Ctrlblog

The entirely predictable problems with the Vulnonym naming scheme

An automated naming scheme intended to rid the security research field of “sensational names” predictably creates sensational, ambiguous, and suggestive names.

TeamViewer RPM repo left door open for malicious packages

一个配置错误了TeamViewer RPM回购sitory vulnerable to an attacker-in-the-middle substituting TeamViewer with its own GPG keys and software.

Google Authenticator enables device-transfers, but no export options

双因素身份验证要求用户无限期地承诺存储密码。yabo88软件下载流行的应用程序缺乏备份和数据传输这些秘密的工具。

如何备份密码管理器

计划您的密码管理器停止工作。备份您的密码管理器更难听到它。

限制安全侵扰的影响systemd.directives

OpenSMTPD最近具有关键的远程执行代码执行漏洞。我看如何利用Systemd-Service安全指令限制影响。

电子邮件政治，安全性以及为什么您有一个空的时事通讯

Last week was a busy week for email issues. Here’s what happened and why you got an empty blog newsletter this week.

systemd.service sandboxing and security hardening 101

Systemd-Analyze Security命令为您的Systemd服务单元提供自动安全额定值。这是安全硬化的一个很好的起点。

FlatPak中包含的Firefox VS快照比较

FlatPak与Snap提供的孤立沙箱中运行的Firefox浏览器的功能，安全性，性能和限制的比较。

Mitigate “tabnabbing” without breakingwindow.open()features

从您的网站打开的Windows可以将“打开”选项卡重定向到新目的地。缓解窗口窗口。（）尺寸和定位等功能。

如何将防火墙从防火墙切换到UFW

从防火墙迁移并开始使用简单的防火墙（UFW）进行快速教程。

Why my 7-year old Windows 10 laptop became unbearably slow

我的老化PC的处理器不支持默认情况下启用新的Windows 10安全功能，导致它变得缓慢而不稳定。

feitian multipass recall亮点需要使用多个安全键

Feian Multipass FIDO安全密钥的召回演示了为什么您始终应该使用来自不同供应商的多个安全性密钥产品。

How quickly do Firefox derived browsers receive security updates

A case study in how timely Firefox derived web browsers ship critical security updates.

What’s with the tech media’s obsession with VPN services

VPN提供商是良好的广告商，也支付了良好的钱来使甚至是[以前]信誉良好的科技媒体网站“推荐”他们的服务。

protonmail vs mailbox.org比较

对面向PGP的电子邮件提供商ProtonMail VS Mailbox.org的比较审查。同一服务的巨大价格差异。

6 places to report phishing emails and websites

Here are 6 services you can report malware websites and phishing emails to help make the internet a safer place for everyone.

Linux的Steam比麦克斯和Win32更安全

安全的App-Sandboxing使Seav通过FlatPak分发，用于Linux比MacOS和Windows 10更安全的游戏环境。

SAFARI的默认媒体控件在应用CSP时被阻止

Any HTTP Content-Security-Policy blocks the default

土耳其块Bunnycdn;Ctrl博客和14 000个网站无法访问

Ctrl blog was inaccessible in Turkey for five days as the country blocks the BunnyCDN content delivery network.

WebP images won’t load in Microsoft Edge with Application Guard

Windows 10安全功能会阻止WebP Image文件加载Microsoft Edge和现代应用程序。

How I blocked myself from obtaining a Let’s Encrypt TLS certificates

A misapplied DNS CAA record blocked Certbot from obtaining a Let’s Encrypt certificate for my domain name.

Firefox, Security Keys, U2F, and Google Advanced Protection

How to use U2F security keys with Firefox and Google’s Advanced Account Protection.

Actually secure DNS over TLS in Unbound

Resolve a common DNS over TLS configuration mistake in the Unbound DNS server that makes you vulnerable to attacker-in-the-middle resolver interceptions.

What is Lenovo Wi-Fi Security and should you enable or ignore it?

