mirror of
https://github.com/PrivSec-dev/privsec.dev
synced 2024-12-23 13:21:34 -05:00
Pull request autobuild
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
parent
84b020bb03
commit
1680e34335
@ -9,6 +9,15 @@ jobs:
|
|||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v2
|
- uses: actions/checkout@v2
|
||||||
|
|
||||||
|
- name: Hugo setup
|
||||||
|
uses: peaceiris/actions-hugo@v2
|
||||||
|
with:
|
||||||
|
hugo-version: 'latest'
|
||||||
|
|
||||||
|
- name: Build
|
||||||
|
run: hugo --minify
|
||||||
|
|
||||||
- uses: FirebaseExtended/action-hosting-deploy@v0
|
- uses: FirebaseExtended/action-hosting-deploy@v0
|
||||||
with:
|
with:
|
||||||
repoToken: '${{ secrets.GITHUB_TOKEN }}'
|
repoToken: '${{ secrets.GITHUB_TOKEN }}'
|
||||||
|
@ -1,4 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>404 Page not found | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/404.html><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="404 Page not found"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/404.html"><meta name=twitter:card content="summary"><meta name=twitter:title content="404 Page not found"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><div class=not-found>404</div></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -1,7 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>Applications | PrivSec.dev</title><meta name=keywords content><meta name=description content="Applications - PrivSec.dev"><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/apps/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/apps/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="Applications"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/apps/"><meta name=twitter:card content="summary"><meta name=twitter:title content="Applications"><meta name=twitter:description content><script type=application/ld+json>{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":2,"name":"Applications","item":"https://privsec.dev/apps/"}]}</script></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span class=active>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a></div><h1>Applications
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class=post-entry><header class=entry-header><h2>F-Droid Security Analysis</h2></header><div class=entry-content><p>F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider.
|
|
||||||
Before we start, a few things to keep in mind:
|
|
||||||
The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone else’s work....</p></div><footer class=entry-footer>25 min · 5298 words · Wonderfall</footer><a class=entry-link aria-label="post link to F-Droid Security Analysis" href=https://privsec.dev/apps/f-droid-security-analysis/></a></article></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,20 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>Applications on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/apps/</link>
|
|
||||||
<description>Recent content in Applications on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/apps/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>F-Droid Security Analysis</title>
|
|
||||||
<link>https://privsec.dev/apps/f-droid-security-analysis/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/apps/f-droid-security-analysis/</guid>
|
|
||||||
<description>F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider.
|
|
||||||
Before we start, a few things to keep in mind:
|
|
||||||
The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone else&rsquo;s work.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
@ -1 +0,0 @@
|
|||||||
<!doctype html><html lang=en><head><title>https://privsec.dev/apps/</title><link rel=canonical href=https://privsec.dev/apps/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://privsec.dev/apps/"></head></html>
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -1,4 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>Categories | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/categories/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/categories/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="Categories"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/categories/"><meta name=twitter:card content="summary"><meta name=twitter:title content="Categories"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><h1>Categories</h1></header><ul class=terms-tags></ul></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,9 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>Categories on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/categories/</link>
|
|
||||||
<description>Recent content in Categories on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/categories/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
File diff suppressed because one or more lines are too long
Binary file not shown.
Before Width: | Height: | Size: 424 KiB |
File diff suppressed because one or more lines are too long
@ -1,94 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/</link>
|
|
||||||
<description>Recent content on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>About Us</title>
|
|
||||||
<link>https://privsec.dev/about/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/about/</guid>
|
|
||||||
<description>PrivSec.dev is made by a group of enthusiastic individuals looking to provide practical privacy and security advice for the end user. We are security researchers, developers, system administrators&hellip; generally people with technical knowledge and work in the field.
|
|
||||||
We focus on in-depth system configuration, security analysis, and software/hardware recommendations. Our site is based on technical merits, not ideologies and politics.
|
|
||||||
Tommy System Administrator. Benevolent dictator for life @privsec.dev.
|
|
||||||
Website: tommytran.io</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Choosing Your Desktop Linux Distribution</title>
|
|
||||||
<link>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</guid>
|
|
||||||
<description>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
|
|
||||||
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates.
|
|
||||||
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Docker and OCI Hardening</title>
|
|
||||||
<link>https://privsec.dev/os/docker-and-oci-hardening/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/docker-and-oci-hardening/</guid>
|
|
||||||
<description>Containers aren&rsquo;t that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
|
|
||||||
- Hey, your software doesn&rsquo;t work&hellip;
|
|
||||||
- Sorry, it works on my computer! Can&rsquo;t help you.
|
|
||||||
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Donate</title>
|
|
||||||
<link>https://privsec.dev/donate/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/donate/</guid>
|
|
||||||
<description>The domain costs us $12/year to renew from Google. We got our repository hosted for free on GitHub. We got our site hosted for free with Firebase. It costs Tommy ~$20/month to run the mail server, but that server is used for a bunch of his projects, not just PrivSec, and we doubt it will be used that much anyways. The point is, this website does not cost much to run, and as such we will not be accepting donation as a project.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>F-Droid Security Analysis</title>
|
|
||||||
<link>https://privsec.dev/apps/f-droid-security-analysis/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/apps/f-droid-security-analysis/</guid>
|
|
||||||
<description>F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider.
