BSI: Sicherheitsanalyse KVM (Kernel-based Virtual Machine)

Das Ziel dieser Studie ist daher, eine aussagekräftige und belastbare Beurteilung der Sicherheit einer virtualisierten Infrastruktur auf Basis von KVM zu erstellen.

 

Talisman

Talisman is a tool is to validate code changes that are to be pushed out of a local Git repository on a developer's workstation. By hooking into the pre-push hook provided by Git, it validates the outgoing changeset for things that look suspicious - such as potential SSH keys, authorization tokens, private keys etc. The aim is for Talisman to scan both file names & file content so that even potential problems embedded in source code and documentation can be caught.

 

Wie jedes Jahr mal wieder etwas Geld bei der @EFF eingeworfen. Solltet Ihr auch tun! https://supporters.eff.org/donate/summer-security-camp-dd

 

Muonium

[...] we are fortunate to have a safe alternative for our mails: ProtonMail, which allows encryption end-to-end thereof. Also, you can use Ring.cx or Tox.chat to encrypt your conversations.

It's in this perspective that we launched the development of Muonium, to offer an alternative for storing securely your documents online. Our policy requires us to encrypt end-to-end files making you the only true owner thereof.

 

Harbor by VMware

Project Harbor is an enterprise-class registry server that stores and distributes Docker images. Harbor extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity and management.

 

kylemanna/docker-openvpn

OpenVPN server in a Docker container complete with an EasyRSA PKI CA

Looks like a suitable replacement for my current FreeBSD setup.

 

The Chromium Projects: Open Network Configuration

The Open Network Configuration specification describes a network and certificate configuration format that could be used across operating systems. Chromium OS will support it natively.

No word of OpenVPNs tun-ipv6 option.

 

Mullvad - World-Class VPN Service

Mullvad is a VPN service that helps keep your online activity, identity, and location private. Only €5/month - We accept Bitcoin, cash, bank wire, credit card (PayPal), and Swish.

Beim nächsten VPN-Provider-Wechsel wird das Wohl der Kandidat der Wahl.

 

So sichert Google seine Server ab

Von eigener Hardware bis zu biometrischer Zugangskontrolle für Mitarbeiter: Google setzt in seinen Rechenzentren auf ein ausgeklügeltes Sicherheitssystem.

Interessante Einblicke in Googles Sicherheitsarchitektur.

 

Cryptomator for Android

Free client-side encryption for your cloud files. Open source software: No backdoors, no registration.

The Android beta client now supports Google Drive. Time for a test drive.

 

Content Security Policy

As made clear by the CSP spec, browser bookmarklets shouldn't be affected by CSP. [..]

But, none of the browsers get this correct. All cause CSP violations and prevent the bookmarklet from functioning.

Though its highly discouraged, you can disable CSP in Firefox as a temporary workaround. Open up about:config and set security.csp.enable to false.

Finally I can bookmark github.com pages though my Firefox bookmarklets again. Wasn't aware that CSP was the culprit...

 

Listening to h01ger's talk on https://reproducible-builds.org/ - interesting concept regarding security. Will this become standard one day?