Earlier this week I discovered an interesting Outlook.com phishing mail that had been caught by the anti-spam measures we deploy for our e-mail customers. Well, to be fair, the phishing attack itself was not anything new or sophisticated, but the choice of hosting provider was rather interesting.
On occasion, I’ve noticed the following HTTP referer when going through my server logs: http://www.bing.com/search?q=your+search&go=Search (notice the HTTP part).
I thought it would be interesting to see if this HTTP referer was sent from Microsoft’s search engine as a result of someone performing a search over an unencrypted HTTP connection.
I was not planning to add support for MTA-STS for my domain as I’ve previously deployed DANE for SMTP transport security. MTA-STS is an alternative solution that does not require DNSSEC for authentication but instead relies on certification authorities.
I figured there are already too many mediocre tech blogs on the Internet, so from here on out I’ll embrace my true passion instead. Well, anime blogging is over-saturated as well, so my niche will be the sick and depraved side of anime. Thankfully, there are plenty of riches to choose from.
Content warning: The following post contains violent imagery and descriptions and absolutely no mention of Fruits Basket.
My interest in the Brave browser originated from my affection for cryptocurrencies, but I also believed in the Basic Attention Token’s potential as a digital payment platform. Lately, my experiences with the Brave browser and, by proxy, Brave Software, have changed my mind.
After installing and running Microsoft Teams for Linux on Ubuntu 18.04 for a couple of days, the application suddenly stopped working. Starting Microsoft Teams would load the application menu in the top bar, but it was not possible to get the actual application window to load. Clicking “Open” from the application context menu would do nothing at all.
I recently moved my self-hosted email service from Scaleway to DigitalOcean. After receiving a new IP address for my mail server, I’m effectively once again the new kid on the block. Let’s find out if the big kids are willing to talk with me if I play nice and put on my best behavior.
After migrating my blog from WordPress to Hugo, I wanted to find a simple solution that allowed me to mirror my blog content effortlessly to my hidden services. As Hugo is a static content generator, I didn’t have the opportunity to dynamically rewrite content on the fly by pulling the HTTP host from the current request.
Back in 2018, Patrick Volkerding mentioned that he was testing PAM and Kerberos to provide proper support for Active Directory and NFS on Slackware Linux. It seems like Mr. Volkerding has finally reached a decision.
As I was booting up my Arch Linux box, systemd informed me of a start job running for /dev/disk/by-uuid. 90 seconds later, the job timed-out and some fashionable colored messages flashed by with the speed of light.
After noticing that the majority of the .ICU spam campaigns were drying up, I headed over to Namecheap to find out which gTLD was the next likely target for abuse. Well, what do you know, Namecheap was throwing out .XYZ domains for 1$ a pop.
About half a year ago, I decided to turn off my old Gentoo instance and end my run with WordPress. My current cloud instance is running Ubuntu, and I’ve migrated (most of) my content from the old WordPress installation to Hugo.
This weekend I decided to extract the IP addresses belonging to hosts used in the ongoing .best and .icu spam campaigns. I’ve only got three weeks of logs to work with so the data set is small, but it still paints a somewhat interesting picture.
I’ve made the decision to go ahead and block another one of those pesky new gTLDs that are seemingly exclusively used by malicious actors. Email delivery from .best domains will no longer get past any spam filter under my control.
The Brave Browser is on a mission to fix the web and has been gathering a lot of praise and attention from tech and crypto enthusiasts alike. Brave will diligently protect your privacy by removing intrusive ads and trackers from websites while offering you to view ads delivered through their advertising platform instead.