|
|
||||||
Before we start, a few things to keep in mind:
|
|
||||||
The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone else&rsquo;s work.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Linux Insecurities</title>
|
|
||||||
<link>https://privsec.dev/os/linux-insecurities/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/linux-insecurities/</guid>
|
|
||||||
<description>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
|
|
||||||
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonix&rsquo;s Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Multi-factor Authentication</title>
|
|
||||||
<link>https://privsec.dev/knowledge/multi-factor-authentication/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/knowledge/multi-factor-authentication/</guid>
|
|
||||||
<description>Multi-factor authentication is a security mechanism that requires additional verification beyond your username (or email) and password. This usually comes in the form of a one time passcode, a push notification, or plugging in and tapping a hardware security key.
|
|
||||||
Common protocols Email and SMS MFA Email and SMS MFA are examples of the weaker MFA protocols. Email MFA is not great as whoever controls your email account can typically both reset your password and recieve your MFA verification.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Securing OpenSSH with FIDO2</title>
|
|
||||||
<link>https://privsec.dev/os/securing-openssh-with-fido2/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/securing-openssh-with-fido2/</guid>
|
|
||||||
<description>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since they&rsquo;re cryptographically sane by default, and are therefore resilient to most bruteforce atacks. They&rsquo;re also easier to manage while enabling a form of decentralized authentication (it&rsquo;s easy and painless to revoke them). So, what&rsquo;s the next step? And more exactly, why would one need something even better?
|
|
||||||
Why? The main problem with SSH keys is that they&rsquo;re not magic: they consist of a key pair, of which the private key is stored on your disk.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
@ -1,6 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>Knowledge Base | PrivSec.dev</title><meta name=keywords content><meta name=description content="Knowledge Base - PrivSec.dev"><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/knowledge/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/knowledge/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="Knowledge Base"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/knowledge/"><meta name=twitter:card content="summary"><meta name=twitter:title content="Knowledge Base"><meta name=twitter:description content><script type=application/ld+json>{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":2,"name":"Knowledge Base","item":"https://privsec.dev/knowledge/"}]}</script></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span class=active>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a></div><h1>Knowledge Base
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class=post-entry><header class=entry-header><h2>Multi-factor Authentication</h2></header><div class=entry-content><p>Multi-factor authentication is a security mechanism that requires additional verification beyond your username (or email) and password. This usually comes in the form of a one time passcode, a push notification, or plugging in and tapping a hardware security key.
|
|
||||||
Common protocols Email and SMS MFA Email and SMS MFA are examples of the weaker MFA protocols. Email MFA is not great as whoever controls your email account can typically both reset your password and recieve your MFA verification....</p></div><footer class=entry-footer>6 min · 1223 words · Tommy</footer><a class=entry-link aria-label="post link to Multi-factor Authentication" href=https://privsec.dev/knowledge/multi-factor-authentication/></a></article></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,19 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>Knowledge Base on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/knowledge/</link>
|
|
||||||
<description>Recent content in Knowledge Base on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/knowledge/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>Multi-factor Authentication</title>
|
|
||||||
<link>https://privsec.dev/knowledge/multi-factor-authentication/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/knowledge/multi-factor-authentication/</guid>
|
|
||||||
<description>Multi-factor authentication is a security mechanism that requires additional verification beyond your username (or email) and password. This usually comes in the form of a one time passcode, a push notification, or plugging in and tapping a hardware security key.
|
|
||||||
Common protocols Email and SMS MFA Email and SMS MFA are examples of the weaker MFA protocols. Email MFA is not great as whoever controls your email account can typically both reset your password and recieve your MFA verification.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
File diff suppressed because one or more lines are too long
@ -1 +0,0 @@
|
|||||||
<!doctype html><html lang=en><head><title>https://privsec.dev/knowledge/</title><link rel=canonical href=https://privsec.dev/knowledge/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://privsec.dev/knowledge/"></head></html>
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -1,12 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>Operating Systems | PrivSec.dev</title><meta name=keywords content><meta name=description content="Operating Systems - PrivSec.dev"><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/os/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/os/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="Operating Systems"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/os/"><meta name=twitter:card content="summary"><meta name=twitter:title content="Operating Systems"><meta name=twitter:description content><script type=application/ld+json>{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":2,"name":"Operating Systems","item":"https://privsec.dev/os/"}]}</script></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span class=active>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a></div><h1>Operating Systems
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class=post-entry><header class=entry-header><h2>Choosing Your Desktop Linux Distribution</h2></header><div class=entry-content><p>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
|
|
||||||
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates.
|
|
||||||
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer....</p></div><footer class=entry-footer>7 min · 1431 words · Tommy</footer><a class=entry-link aria-label="post link to Choosing Your Desktop Linux Distribution" href=https://privsec.dev/os/choosing-your-desktop-linux-distribution/></a></article><article class=post-entry><header class=entry-header><h2>Docker and OCI Hardening</h2></header><div class=entry-content><p>Containers aren’t that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
|
|
||||||
- Hey, your software doesn’t work…
|
|
||||||
- Sorry, it works on my computer! Can’t help you.
