Blog posts tagged "security" – Posts 1..5 of 6 posts found:

2020-06-02: Windows 10 screen flickering every few seconds? Check for hacking attempts!

Posted at 2020-06-02 19:01:23 by SHD

After updating to the Windows 10 Version 1903, I noticed that my monitors started flickered every few seconds. I've seen it happen every 38 seconds, every 17 seconds or every 15 seconds, but always regular as clockwork and annoying as heck. Rolling back to Windows 10 Version 1809 eliminated the flickering, but that is obviously not a sustainable solution. So what causes this flickering? Is it a Windows 10 bug? Yes. And no.

2016-02-13: HTTP Public Key Pinning

Posted at 2016-02-13 20:46:37 by SHD

HTTPS sites are encrypted with a public/private key pair, being vouched for in a certificate by having that certificate signed by a trusted CA. However, it might be possible that somebody generates a certificate for your domain and has it signed by a fraudulent or compromised CA. Protection against this is provided by use of HKPK. But what keys should be "pinned" and why? I've found information about this online to be lacking, so I did some research and here's the results.

2014-05-09: PHP: Why might session_start fail, claiming "no such file or directory"?

Posted at 2014-05-09 15:49:30 by SHD

Here's a little problem that bit me after an OS upgrade to a webserver. Whenever session_start was called, PHP would throw a warning message and not actually start the session:

2013-03-29: Switching to CloudFlare

Posted at 2013-03-29 00:26:48 by SHD

For more than a decade, I've run my own BIND-based DNS server, using FreeDNS for a free secondary DNS service. There has been quite some to do about a large-scale DDoS attack perpetrated against Spamhaus recently. One significant aspect of this attack was that the DDoS used so-called DNS amplification. This makes use of misconfigured DNS servers ("open recursors") to greatly increase the amount of traffic sent to a victim. One fellow server administrator wrote about this and it made me wonder about being an open resolver. Fortunately, my own server was properly configured and could not be used as an accessory in such an attack, but what if it had been? That's where CloudFlare comes in.

2012-01-14: Accessing sites blocked by your ISP

Posted at 2012-01-14 20:53:21 by SHD

Just recently, MPAA/RIAA sock puppets Brein managed to convince some clueless judge to order two of the largest ISPs in the Netherlands, XS4ALL and Ziggo to block (in)famous torrent website The Pirate Bay. TPB have put up a message that is shown to anyone visiting from a Dutch IP address, as shown below. XSALL and Ziggo have both announced they will appeal to a higher court, which is a good thing. I don't even use TPB myself and wouldn't really miss it, but I do care deeply about worthless assholes doing anything limiting my internet access. So, how would this work and what can I (or anyone) do to give these lying thieves the finger and circumvent these blocks if they are upheld by the higher courts?