联想Wi-Fi安全性发送有关您的设备和网络的信息，它加入ISReali公司，称为Coronet Coneber Security。但它有什么好处吗？

PCMAG的VPN评论 - 评分与销售委员会相比“

Do affiliate commissions make a difference in how PCMag rank VPN providers?

VPN root certificates leaves you more vulnerable to snooping

Many VPNs require you to install their root certificates to use their service. This also enables them to intercept your encrypted web traffic.

如何在Windows 10中围绕IKEv2 EAP身份验证问题工作

Windows Settings应用程序中的错误导致使用IKEv2 EAP身份验证配置文件的VPN连接时出现问题。

Vilfo评论：不是用于安全或隐私的设计 - 第3部分：4

我在周期审查期间找到了vilfo vpn路由器的几个隐私和安全问题。

Why I migrated from LastPass to Bitwarden

这就是为什么我使用LastPass停止并将所有密码和注释移动到开源位点密码管理器。

LastPass quietly deprecates Firefox for Android extension

LastPass密码管理器已停止对Android最流行的扩展的一个Firefox的支持。yabo88软件下载

Should web browsers adopt Google’s new selective ad-blocking tech?

Firefox and Safari already integrate with the Google Safe Browsing fraud/malware protection service. Should they also adopt its new bad-ads blocking system?

How to change BitLocker boot-screen language and keyboard layout

如何更改BitLocker设备加密预启动环境中使用的语言和键盘布局。

Allow OCSP stapling in Apache Web Server with SELinux policies

调整CentOS和Fedora中的默认SELInux策略，无法从OCSP装订TLS证书中阻止Apache Httpd Server。

Linode and Vultr no longer disables SELinux in Fedora Server

两个受欢yabo88软件下载迎的VPS提供商不再修改其Fedora图像默认禁用SELinux安全功能。

Dual-booting Linux with BitLocker Device Encryption and Secure Boot

采取一些预防措施，具有备份计划，您可以将Windows分区携带加密，并启用安全启动。

Lenovo Companion app doesn’t notify you about TPM firmware updates

The Lenovo Companion app is supposed to keep your device’s drivers and firmware up-to-date. However, it won’t update your Lenovo PC’s TPM firmware.

局部泄露用户的电子邮件地址和兴趣

Twitter-to-email-newsletter service Topical exposes its users’ subscriptions and interests through poor security practices.

TP-Link serves outdated firmware on ⅓ of its European websites

无论您是否为您的TP-Link产品获得更新的驱动程序，也不依赖于您从中检查的国家。

钥匙扣的第一印象 - TLS证书到期跟踪器

在HTTPS证书过期之前，新的无需服务服务会发送电子邮件通知。

教程：WordPress Brute-Force登录保护与Sshguard

Protect your WordPress install against brute-force password guessing with SSHGuard.

Sshguard 2.1中有什么新鲜事

New features and services in SSH brute-force protection utility SSHGuard version 2.1.

Spideroak一篇点评：好的备份服务，笨拙的软件

Spideroak一个备份服务优于客户端软件。良好的安全和隐私保护，但很难使用。

Keep an eye on your certificates with SSLPing

SSLPing可以关注TLS证书的健康，并在他们过期之前通过电子邮件发送给您。

How to report a false-positive in Microsoft SmartScreen

Report Windows SmartScreen false-positives to Microsoft when the security suite gets your software wrong.

How to prevent Let’s Encrypt from issuing certificates for your domain

让我们加密已经让它真的很容易获得TLS证书。以下是如何阻止服务为域发出证书。

KMail’s Send Later sent PGP encrypted emails in plain-text

我在kmail中发现了一种安全漏洞（CVE-2017-9604），同时尝试延迟发送PGP加密的私人电子邮件。

如何让Fedora照顾自己的更新

Set up unattended auto-updates on Fedora Server or Workstation using dnf-automattic.