|
|
||||||
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries....</p></div><footer class=entry-footer>19 min · 3925 words · Wonderfall</footer><a class=entry-link aria-label="post link to Docker and OCI Hardening" href=https://privsec.dev/os/docker-and-oci-hardening/></a></article><article class=post-entry><header class=entry-header><h2>Linux Insecurities</h2></header><div class=entry-content><p>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
|
|
||||||
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonix’s Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post....</p></div><footer class=entry-footer>3 min · 589 words · Tommy</footer><a class=entry-link aria-label="post link to Linux Insecurities" href=https://privsec.dev/os/linux-insecurities/></a></article><article class=post-entry><header class=entry-header><h2>Securing OpenSSH with FIDO2</h2></header><div class=entry-content><p>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since they’re cryptographically sane by default, and are therefore resilient to most bruteforce atacks. They’re also easier to manage while enabling a form of decentralized authentication (it’s easy and painless to revoke them). So, what’s the next step? And more exactly, why would one need something even better?
|
|
||||||
Why? The main problem with SSH keys is that they’re not magic: they consist of a key pair, of which the private key is stored on your disk....</p></div><footer class=entry-footer>5 min · 863 words · Wonderfall</footer><a class=entry-link aria-label="post link to Securing OpenSSH with FIDO2" href=https://privsec.dev/os/securing-openssh-with-fido2/></a></article></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,52 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>Operating Systems on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/os/</link>
|
|
||||||
<description>Recent content in Operating Systems on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/os/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>Choosing Your Desktop Linux Distribution</title>
|
|
||||||
<link>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</guid>
|
|
||||||
<description>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
|
|
||||||
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates.
|
|
||||||
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Docker and OCI Hardening</title>
|
|
||||||
<link>https://privsec.dev/os/docker-and-oci-hardening/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/docker-and-oci-hardening/</guid>
|
|
||||||
<description>Containers aren&rsquo;t that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
|
|
||||||
- Hey, your software doesn&rsquo;t work&hellip;
|
|
||||||
- Sorry, it works on my computer! Can&rsquo;t help you.
|
|
||||||
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Linux Insecurities</title>
|
|
||||||
<link>https://privsec.dev/os/linux-insecurities/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/linux-insecurities/</guid>
|
|
||||||
<description>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
|
|
||||||
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonix&rsquo;s Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Securing OpenSSH with FIDO2</title>
|
|
||||||
<link>https://privsec.dev/os/securing-openssh-with-fido2/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/securing-openssh-with-fido2/</guid>
|
|
||||||
<description>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since they&rsquo;re cryptographically sane by default, and are therefore resilient to most bruteforce atacks. They&rsquo;re also easier to manage while enabling a form of decentralized authentication (it&rsquo;s easy and painless to revoke them). So, what&rsquo;s the next step? And more exactly, why would one need something even better?
|
|
||||||
Why? The main problem with SSH keys is that they&rsquo;re not magic: they consist of a key pair, of which the private key is stored on your disk.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
File diff suppressed because one or more lines are too long
@ -1 +0,0 @@
|
|||||||
<!doctype html><html lang=en><head><title>https://privsec.dev/os/</title><link rel=canonical href=https://privsec.dev/os/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://privsec.dev/os/"></head></html>
|
|
File diff suppressed because one or more lines are too long
@ -1,5 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>Providers | PrivSec.dev</title><meta name=keywords content><meta name=description content="Providers - PrivSec.dev"><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/providers/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/providers/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="Providers"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/providers/"><meta name=twitter:card content="summary"><meta name=twitter:title content="Providers"><meta name=twitter:description content><script type=application/ld+json>{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":2,"name":"Providers","item":"https://privsec.dev/providers/"}]}</script></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span class=active>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a></div><h1>Providers
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,9 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>Providers on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/providers/</link>
|
|
||||||
<description>Recent content in Providers on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/providers/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
@ -1 +0,0 @@
|
|||||||
<!doctype html><html lang=en><head><title>https://privsec.dev/providers/</title><link rel=canonical href=https://privsec.dev/providers/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://privsec.dev/providers/"></head></html>
|
|
@ -1,3 +0,0 @@
|
|||||||
User-agent: *
|
|
||||||
Disallow:
|
|
||||||
Sitemap: https://privsec.dev/sitemap.xml
|
|
@ -1,51 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"
|
|
||||||
xmlns:xhtml="http://www.w3.org/1999/xhtml">
|
|
||||||
<url>
|
|
||||||
<loc>https://privsec.dev/about/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/tags/android/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/apps/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/categories/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/tags/container/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/os/docker-and-oci-hardening/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/donate/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/apps/f-droid-security-analysis/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/tags/knowledge-base/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/knowledge/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/tags/linux/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/os/linux-insecurities/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/knowledge/multi-factor-authentication/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/tags/operating-system/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/tags/operating-systems/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/os/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/providers/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/os/securing-openssh-with-fido2/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/tags/security/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/tags/software/</loc>
|
|
||||||
</url><url>
|
|
||||||
<loc>https://privsec.dev/tags/</loc>
|
|
||||||
</url>
|
|
||||||
</urlset>
|
|
File diff suppressed because one or more lines are too long
@ -1,7 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>Software | PrivSec.dev</title><meta name=keywords content><meta name=description content="Software - PrivSec.dev"><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/software/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/software/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="Software"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/software/"><meta name=twitter:card content="summary"><meta name=twitter:title content="Software"><meta name=twitter:description content><script type=application/ld+json>{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":2,"name":"Software","item":"https://privsec.dev/software/"}]}</script></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/software/ title=Software><span class=active>Software</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a></div><h1>Software
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class=post-entry><header class=entry-header><h2>F-Droid Security Analysis</h2></header><div class=entry-content><p>F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider.
