Ctrl.blog

OpenSMTPD recently had a critical remote code execution vulnerability. I look at how you can limit impact with systemd-service security directives.

Feb 2020 was full of email vows, both in the larger world and for the Ctrl blog newsletter. What happened and why you got an empty blog newsletter this week.

The systemd-analyze security command gives your systemd service units an automated security rating. This is a good starting point for security hardening.

A comparison of features, security, performance, and limitations of Firefox browser running in isolated sandboxes provided by Flatpak vs. Snap.

Windows opened from your website can redirect the opening tab to a new destination. Mitigations break window.open() functionality like sizing and positioning.

A quick tutorial for migrating from FirewallD and getting started with the Uncomplicated Firewall (UFW). Both are front ends for Linux’s iptables firewall.

My aging PC’s processor didn’t support a new Windows 10 security feature, enabled by default, causing it to become slow and unstable.

The recall of the Feitian MultiPass FIDO security key demonstrates why you always should use multiple security key products from different vendors.

A case study in how timely Firefox derived web browsers (Waterfox, Cliqz, Pale Moon, and Tor) ship critical security updates.

VPN providers are good advertisers and also pay good money to make even [formerly] reputable tech media websites “recommend” their services.

Comparison review of the two secure PGP-oriented email providers ProtonMail vs Mailbox.org. A huge price discrepancy for the same service.

Here are 6 services you can report malware websites and phishing emails to help make the internet a safer place for everyone.