Two-factor auth’s Achilles heel: switching smartphones
Migrating all of your 2fa codes to a new smartphone is a huge pain. Here’s one way you can make it easier.
Category Archives: Computer Security
How to delete your LiveJournal account
LiveJournal recently changed their Terms of Service. Many people are unwilling to accept the new Terms of Service. Some people even find them so unacceptable that they want to delete their LiveJournal accounts. The only way to delete one’s LiveJournal account is via the Account Status page. Unfortunately, it’s impossible to access that page without… Read More »
Adding malicious IPs in DNSBLs to hosts.deny automatically
[See Adding malicious IPs in DNSBLs to iptables automatically for a new and improved version of this that uses iptables instead of hosts.deny, which is necessary since tcpwrappers is mostly deprecated at this point.] I run my own mail server, which means that there are hackers trying 24×7 to break into the server by connecting to… Read More »
Let’s Encrypt with Synology NAS when you can’t open port 80
UPDATE [2022-02-06]: I’m fairly certain nothing in this blog posting is needed anymore with the current version of Synology’s NAS software (DSM). My NAS’s SSL certificate has been renewing automatically for quite a while now without my ever needing to use this script. I don’t know what mechanism DSM is now using to renew Let’s… Read More »
“Passport Parking” is a rip-off
Passport Parking’s pay-by-phone service charges exorbitant fees, doesn’t inform customers about the fees up-front, makes it hard to obtain a refund, issues refunds slowly, has a broken web app, and has poor security.
Comics aggregator now uses SSL, new URL
The comics aggregator is now accessed over SSL at the new URL https://comics.kamens.us/.
Linode Security Breach
There has been a recent Linode security breach. Check if you’re affected!
How LastPass protects your data
I’ve seen several people recently discussing how LastPass protects your LastPass master password and your encrypted site password data (a.k.a., your vault). If what some of those people were saying were true, then LastPass wouldn’t be as secure as I thought it was. This gave me pause, since I use LastPass to store all my… Read More »
We need a “/heartbleed.txt” standard, and we need it ASAP
Those of us who help create and maintain “the internet” that everyone benefits from are now tasked with helping the world recover with one of the biggest, if not the biggest, security holes in the history of the internet. To be certain they aren’t vulnerable, users need to change their passwords at every site that… Read More »
How not to run a computer security company
Don’t use a self-signed SSL certificate for your web site. Way to go, Incapsula!