|
|
||||||
Before we start, a few things to keep in mind:
|
|
||||||
The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone else’s work....</p></div><footer class=entry-footer><span title='2022-01-02 21:28:31 +0000 UTC'>January 2, 2022</span> · 26 min · 5392 words · Wonderfall</footer><a class=entry-link aria-label="post link to F-Droid Security Analysis" href=https://privsec.dev/software/f-droid-security-analysis/></a></article></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,21 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>Software on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/software/</link>
|
|
||||||
<description>Recent content in Software on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator>
|
|
||||||
<lastBuildDate>Sun, 02 Jan 2022 21:28:31 +0000</lastBuildDate><atom:link href="https://privsec.dev/software/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>F-Droid Security Analysis</title>
|
|
||||||
<link>https://privsec.dev/software/f-droid-security-analysis/</link>
|
|
||||||
<pubDate>Sun, 02 Jan 2022 21:28:31 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/software/f-droid-security-analysis/</guid>
|
|
||||||
<description>F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider.
|
|
||||||
Before we start, a few things to keep in mind:
|
|
||||||
The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone else&rsquo;s work.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
@ -1 +0,0 @@
|
|||||||
<!doctype html><html lang=en><head><title>https://privsec.dev/software/</title><link rel=canonical href=https://privsec.dev/software/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://privsec.dev/software/"></head></html>
|
|
@ -1,7 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>android | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/android/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/android/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="android"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/android/"><meta name=twitter:card content="summary"><meta name=twitter:title content="android"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a> » <a href=https://privsec.dev/tags/>Tags</a></div><h1>android
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>F-Droid Security Analysis</h2></header><div class=entry-content><p>F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider.
|
|
||||||
Before we start, a few things to keep in mind:
|
|
||||||
The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone else’s work....</p></div><footer class=entry-footer>25 min · 5298 words · Wonderfall</footer><a class=entry-link aria-label="post link to F-Droid Security Analysis" href=https://privsec.dev/apps/f-droid-security-analysis/></a></article></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,20 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>android on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/tags/android/</link>
|
|
||||||
<description>Recent content in android on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/tags/android/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>F-Droid Security Analysis</title>
|
|
||||||
<link>https://privsec.dev/apps/f-droid-security-analysis/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/apps/f-droid-security-analysis/</guid>
|
|
||||||
<description>F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider.
|
|
||||||
Before we start, a few things to keep in mind:
|
|
||||||
The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone else&rsquo;s work.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
@ -1 +0,0 @@
|
|||||||
<!doctype html><html lang=en><head><title>https://privsec.dev/tags/android/</title><link rel=canonical href=https://privsec.dev/tags/android/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://privsec.dev/tags/android/"></head></html>
|
|
@ -1,8 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>container | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/container/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/container/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="container"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/container/"><meta name=twitter:card content="summary"><meta name=twitter:title content="container"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a> » <a href=https://privsec.dev/tags/>Tags</a></div><h1>container
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Docker and OCI Hardening</h2></header><div class=entry-content><p>Containers aren’t that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
|
|
||||||
- Hey, your software doesn’t work…
|
|
||||||
- Sorry, it works on my computer! Can’t help you.
|
|
||||||
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries....</p></div><footer class=entry-footer>19 min · 3925 words · Wonderfall</footer><a class=entry-link aria-label="post link to Docker and OCI Hardening" href=https://privsec.dev/os/docker-and-oci-hardening/></a></article></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,21 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>container on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/tags/container/</link>
|
|
||||||
<description>Recent content in container on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/tags/container/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>Docker and OCI Hardening</title>
|
|
||||||
<link>https://privsec.dev/os/docker-and-oci-hardening/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/docker-and-oci-hardening/</guid>
|
|
||||||
<description>Containers aren&rsquo;t that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
|
|
||||||
- Hey, your software doesn&rsquo;t work&hellip;
|
|
||||||
- Sorry, it works on my computer! Can&rsquo;t help you.
