Skip to main content

Entdeckung des Wochenendes: Die Multicast-DNS-Funktion am @ubnt Security Gateway. Jetzt funktionieren Chromecast und Co. auch WLAN- bzw. VLAN-übergreifend!

The Illustrated TLS 1.3 Connection: Every Byte Explained

A revised edition in which we dissect the new manner of secure and authenticated data exchange, the TLS 1.3 cryptographic protocol.


Purism: Librem 15

The Librem 15 is the first ultra-portable workstation laptop that was designed chip-by-chip, line-by-line, to respect your rights to privacy, security, and freedom. Every hardware and software component—and everything we do—is in line with our belief in respecting your rights to privacy, security, and freedom.


Terms of Service; Didn't Read

We are a user rights initiative to rate and label website terms & privacy policies, from very good (Class A) to very bad (Class E).


No Third-Party: Revoke Third Party Acccess to your Accounts

Forgot what permissions you've given a website/application years ago? You're not the only one! We've put together a list of some of the most popular sites so you can review what permissions you've given third parties in the past.

New Year's cleanup!


Memorable site for testing clients against bad SSL configs.


BSI: Sicherheitsanalyse KVM (Kernel-based Virtual Machine)

Das Ziel dieser Studie ist daher, eine aussagekräftige und belastbare Beurteilung der Sicherheit einer virtualisierten Infrastruktur auf Basis von KVM zu erstellen.



Talisman is a tool is to validate code changes that are to be pushed out of a local Git repository on a developer's workstation. By hooking into the pre-push hook provided by Git, it validates the outgoing changeset for things that look suspicious - such as potential SSH keys, authorization tokens, private keys etc. The aim is for Talisman to scan both file names & file content so that even potential problems embedded in source code and documentation can be caught.


Wie jedes Jahr mal wieder etwas Geld bei der @EFF eingeworfen. Solltet Ihr auch tun!


[...] we are fortunate to have a safe alternative for our mails: ProtonMail, which allows encryption end-to-end thereof. Also, you can use or to encrypt your conversations.

It's in this perspective that we launched the development of Muonium, to offer an alternative for storing securely your documents online. Our policy requires us to encrypt end-to-end files making you the only true owner thereof.


Harbor by VMware

Project Harbor is an enterprise-class registry server that stores and distributes Docker images. Harbor extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity and management.



OpenVPN server in a Docker container complete with an EasyRSA PKI CA

Looks like a suitable replacement for my current FreeBSD setup.


The Chromium Projects: Open Network Configuration

The Open Network Configuration specification describes a network and certificate configuration format that could be used across operating systems. Chromium OS will support it natively.

No word of OpenVPNs tun-ipv6 option.


Mullvad - World-Class VPN Service

Mullvad is a VPN service that helps keep your online activity, identity, and location private. Only €5/month - We accept Bitcoin, cash, bank wire, credit card (PayPal), and Swish.

Beim nächsten VPN-Provider-Wechsel wird das Wohl der Kandidat der Wahl.


So sichert Google seine Server ab

Von eigener Hardware bis zu biometrischer Zugangskontrolle für Mitarbeiter: Google setzt in seinen Rechenzentren auf ein ausgeklügeltes Sicherheitssystem.

Interessante Einblicke in Googles Sicherheitsarchitektur.


Cryptomator for Android

Free client-side encryption for your cloud files. Open source software: No backdoors, no registration.

The Android beta client now supports Google Drive. Time for a test drive.