cybersecurity | pentesting
I am a huge fan of Flatpak applications on Linux. I like how they work. I like how easy they are to install. I like how you can control their permissions with such granularity. Etc.
Well now, I have yet another reason to love Flatpaks: easy installation reproducibility. Let me show you what I mean.
Simple CTF is an easy, beginner-friendly capture the flag exercise on TryHackMe. It features a vulnerable CMS, a weak user password, and misconfigured sudo user privileges that lead to root level access.
Proton's toolbox is ever expanding. From acquiring other companies like SimpleLogin or Standard Notes to building out features like Proton's Security Center, we have come to expect constant improvements from the Swiss-based company. Now, the aforementioned Security Center sees another update in the form up dark web monitoring.
Yesterday, the company announced a new feature that can notify users when Proton's system detects a breach affecting them and offers suggestions of how to mitigate risk. This retroactively includes breaches from up to two years ago and will include as many breaches as possible moving forward.
Have you ever needed to reference a command line tool's capabilities only to find out there is no manual page and that only the -h (—help) option is available?
Normally, this isn't a problem, but -h doesn't let you search for strings the way man does. That means if you are trying to use a tool that is quite extensive, scrolling and sifting through the help option's results manually can be quite cumbersome.
Tailscale touts itself as an affordable, zero-config virtual private network (VPN) that easily connects all of your devices from anywhere in the world. Without going into the nitty-gritty of how it works, Tailscale is built on WireGuard, and it uses a centralized server to make the initial introduction between all of your devices.
I've been using Tailscale for some time now. I first tried it out because I wanted an easy and secure way to access my home media server from anywhere in the world, and I heard Tailscale was a fairly pain-free way to do this.
Not only is that true, but I've actually loved using Tailscale, and I will never go back to using reverse proxies and port forwarding into my local network again. That being said, there are a few things you can do to make your Tailscale experience quite a bit better, and I've compiled a list of three which I believe just might do the trick.
A while ago, I wrote a post about what I believed was the best open-source two-factor authentication application on the market: Ente Auth. And though I still love and use Auth, what I didn't know was that there was already an older kid on the block. Enter 2FAS, another free software 2FA option you should consider.
If you want the most private and secure operating system for your desktop or laptop, GNU/Linux is likely the route to go. Mainstream proprietary offerings like macOS or ChromeOS may have some security benefits over the many Linux distros available, but Linux's strengths far outweigh these potential shortcomings.
That being said, the applications you put on your machine can make or break your privacy and/or security as well, regardless of what operating system you run. That's why I have three Linux desktop apps that you should give a try today that can help improve your digital privacy in one way or another.
I, like many of you, watch a fair bit of video content online. Whether it be YouTube, Odysee, or PeerTube, I engage with this form of media on a nigh daily basis.
Typically, that means going to each website or opening different apps to watch videos from various creators on each platform. That was until I stumbled upon a little Android app called Grayjay.
Personally, Firefox is my favorite web browser for both mobile and desktop. Despite a few shortcomings, Firefox can relatively easily become one of the most secure and private options available. And though the “out-of-the-box” experience leaves much to be desired, here's the best way to change one of the most important defaults relatively pain free: the search engine.
Sharing photos online is a critical part of how we connect with one another. Whether it's X (formerly Twitter) or Mastodon, Instagram or Pixelfed, or even just SMS or Signal, sharing pictures is synonymous with sharing our experiences. But this habit comes with a risk some aren't aware of: doxing yourself and/or your family via the photo's EXIF metadata.