|
|
||||||
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
@ -1 +0,0 @@
|
|||||||
<!doctype html><html lang=en><head><title>https://privsec.dev/tags/container/</title><link rel=canonical href=https://privsec.dev/tags/container/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://privsec.dev/tags/container/"></head></html>
|
|
@ -1,4 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>Tags | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="Tags"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/"><meta name=twitter:card content="summary"><meta name=twitter:title content="Tags"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><h1>Tags</h1></header><ul class=terms-tags><li><a href=https://privsec.dev/tags/android/>android <sup><strong><sup>1</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/container/>container <sup><strong><sup>1</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/knowledge-base/>knowledge base <sup><strong><sup>1</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/linux/>linux <sup><strong><sup>4</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/operating-system/>operating system <sup><strong><sup>2</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/operating-systems/>operating systems <sup><strong><sup>2</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/security/>security <sup><strong><sup>6</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/software/>software <sup><strong><sup>1</sup></strong></sup></a></li></ul></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,81 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>Tags on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/tags/</link>
|
|
||||||
<description>Recent content in Tags on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/tags/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>android</title>
|
|
||||||
<link>https://privsec.dev/tags/android/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/tags/android/</guid>
|
|
||||||
<description></description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>container</title>
|
|
||||||
<link>https://privsec.dev/tags/container/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/tags/container/</guid>
|
|
||||||
<description></description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>knowledge base</title>
|
|
||||||
<link>https://privsec.dev/tags/knowledge-base/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/tags/knowledge-base/</guid>
|
|
||||||
<description></description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>linux</title>
|
|
||||||
<link>https://privsec.dev/tags/linux/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/tags/linux/</guid>
|
|
||||||
<description></description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>operating system</title>
|
|
||||||
<link>https://privsec.dev/tags/operating-system/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/tags/operating-system/</guid>
|
|
||||||
<description></description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>operating systems</title>
|
|
||||||
<link>https://privsec.dev/tags/operating-systems/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/tags/operating-systems/</guid>
|
|
||||||
<description></description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>security</title>
|
|
||||||
<link>https://privsec.dev/tags/security/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/tags/security/</guid>
|
|
||||||
<description></description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>software</title>
|
|
||||||
<link>https://privsec.dev/tags/software/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/tags/software/</guid>
|
|
||||||
<description></description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
@ -1,6 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>knowledge base | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/knowledge-base/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/knowledge-base/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="knowledge base"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/knowledge-base/"><meta name=twitter:card content="summary"><meta name=twitter:title content="knowledge base"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a> » <a href=https://privsec.dev/tags/>Tags</a></div><h1>knowledge base
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Multi-factor Authentication</h2></header><div class=entry-content><p>Multi-factor authentication is a security mechanism that requires additional verification beyond your username (or email) and password. This usually comes in the form of a one time passcode, a push notification, or plugging in and tapping a hardware security key.
|
|
||||||
Common protocols Email and SMS MFA Email and SMS MFA are examples of the weaker MFA protocols. Email MFA is not great as whoever controls your email account can typically both reset your password and recieve your MFA verification....</p></div><footer class=entry-footer>6 min · 1223 words · Tommy</footer><a class=entry-link aria-label="post link to Multi-factor Authentication" href=https://privsec.dev/knowledge/multi-factor-authentication/></a></article></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,19 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>knowledge base on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/tags/knowledge-base/</link>
|
|
||||||
<description>Recent content in knowledge base on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/tags/knowledge-base/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>Multi-factor Authentication</title>
|
|
||||||
<link>https://privsec.dev/knowledge/multi-factor-authentication/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/knowledge/multi-factor-authentication/</guid>
|
|
||||||
<description>Multi-factor authentication is a security mechanism that requires additional verification beyond your username (or email) and password. This usually comes in the form of a one time passcode, a push notification, or plugging in and tapping a hardware security key.
|
|
||||||
Common protocols Email and SMS MFA Email and SMS MFA are examples of the weaker MFA protocols. Email MFA is not great as whoever controls your email account can typically both reset your password and recieve your MFA verification.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
@ -1 +0,0 @@
|
|||||||
<!doctype html><html lang=en><head><title>https://privsec.dev/tags/knowledge-base/</title><link rel=canonical href=https://privsec.dev/tags/knowledge-base/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://privsec.dev/tags/knowledge-base/"></head></html>
|
|
@ -1,12 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>linux | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/linux/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/linux/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="linux"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/linux/"><meta name=twitter:card content="summary"><meta name=twitter:title content="linux"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a> » <a href=https://privsec.dev/tags/>Tags</a></div><h1>linux
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Choosing Your Desktop Linux Distribution</h2></header><div class=entry-content><p>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
|
|
||||||
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates.
|
|
||||||
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer....</p></div><footer class=entry-footer>7 min · 1431 words · Tommy</footer><a class=entry-link aria-label="post link to Choosing Your Desktop Linux Distribution" href=https://privsec.dev/os/choosing-your-desktop-linux-distribution/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Docker and OCI Hardening</h2></header><div class=entry-content><p>Containers aren’t that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
|
|
||||||
- Hey, your software doesn’t work…
|
|
||||||
- Sorry, it works on my computer! Can’t help you.
|
|
||||||
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries....</p></div><footer class=entry-footer>19 min · 3925 words · Wonderfall</footer><a class=entry-link aria-label="post link to Docker and OCI Hardening" href=https://privsec.dev/os/docker-and-oci-hardening/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Linux Insecurities</h2></header><div class=entry-content><p>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
|
|
||||||
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonix’s Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post....</p></div><footer class=entry-footer>3 min · 589 words · Tommy</footer><a class=entry-link aria-label="post link to Linux Insecurities" href=https://privsec.dev/os/linux-insecurities/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Securing OpenSSH with FIDO2</h2></header><div class=entry-content><p>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since they’re cryptographically sane by default, and are therefore resilient to most bruteforce atacks. They’re also easier to manage while enabling a form of decentralized authentication (it’s easy and painless to revoke them). So, what’s the next step? And more exactly, why would one need something even better?
