When it comes to secure, user-friendly messaging apps, it doesn’t get much better than Signal. Nowadays, a whole host of messaging apps (e.g. iMessage, Facebook Messenger, WhatsApp) use end-to-end encryption as a default.
Say you have a lot of independent computing tasks to complete. You don’t have to finish one before starting the next, and you’d like to parallelize them to speed up collective execution. This means running the tasks simultaneously in separate processes. How many processes do you spin up?
Decided to write about a bunch of things in this post!
Oh, what to do with passwords…
I recently reread this post on HTTP/S desync vulnerabilities. I like the way the author breaks down the methodology of addressing the vulnerability into multiple stages (i.e. detect, confirm, explore, exploit). It got me wondering whether I could write a barebones tool to automate at least some of these steps.
The past few months, I’ve been working on a library that organizes URLs into a hierarchical tree structure. This is useful if you’re exploring a website and you’d like a visual summary of your navigation/request history.
I recently started working on a project to set up and run my own VPN using OpenVPN and easy-rsa. Someone at work suggested I check out WireGuard, a more modern and performant VPN that’s open-source. Still under development at the time of writing, WireGuard is already supported by several major VPN providers. I decided to bootstrap my own WireGuard VPN and compare it with the OpenVPN solution.
Suppose you’re at a coffee shop with Wi-Fi and someone is watching your traffic. What do they see when you navigate to “reddit.com” in your browser?
A couple weeks ago, I gave a presentation on forward proxies at my team’s weekly meeting. I created a repo for it - if you think there’s something I should add or change, let me know in an issue! For the presentation, I read the
README.mdaloud, adding an extra detail here and there. Then I ran the code samples, configured my browser to use different types of forward proxies, and ran
tcpdumpto see where browser traffic was going.
You’re running an SSH server on your rpi at home and you want to SSH into it from work. However, the rpi’s behind a NAT router so it doesn’t have a public IP address (i.e. it’s not open to the world). You could forward a port to the rpi but you’re reluctant to expose a port on your home router. You look at the SSH manpage and see that SSH has
-Remote port forwarding options. Hmmm…