Android: Der Beitrag stellt die Vorbereitung des Testgeräts sowie Werkzeuge (Frida, Magisk) zur Analyse des Datensendeverhaltens von Apps vor. Reinschauen! ✌️ 👇
Where do people get their SSL certs at reasonable prices these days? I'd like to move some (mostly Wordpress) sites to shared hosting at Blacknight, from a VPS so Let's Encrypt would no longer be suitable
What's the purpose of #ssl certificates expiring again? From my limited perspective it doesn't serve much else than adding unnecessary work for sysadmins, so I'd love to know if there's a legit reason for it. #webdev#infosec
SSL Labs (https://www.ssllabs.com/ssltest) from Qualys used to be a useful HTTPS testing tool. However, it hasn't received significant updates since 2019 and is now holding back HTTPS security. The biggest issue is that many of the tests don't support TLSv1.3 so it penalizes disabling legacy TLSv1.2.
@GrapheneOS Good to know. Thanks for the heads up! 👍
Can't we have a #FOSS version of SSLlabs? Sounds like generally desirable for the whole industry and likely to receive Merge Requests once established. I think many updates would be mere changes of opinions about recommended settings. #ssl#tls#https#openssl
Für Leute, die eigene Server betreiben und mal Klarheit bei der vorliegenden #TLS#SSL#encryption benötigen, können es hiermit testen.
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL #ciphers, protocols as well as recent cryptographic flaws and more.
No dobra... Jest tu jakiś cwaniak?
Próbuję ogarnąć WordPressa/ActivityPub na własnym serwerze. Nawet to działa, ale gdy chcę z tego konta (pol.social) dać follow takiego konta domowego to wywala:
"503 Remote SSL certificate could not be verified”
No rozumiem. Sprawdzam swoją stronę SSL Checker i mam:
"The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. The fastest way to fix this problem is to contact your SSL provider.”
Certyfikat SSL mam (działający i zainstalowany) z home.pl ale brakuje tego co wyżej „chain certificate”. Home.pl tego nie dostarcza i… jak to ogarnąć samemu? Bo jakoś utknąłem.
Getting close to a full green #Bunny running fully on @reactphp. There is one #TLS/#SSL test left to resolve before this will become the base for 0.6.x. #php#rabbitmq#amqp
Any Firefox website Wizards out there? Even though my website has a verified and valid (LetsEncrypt) SSL certificate, Firefox is reporting that "Parts of the webpage are not encrypted”.
I can't find any other information on why this is occuring, I do have a couple iframes in the page (alberniweather.ca) and lots of images including some that are hosted on Google cloud.
Is there a project or something so I can give all my local servers working #SSL certificates that don't freak out my browser without exposing everything to the internet AND WITHOUT HAVING TO GET CISCO CERTIFIED or whatever?
servers:
Home Assistant
Ubiquiti router accessed via its .local domain
Synology NAS
Each of these is on distinct hardware and while each has their own solutions with varying flexibility, I'd like something generalizable to all based on my "no internet exposure" need
Das Tool basiert auf Chrome und untersucht u. a. #Cookies, #SSL, Datenverkehr und #Tracking-Pixel (#beacons). Ob eine Website gesetzeskonform ist oder nicht, entscheiden die testenden Sachbearbeiter*innen.
In part to protect US superiority in #AI, the US has restricted high-end GPUs from being sold in certain countries, such as China.
As a result, available NVidia GPUs for China aren't much better than what Huawei can offer, leaving China and other countries with little choice but to shift billions of dollars from NVidia to Huawei.
The Biden Administration has, through good intentions, unexpectedly given a massive subsidy to Chinese companies.
@ovid Similar stupid situation from the mid-1990s: Domestically-developed web browsers such as #Netscape had to ship a weaker "international" version because of US software #encryption export rules. They used a drastically reduced #SSL key length (e.g., to “protect" credit card info) which could be decrypted in a matter of days by a single PC.
To make matters worse, even US users mostly ended up with the weak version since it was more of a hassle to get the full-strength download.
This is more of a security question, but I currently know way more people on ruby.social than infosec.exchange. I want to use a #Yubikey for #SMIME or #GPG signing on #iOS & #iPadOS, but can't find:
Any documentation about how to integrate it with Apple Mail.
Anyplace that offers #x509 certificates for S/MIME at zero or minimal cost the way @letsencrypt offers free #SSL certs.
Self-signed S/MIME certs are a non-starter, and there are no full-featured #OpenPGP apps on iOS. Suggestions?
Owners of a domain, which domain registrar did you choose and why?
I’m currently on the lookout for privacy-respecting domain registrars. What are you guys using and why?...