|
|
||||||
Why? The main problem with SSH keys is that they’re not magic: they consist of a key pair, of which the private key is stored on your disk....</p></div><footer class=entry-footer>5 min · 863 words · Wonderfall</footer><a class=entry-link aria-label="post link to Securing OpenSSH with FIDO2" href=https://privsec.dev/os/securing-openssh-with-fido2/></a></article></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,52 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>linux on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/tags/linux/</link>
|
|
||||||
<description>Recent content in linux on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/tags/linux/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>Choosing Your Desktop Linux Distribution</title>
|
|
||||||
<link>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</guid>
|
|
||||||
<description>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
|
|
||||||
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates.
|
|
||||||
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Docker and OCI Hardening</title>
|
|
||||||
<link>https://privsec.dev/os/docker-and-oci-hardening/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/docker-and-oci-hardening/</guid>
|
|
||||||
<description>Containers aren&rsquo;t that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
|
|
||||||
- Hey, your software doesn&rsquo;t work&hellip;
|
|
||||||
- Sorry, it works on my computer! Can&rsquo;t help you.
|
|
||||||
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Linux Insecurities</title>
|
|
||||||
<link>https://privsec.dev/os/linux-insecurities/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/linux-insecurities/</guid>
|
|
||||||
<description>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
|
|
||||||
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonix&rsquo;s Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Securing OpenSSH with FIDO2</title>
|
|
||||||
<link>https://privsec.dev/os/securing-openssh-with-fido2/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/securing-openssh-with-fido2/</guid>
|
|
||||||
<description>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since they&rsquo;re cryptographically sane by default, and are therefore resilient to most bruteforce atacks. They&rsquo;re also easier to manage while enabling a form of decentralized authentication (it&rsquo;s easy and painless to revoke them). So, what&rsquo;s the next step? And more exactly, why would one need something even better?
|
|
||||||
Why? The main problem with SSH keys is that they&rsquo;re not magic: they consist of a key pair, of which the private key is stored on your disk.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
@ -1 +0,0 @@
|
|||||||
<!doctype html><html lang=en><head><title>https://privsec.dev/tags/linux/</title><link rel=canonical href=https://privsec.dev/tags/linux/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://privsec.dev/tags/linux/"></head></html>
|
|
@ -1,8 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>operating system | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/operating-system/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/operating-system/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="operating system"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/operating-system/"><meta name=twitter:card content="summary"><meta name=twitter:title content="operating system"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a> » <a href=https://privsec.dev/tags/>Tags</a></div><h1>operating system
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Choosing Your Desktop Linux Distribution</h2></header><div class=entry-content><p>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
|
|
||||||
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates.
|
|
||||||
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer....</p></div><footer class=entry-footer>7 min · 1431 words · Tommy</footer><a class=entry-link aria-label="post link to Choosing Your Desktop Linux Distribution" href=https://privsec.dev/os/choosing-your-desktop-linux-distribution/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Linux Insecurities</h2></header><div class=entry-content><p>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
|
|
||||||
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonix’s Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post....</p></div><footer class=entry-footer>3 min · 589 words · Tommy</footer><a class=entry-link aria-label="post link to Linux Insecurities" href=https://privsec.dev/os/linux-insecurities/></a></article></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,30 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>operating system on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/tags/operating-system/</link>
|
|
||||||
<description>Recent content in operating system on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/tags/operating-system/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>Choosing Your Desktop Linux Distribution</title>
|
|
||||||
<link>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</guid>
|
|
||||||
<description>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
|
|
||||||
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates.
|
|
||||||
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Linux Insecurities</title>
|
|
||||||
<link>https://privsec.dev/os/linux-insecurities/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/linux-insecurities/</guid>
|
|
||||||
<description>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
|
|
||||||
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonix&rsquo;s Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
@ -1 +0,0 @@
|
|||||||
<!doctype html><html lang=en><head><title>https://privsec.dev/tags/operating-system/</title><link rel=canonical href=https://privsec.dev/tags/operating-system/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://privsec.dev/tags/operating-system/"></head></html>
|
|
@ -1,9 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>operating systems | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/operating-systems/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/operating-systems/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="operating systems"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/operating-systems/"><meta name=twitter:card content="summary"><meta name=twitter:title content="operating systems"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a> » <a href=https://privsec.dev/tags/>Tags</a></div><h1>operating systems
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Docker and OCI Hardening</h2></header><div class=entry-content><p>Containers aren’t that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
|
|
||||||
- Hey, your software doesn’t work…
|
|
||||||
- Sorry, it works on my computer! Can’t help you.
|
|
||||||
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries....</p></div><footer class=entry-footer>19 min · 3925 words · Wonderfall</footer><a class=entry-link aria-label="post link to Docker and OCI Hardening" href=https://privsec.dev/os/docker-and-oci-hardening/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Securing OpenSSH with FIDO2</h2></header><div class=entry-content><p>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since they’re cryptographically sane by default, and are therefore resilient to most bruteforce atacks. They’re also easier to manage while enabling a form of decentralized authentication (it’s easy and painless to revoke them). So, what’s the next step? And more exactly, why would one need something even better?
