I'will soon "migrate" to a new house in a village nearby.
Will try to expose a Hotspot, bc. many people can't afford fast internet.

Q to our -Community:

Any recommendation for Hw/Sw to have a reasonable secure and affordable solution?

- Outdoor-WiFi-Router?
(I've got a glass fiber 500 mbit/s for 140€/month 😭)
- Firewall-Hw?
(owning a nearly empty 19" rack - will most likely use pfSense)

(already owning an Ubiquiti Networks EdgeSwitch, 16-Port, 10G, ES-16-XG)

ICYMI (February 4, 2020):
Full disclosure:
0day vulnerability (backdoor) in firmware for HiSilicon-based DVRs, NVRs and IP cameras
habr.com/en/post/486856/

To all users or maintainers of the Telekom Router "Digitalisierungsbox (Premium)":

There is a huge security issue when having set a single port forward!
Forwarding of port 80 and 443 will lead to forwarding the ranges of 80-89 and 440-449!
Yes, including SMB!

Get the latest update:
telekom.de/hilfe/geraete-zubeh

Hankoor boosted

RT @shodanhq@twitter.activitypub.actor
10 years ago @achillean@twitter.activitypub.actor launched the Shodan website! To celebrate a decade of discovery and growth we're going to offer the membership for $1 (marked down from $49) for the next 24 hours (0:00 UTC to 24:00 UTC): shodan.io/store/member

Hello out there!
Without wanting to start a discussion about the sense of use, I have a question.
"In the past", comodo had free S/MIME certificates for private use.
Their ROOT CA was trusted across many operating systems.
Is there still a similar, free alternative for private use today? Ideally with certificates that are valid for 1 year and longer?

ICYMI:
"When security risks in web services are discovered by independent security researchers who understand the severity of the risk, they often lack the channels to them properly. As a result, security issues may be left unreported. security.txt defines a to help organizations define the process for security researchers to disclose security securely."
securitytxt.org/

Hankoor boosted

This is likely the most comprehensive article on security keys available. Secure Authentication is the security domain that I am most interested in and this piece lights me up like a Christmas tree

How to stay safe online and prevent phishing with FIDO2, WebAuthn and security keys. A look into YubiKeys, TOTP authenticator apps, passwordless and more.

paulstamatiou.com/getting-star

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.