Category: Security
Google’s prank on Gmail users that wasn’t a prank, but juvenile nuisance at best
Google decided to prank Gmail users this year by offering a button that would attach a “mic drop” gif to the email and move the conversation to the archives. Going by the general understanding that the prank is on me, and looking forward to seeing what Google have come up with, I clicked the button.…
your ip 127.0.0.1 has been flagged for security reasons – Jetpack
So I was troubleshooting the configuration on my server and removed all non-essential code. This meant that the proxy was not forwarding the IP address of visitors to the backend. Imagine my surprise to try to login to post to the blog when I found access to admin blocked with “your ip 127.0.0.1 has been…
Disable SSLv3 on Nginx to prevent #POODLE vulnerability
In the wake of POODLE vulnerability discovered in SSLv3, surprising number of people are not sure how to disable SSLv3. So here is how to do it. In your Nginx SSL configuration, find the line that shows the protocols. It will be something like this: ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; Remove the SSLv3 from it…
Google’s guessing games #privacy #humor
Imagine my surprise today when a google search result showed my location below the search results (nil). Virar West, Virar, Maharashtra – From your Internet address – Use precise location – Learn more I live in Virar East, so the guess was off by a few kilometers. Curious to see how accurate it gets, I allowed it to use “precise…
Reset the net – Don’t ask for privacy, Take it back
A long overdue backlash against state spying (and NSA in particular) has some of the biggest websites on the internet joining forces with internet rights activists to unleash an unambiguous message. Don’t ask for privacy, take it back. Internet website and application owners are encouraged to adopt strong encryption based security measures to prevent spying…
WordPress All In One SEO Pack plugin users should upgrade NOW #vulnerability
The Scuri blog has posted that the All in One SEO plugin had two vulnerabilities they had pointed out earlier, and the just released update fixes both. AISEO users are advised to upgrade as soon as possible. While auditing their code, we found two security flaws that allows an attacker to conduct privilege escalation and…
Installing UFW – Uncomplicated Firewall on Ubuntu 12.04
If you are one of those nerdy types and use iptables, ignore this. If you are like the rest of us Ubuntu users (nerdy in denial), UFW (Uncomplicated Firewall) provides a handy tool to configure your firewall. Here’s how to install. As root, type: apt-get install ufw If this can’t find the package, run apt-get…
OpenVZ and UFW
So I found another problem area with the OpenVZ host and the Ubuntu Server. A good firewall is important for the safety of a server, but I, at least feel overwhelmed at the complexity and risk of messing things up very badly to directly touch iptables, and I have only done on rare occasions, and…
Configuring Privoxy to use TOR
In these days of censorship concerns, increasing numbers of people are using TOR as a proxy and thus, increasing numbers of people are configuring their browsers wrong and going to the TOR check page only to realize that for all their proxy configurations, they either cannot see the page at all, or they see the…