|
|
||||||
Why? The main problem with SSH keys is that they’re not magic: they consist of a key pair, of which the private key is stored on your disk....</p></div><footer class=entry-footer>5 min · 863 words · Wonderfall</footer><a class=entry-link aria-label="post link to Securing OpenSSH with FIDO2" href=https://privsec.dev/os/securing-openssh-with-fido2/></a></article></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,31 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>operating systems on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/tags/operating-systems/</link>
|
|
||||||
<description>Recent content in operating systems on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/tags/operating-systems/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>Docker and OCI Hardening</title>
|
|
||||||
<link>https://privsec.dev/os/docker-and-oci-hardening/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/docker-and-oci-hardening/</guid>
|
|
||||||
<description>Containers aren&rsquo;t that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
|
|
||||||
- Hey, your software doesn&rsquo;t work&hellip;
|
|
||||||
- Sorry, it works on my computer! Can&rsquo;t help you.
|
|
||||||
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Securing OpenSSH with FIDO2</title>
|
|
||||||
<link>https://privsec.dev/os/securing-openssh-with-fido2/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/securing-openssh-with-fido2/</guid>
|
|
||||||
<description>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since they&rsquo;re cryptographically sane by default, and are therefore resilient to most bruteforce atacks. They&rsquo;re also easier to manage while enabling a form of decentralized authentication (it&rsquo;s easy and painless to revoke them). So, what&rsquo;s the next step? And more exactly, why would one need something even better?
|
|
||||||
Why? The main problem with SSH keys is that they&rsquo;re not magic: they consist of a key pair, of which the private key is stored on your disk.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
@ -1 +0,0 @@
|
|||||||
<!doctype html><html lang=en><head><title>https://privsec.dev/tags/operating-systems/</title><link rel=canonical href=https://privsec.dev/tags/operating-systems/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://privsec.dev/tags/operating-systems/"></head></html>
|
|
@ -1,14 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>security | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/security/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/security/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="security"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/security/"><meta name=twitter:card content="summary"><meta name=twitter:title content="security"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a> » <a href=https://privsec.dev/tags/>Tags</a></div><h1>security
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Choosing Your Desktop Linux Distribution</h2></header><div class=entry-content><p>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
|
|
||||||
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates.
|
|
||||||
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer....</p></div><footer class=entry-footer>7 min · 1431 words · Tommy</footer><a class=entry-link aria-label="post link to Choosing Your Desktop Linux Distribution" href=https://privsec.dev/os/choosing-your-desktop-linux-distribution/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Docker and OCI Hardening</h2></header><div class=entry-content><p>Containers aren’t that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
|
|
||||||
- Hey, your software doesn’t work…
|
|
||||||
- Sorry, it works on my computer! Can’t help you.
|
|
||||||
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries....</p></div><footer class=entry-footer>19 min · 3925 words · Wonderfall</footer><a class=entry-link aria-label="post link to Docker and OCI Hardening" href=https://privsec.dev/os/docker-and-oci-hardening/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>F-Droid Security Analysis</h2></header><div class=entry-content><p>F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider.
|
|
||||||
Before we start, a few things to keep in mind:
|
|
||||||
The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone else’s work....</p></div><footer class=entry-footer>25 min · 5298 words · Wonderfall</footer><a class=entry-link aria-label="post link to F-Droid Security Analysis" href=https://privsec.dev/apps/f-droid-security-analysis/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Linux Insecurities</h2></header><div class=entry-content><p>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
|
|
||||||
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonix’s Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post....</p></div><footer class=entry-footer>3 min · 589 words · Tommy</footer><a class=entry-link aria-label="post link to Linux Insecurities" href=https://privsec.dev/os/linux-insecurities/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Multi-factor Authentication</h2></header><div class=entry-content><p>Multi-factor authentication is a security mechanism that requires additional verification beyond your username (or email) and password. This usually comes in the form of a one time passcode, a push notification, or plugging in and tapping a hardware security key.
|
|
||||||
Common protocols Email and SMS MFA Email and SMS MFA are examples of the weaker MFA protocols. Email MFA is not great as whoever controls your email account can typically both reset your password and recieve your MFA verification....</p></div><footer class=entry-footer>6 min · 1223 words · Tommy</footer><a class=entry-link aria-label="post link to Multi-factor Authentication" href=https://privsec.dev/knowledge/multi-factor-authentication/></a></article><footer class=page-footer><nav class=pagination><a class=next href=https://privsec.dev/tags/security/page/2/>Next »</a></nav></footer></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,73 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>security on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/tags/security/</link>
|
|
||||||
<description>Recent content in security on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/tags/security/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>Choosing Your Desktop Linux Distribution</title>
|
|
||||||
<link>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</guid>
|
|
||||||
<description>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
|
|
||||||
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often don’t update package versions and fall behind on security updates.
