Electricmonk

Ferry Boender

Programmer, DevOpper, Open Source enthusiast.

Blog

Category: security

An Ansible safeguard

At my work, we use ansible to provision all kinds of things, from servers to monitoring. Ansible is very powerful, but with great power comes great responsibility. One downside of automating many things with ansible is that you could also accidentally destroy a lot of things with a single wrong command. In a perfect world […]

Finding and removing packages installed from non-standard repos in Ubuntu

Update: Oh, look, right in the nick of time: “Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click” As part of my big spring cleaning, as well as given all the […]

A short security review of Bitwarden

Update 2021-02-25: (Disclaimer: I’m not a cryptographer, and not affiliated or sponsored by Passbolt in any way, shape or form). I’ve reviewed another Open Source personal and team password manager called Passbolt. Without going into a full review, its security looks impressive. Passbolt uses plain, old, trusted GPG with asymmetric public / private key encryption […]

Lurch: a unixy launcher and auto-typer

I cobbled together a unixy command / application launcher and auto-typer. I’ve dubbed it Lurch. Features: Fuzzy filtering as-you-type. Execute commands. Open new browser tabs. Auto-type into currently focussed window Auto-type TOTP / rfc6238 / two-factor / Google Authenticator codes. Unixy and composable. Reads entries from stdin. You can use and combine these features to […]

Umatrix makes the web usable again

As happens with all media, once corporations join in because there is money to be made, things quickly devolve into a flaming heap of shit. The internet is no exception to this rule. With the coming of Javascript and DHTML in the late 90’s, ads soon started appearing on the web. Not long after, pop-ups […]

Root your Docker host in 10 seconds for fun and profit

Disclaimer: There is no actual profit. That was just one of those clickbaity things everybody seems to like so much these days. Also, it’s not really fun. Alright, on with the show! A common practice is to add users that need to run Docker containers on your host to the docker group. For example, an […]

Criticize grsecurity? Get sued.

Thinking about using the grsecurity linux kernel hardening patches? Better check with your legal team. Not only are they likely violating the GPLv2 with their patch-set, but if you point out that, in your opinion, they are violating the GPLv2, they’ll sue you. And not only you, but anybody that is even remotely involved in […]

Two-factor authentication via SMS is worse than no two-factor authentication at all

Another case of online theft whereby the attacker takes over a victim’s phone and performs an account reset through SMS has just hit the web. This is the sixth case I’ve read about, but undoubtedly there are many many more. In this case, the victim only lost $200. In other cases, victims have lost thousands […]

HTTP Error 429 on Reddit

Getting HTTP error 429 when trying to call Reddit APIs or .json endpoints? Try changing your User Agent header to something else. Reddit bans based on user agent.

cfgtrack: A simpel tool that tracks and reports diffs in files between invocations.

Sometimes other people change configurations on machines that I help administer. Unfortunately, I wouldn’t know when they changed something or what they changed. There are many tools available to track configuration changes, but most are way overpowered. As a result they require too much time to set up and configure properly. All I want is […]

The text of all posts on this blog, unless specificly mentioned otherwise, are licensed under this license.