Ctrl.blog

Secure app-sandboxing makes Steam distributed via Flatpak for Linux a more secure gaming environment than MacOS and Windows 10.

Any HTTP Content-Security-Policy blocks the default <audio>/<video> controls in Safari unless you deliberately make it less secure.

Ctrl blog was inaccessible in Turkey for five days as the country inadvertently blocked the BunnyCDN content delivery network.

A Windows 10 security-enhancement feature blocks WebP image files from loading in the Microsoft Edge browser and other modern Windows apps.

A misapplied DNS CAA record blocked Certbot from obtaining a Let’s Encrypt certificate for my domain name. Ouch. Have a fallback strategy!

How to use U2F security keys (USB A or C, Bluetooth, others) with Firefox and Google’s Advanced Account Protection program.

Resolve a common DNS over TLS configuration mistake in the Unbound DNS server that makes you vulnerable to attacker-in-the-middle resolver interceptions.

Lenovo Wi-Fi Security collects information about your device and networks. It can warn you about insecure networks, but it doesn’t proactively protect you.

Do the poorly disclosed affiliate links and link commissions make a difference in how PCMag rank VPN providers? (It would seem so.)

Many VPNs require you to install their root certificates to use their service. This also enables them to intercept your encrypted web traffic.

Bugs in the Windows Settings app cause problem when setting up VPN connections with IKEv2 EAP authentication profiles. Here’s how to set it up despite the bugs.

I found several privacy and security issues with the Vilfo VPN router during my week-long review.