Clik here to view.
Windows 10 upgrade weeks: Done
I wrote couple of posts about Windows 10 upgrades, but there are no more free upgrades. See:From now on, you'll just have to pay for it.There are couple of issues I bumped into while upgrading about...
View ArticleClik here to view.
Amazon EC2 spot prices
I was about to do some testing with a cheap Elastic Compute Cloud Linux-instance, but ... AWS wouldn't allocate me one.Here is the reason from Amazon EC2 Spot Instances Pricing:Somebody really lost his...
View ArticleClik here to view.
Book club: Security Engineering
Every once in a while I have enough time to read books. The ones made out of paper having printed words and images on the paper. And pretty much 98% of the books I've read in the last couple of decades...
View ArticleFixing Google's new IPv6 mail policy with Postfix, part 2
I got a comment from Mr. Martin, that Google changed their SMTPd, so I'll have to revisit the article.As suggested, new /etc/postfix/smtp_reply_filter would be:#New 2016/09: /^5(\d\d )5(.*. \S+ -...
View ArticleClik here to view.
Sydney pics
I business in Sydney, Australia and I'm sharingĀ some pics I managed to snap with an iPhone. There wasn't too much time for doing any extensive touristing around, but I managedĀ some.So here goes:Ā There...
View ArticleClik here to view.
macOS Sierra upgrade from USB-stick
This is the abridged version as most steps are exactly like in OS X El Capitan. See my article about that.Step 1: Go downloadAs any upgrade, go to App Store, it should look like this:Beware, it is...
View ArticleClik here to view.
Diffie Hellman key exchange (1024 bit) unreliable
Arstechnica wrote last week: NSA could put undetectable ātrapdoorsā in millions of crypto keys. The article in the link says:A special prime devised by the researchers, however, contains certain...
View ArticleClik here to view.
Why is there no real commitment for IPv6?
I've been an active IPv6-user for many many years. Of course my ISP doesn't offer a native IPv6, so I'm using a tunnel from SixXS. They have been providing such tunnels free-of-charge for years, and...
View ArticleClik here to view.
Happy Halloween!
Those of you, who celebrateĀ All Hallows' Eve today: have a happy one!I whipped up my pumpkin knife and carved aĀ very scary(?) looking one for those kids ringing my doorbell forĀ trick or...
View ArticleClik here to view.
Skype protocol hacked
For the past couple of days, I've been getting weird Baidu links via Skype chat. The sender is somebody I actually know and is my contact. The messages do not stay in the message history for that...
View ArticleClik here to view.
Windows 10 update KB3200970 stuck
Hands downĀ KB3200970 is the worst update I've seen for Windows 10!In general I hate Windows 10 TiWorker-process. It sucks CPU like there is no tomorrow. I cannot comprehend how difficult it is to...
View ArticleSkype protocol hacked, part 2
On Friday 11th November, I got yet another Baidu-link from one of the same contacts, I've already received some.As I've been communicating with the persons who are "sending" me these links, they have...
View ArticleClik here to view.
Skype protocol hacked, part 3
This one won't fade away, so I'm taking a third swing at the subject. Previous posts are here and here. I've been actively following the conversation in Sype community's Security, Privacy, Trust and...
View ArticleClik here to view.
Removing old Skype-login and going for Microsoft Account
This is a solution to my request #3 to Microsoft which I made in my post about Skype hack. Doing this will vastly improve your security for Skype-logins as the old Skype account and password cannot be...
View ArticleClik here to view.
What's wrong with HTTPS: Part 1 - Trust issues
Three years ago I was inspired by Scofield (or Mr. Harri Hursti) when he claimed that SSLĀ is broken and it cannot be fixed. See the post for details. In reality tech can be fixed, my previous...
View ArticleClik here to view.
What's wrong with HTTPS: Part 2 - Untrustworthy Certificate Authorities
In the previous part we established the fact, that for HTTPS to work as intended, you as a web browser user need to trust your browser vendor's decision to trust the certificate authorities issuing the...
View ArticleClik here to view.
What's wrong with HTTPS: Part 3 - Certificate governance
In the previous part we established that any certificate authority can issue a certificate to any website, even if the website admin doesn't want them to do that. This post is about technical measures...
View ArticleClik here to view.
Advent calendar 2016
UnlikeĀ last year, I didn't manage to get me an advent calendar this year. Unfortunately for me, Central European on-line stores won't do deliveries to Finland anymore. This year I had to go for a much...
View ArticleClik here to view.
EBN European Business Number scam
Today I got yet another snail mail scam as a printed letter. It looks like this:The scammers are claiming, that they are missing my corporate VAT ID. Hm. That's strange. All the other information they...
View ArticleClik here to view.
CAcert Root Certificate, SHA-2 hashed
CAcert is my favorite source of certificates. It has been that for years. The buggy Let's Encrypt I loathe, their poorly tinkered Python-scripts won't work and after couple hours of unnecessary fixing...
View Article