In March, we announced to roll out support for TLS 1.3 on infosec-handbook.eu soon.
However, instead of only turning it on, we prepared a new server and implemented additional hardening that we will cover in our Web server security series.
If all goes to plan, we will switch to the new server next week. Kindly note that temporary connectivity issues may occur due to DNS reconfiguration.
Thanks and stay secure. 🔒
Looking for a beginner’s guide to building secure microservices? 👍🏼
We’ll show you how to build an #AWS Lambda microservice in #aspnetcore and how to #authenticate it.
Day 12 of #100DaysOfCode
We've got big news.
After months of work, Tor Browser is now stable on Android.
Tor Browser 8.5 brings the highest degree of privacy and censorship-circumvention available to Android users. https://blog.torproject.org/new-release-tor-browser-85
After major security vulnerabilities or data breaches, "security people" show up and tell you to delete your account immediately. "Oh, time to delete your account! Switch to service/product … instead!"
Such statements totally ignore that security vulnerabilities are widespread and the vast majority of data breaches won't become publicly-known. Full control over your data and devices requires 100% isolation from the internet, not just arbitrarily switching services or products.
It's time to fight for our Right to Privacy and Freedom of Speech. 😎💪 That's why we are donating Secure Connect - our brand-new encrypted contact form to journalists and whistleblowers: https://tutanota.com/blog/posts/tutanota-launches-secure-connect-encrypted-contact-form
If you are using #riot-android you should update to version 0.8.28a as this is a critical security update.
If you are a user of the matrix.org homeserver and have received an alert message stating that you should update to a version 0.8.99 from google play you can safely ignore that. This message was only targeted at google play users but accidentally sent to some #F-Droid users as well.
In case you use Facebook’s mobile app, it tracks your location and knows everywhere you go, always: https://www.cnbc.com/2019/04/30/how-to-stop-facebook-from-storing-your-location-history.html
Stop Facebook from tracking you by de-installing the FB app now! #Mastodon is much better for social anyway. 😉 And read our guide on how to leave Google & Facebook: https://tutanota.com/blog/posts/how-to-leave-google-gmail/ #staysecure #privacy 😎
Be educated about today's security. Learn to protect information.
Did you know? Our blog is also available via the decentralized Dat protocol:
Use a web browser like Beaker Browser to access it.
– you can seed all files of our blog by yourself and support P2P hosting
– you can download a full local copy of our blog
– you can read our content even if our blog is down (e.g. due to maintenance)
2+ million IoT devices vulnerable to man-in-the-middle attacks, allowing attackers to steal passwords:
– the website contains a list, so you can check if your devices are vulnerable
– CVE-2019-11219, CVE-2019-11220
– mitigation: dispose your vulnerable devices, or block OUTBOUND traffic to 32100/udp
Interested in security, performance and accessibility.
This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either! We adhere to an adapted version of the TootCat Code of Conduct and have documented a list of blocked instances. Ash is the admin and is supported by Fuzzface, Brian!, and Daniel Glus as moderators. Hosting costs are largely covered by our generous supporters on Patreon – thanks for all the help!