50+ unpatched security vulnerabilities in A5-generation iOS devices

当他们不再接收安全更新时，请停止使用旧IOS设备。迄今为止，IOS 9.3.5有超过50个已知的安全问题！

Trend Micro router security feature broke Steam

我的网络路由器上的“安全功能”开始通过Steam阻止所有下载。

Internet connected devices should be sold with best before dates

您如何知道设备将如何接收软件更新？清楚地标记的包装到期日期可能是答案。

点评：AsuSwrt路由器固件

A deep look at the ASUSWRT router firmware.

Stop CAs from misissuing certificates for your domains with CAA

为域添加DNS CAA记录，以阻止未经授权的证书颁发机构（CAS）为您的域名发出证书。

How to get Firefox to check for extension updates more often

配置Firefox每天更频繁地检查扩展更新。

How to protect SSH remote login in Fedora with SSHGuard and FirewallD

Protect your Fedora/CentOS Linux-system against SSH brute-force credential-guessing with SSHGuard and FirewallD.

Sshguard 2.0中有什么新鲜事

New features and services in SSH brute-force protection utility SSHGuard version 2.0.

How to enable, login to, or disable Microsoft SSH Server in Windows 10

Learn how to log in to and take control of Windows 10’s new SSH Server.

如何设置CLAMAV以定期扫描Fedora Linux上的寄存器

在Fedora安装上运行定期恶意软件扫描所需的所有步骤。推荐用于Fedora Server Setups！

大多数备用Web浏览器都没有欺诈和恶意软件保护

所有领先的Web浏览器都保护您免受已知用于分发恶意软件的Web欺诈和网站。您不会使用较小的浏览器获得此保护。

How to encrypt backups using Windows 10’s built-in tools

Windows备份本身并不支持加密备份。但是，您仍然可以使用Windows 10中的内置工具获取加密备份。

Netcraft Anti-Phishing工具栏在IPv6支持的网络上打破

IPv6-capable websites can break the website security information displayed in the Netcraft anti-phishing toolbar for Firefox and Chrome.

如何验证您已下载了正版Apple软件

Tutorial demonstrating how to validate code signing certificate signatures on macOS updates and other Apple software installers.

IPv6支持最终到达Fail2Ban 0.10

流行的Syabo88软件下载SH Server Brute-Force登录猜测保护实用程序Fail2Ban最终添加了IPv6支持。

How to block common WordPress vulnerability probes

Protect your WordPress installation against bots probing for known WordPress core and plugin security vulnerabilities.

块重复403 Forbidden请求Fail2Ban.

Protect yourself against repeated users and bots who don’t get the hint the first couple of times your web server responds with HTTP 403 Forbidden.

更改Fedora中的默认SSH端口

通过更改远离默认的SSH端口号，减少Brute-Force Password猜测和脚本攻击在Fedora服务器上运行的SSH服务。

InvizBox review: Tor anonymity in a box

How needs a Tor-enabled Wi-Fi access-point, anyway?

我对让我们加密的经历

我的早期体验来自让我们加密的HTTPS证书。

泄露的帕勒顿数据用于从受影响的用户敲诈比特币

Patreon leaked customer email addresses and Bitcoin extortion spammers got hold of the leaked database.

同性恋约会应用程序Grindr的照片绝不是私人的

Grindr doesn’t use HTTPS-encryption allowing network operators and attacker-in-the-middle (AITM) attackers to intercept private pics in the app.

WIG-FI在Windows 10中为减少用户的网络安全性

Windows 10 introduces a new feature that freely shares all your Wi-Fi passwords with your Outlook, Skype, and Facebook contacts.

It’s high time Apple enabled the OS X firewall by default

Microsoft被安全社区删除了，因为在Windows中默认情况下无法部署防火墙。为什么Apple产品没有给出同样的审查？

CyanogenMod’s one big advantage over stock Android

An Android competitor has much better security and privacy tools than the original Android from Google.

Do you trust Microsoft with all your passwords?

Windows has become your password manager, but it also syncs all your credentials to Microsoft. Should you trust it with the keys to your digital kingdom?