this was not the case at all when I checked the DNS resolution for my domains. Here’s the response of two DNS queries which were one minute apart.
$ ping www.some-domain.com PING www.some-domain.com (217.253.68.195) 56(84) bytes of data. [...] $ ping www.some-domain.com PING www.some-domain.com (79.216.56.147) 56(84) bytes of data.
What should have been the same IP address suddenly oscillated between two entirely different IP addresses. What’s more is that this happened for several of my domain names via the local DNS resolvers, over Google’s 8.8.8.8 DNS server and also over two VPN tunnels over which yet other DNS resolvers were used.
A couple of weeks ago, the German Telecoms regulator (Bundesnetzagentur) published their annual report for 2017. I was a bit surprised that I last wrote about such a report in 2015 so it was really time for a status update and a then-and-now comparison.
Once upon a time, Skype was THE voice and video calling platform for me. It was independent, decentralized and offered end-to-end encryption. But that was a long time ago, today it’s centralized, more closed source than ever, and encryption seems to be rather optional. But on PCs there was little else that was usable and universal, perhaps until now. A few days ago I started to test Nextcloud Talk, that, despite its name is a full blown Voice and Video Conferencing and Calling Solution.
Continue reading Nextcloud Talk – Voice and Video Calling – First Impressions
Two years ago, I moved this blog from Typepad, a blog hosting service I used for over a decade but who didn’t deliver value for money anymore to a web hosting provider and WordPress as a publishing platform. Now, it was time to move once again, for different reasons, however, from a web hoster to a virtual machine.