|
|
||||||
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Docker and OCI Hardening</title>
|
|
||||||
<link>https://privsec.dev/os/docker-and-oci-hardening/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/docker-and-oci-hardening/</guid>
|
|
||||||
<description>Containers aren&rsquo;t that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
|
|
||||||
- Hey, your software doesn&rsquo;t work&hellip;
|
|
||||||
- Sorry, it works on my computer! Can&rsquo;t help you.
|
|
||||||
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>F-Droid Security Analysis</title>
|
|
||||||
<link>https://privsec.dev/apps/f-droid-security-analysis/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/apps/f-droid-security-analysis/</guid>
|
|
||||||
<description>F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider.
|
|
||||||
Before we start, a few things to keep in mind:
|
|
||||||
The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone else&rsquo;s work.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Linux Insecurities</title>
|
|
||||||
<link>https://privsec.dev/os/linux-insecurities/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/linux-insecurities/</guid>
|
|
||||||
<description>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
|
|
||||||
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonix&rsquo;s Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Multi-factor Authentication</title>
|
|
||||||
<link>https://privsec.dev/knowledge/multi-factor-authentication/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/knowledge/multi-factor-authentication/</guid>
|
|
||||||
<description>Multi-factor authentication is a security mechanism that requires additional verification beyond your username (or email) and password. This usually comes in the form of a one time passcode, a push notification, or plugging in and tapping a hardware security key.
|
|
||||||
Common protocols Email and SMS MFA Email and SMS MFA are examples of the weaker MFA protocols. Email MFA is not great as whoever controls your email account can typically both reset your password and recieve your MFA verification.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>Securing OpenSSH with FIDO2</title>
|
|
||||||
<link>https://privsec.dev/os/securing-openssh-with-fido2/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/os/securing-openssh-with-fido2/</guid>
|
|
||||||
<description>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since they&rsquo;re cryptographically sane by default, and are therefore resilient to most bruteforce atacks. They&rsquo;re also easier to manage while enabling a form of decentralized authentication (it&rsquo;s easy and painless to revoke them). So, what&rsquo;s the next step? And more exactly, why would one need something even better?
|
|
||||||
Why? The main problem with SSH keys is that they&rsquo;re not magic: they consist of a key pair, of which the private key is stored on your disk.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
@ -1 +0,0 @@
|
|||||||
<!doctype html><html lang=en><head><title>https://privsec.dev/tags/security/</title><link rel=canonical href=https://privsec.dev/tags/security/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://privsec.dev/tags/security/"></head></html>
|
|
@ -1,6 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>security | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/security/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/security/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="security"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/security/"><meta name=twitter:card content="summary"><meta name=twitter:title content="security"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a> » <a href=https://privsec.dev/tags/>Tags</a></div><h1>security
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Securing OpenSSH with FIDO2</h2></header><div class=entry-content><p>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since they’re cryptographically sane by default, and are therefore resilient to most bruteforce atacks. They’re also easier to manage while enabling a form of decentralized authentication (it’s easy and painless to revoke them). So, what’s the next step? And more exactly, why would one need something even better?
|
|
||||||
Why? The main problem with SSH keys is that they’re not magic: they consist of a key pair, of which the private key is stored on your disk....</p></div><footer class=entry-footer>5 min · 863 words · Wonderfall</footer><a class=entry-link aria-label="post link to Securing OpenSSH with FIDO2" href=https://privsec.dev/os/securing-openssh-with-fido2/></a></article><footer class=page-footer><nav class=pagination><a class=prev href=https://privsec.dev/tags/security/>« Prev</a></nav></footer></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,7 +0,0 @@
|
|||||||
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>software | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/software/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/software/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="software"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/software/"><meta name=twitter:card content="summary"><meta name=twitter:title content="software"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a> » <a href=https://privsec.dev/tags/>Tags</a></div><h1>software
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>F-Droid Security Analysis</h2></header><div class=entry-content><p>F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider.
|
|
||||||
Before we start, a few things to keep in mind:
|
|
||||||
The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone else’s work....</p></div><footer class=entry-footer>25 min · 5298 words · Wonderfall</footer><a class=entry-link aria-label="post link to F-Droid Security Analysis" href=https://privsec.dev/apps/f-droid-security-analysis/></a></article></main><footer class=footer><span>© 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
|
|
||||||
<span>Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -1,20 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
|
||||||
<channel>
|
|
||||||
<title>software on PrivSec.dev</title>
|
|
||||||
<link>https://privsec.dev/tags/software/</link>
|
|
||||||
<description>Recent content in software on PrivSec.dev</description>
|
|
||||||
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/tags/software/index.xml" rel="self" type="application/rss+xml" />
|
|
||||||
<item>
|
|
||||||
<title>F-Droid Security Analysis</title>
|
|
||||||
<link>https://privsec.dev/apps/f-droid-security-analysis/</link>
|
|
||||||
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://privsec.dev/apps/f-droid-security-analysis/</guid>
|
|
||||||
<description>F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider.
|
|
||||||
Before we start, a few things to keep in mind:
|
|
||||||
The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone else&rsquo;s work.</description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
</channel>
|
|
||||||
</rss>
|
|
@ -1 +0,0 @@
|
|||||||
<!doctype html><html lang=en><head><title>https://privsec.dev/tags/software/</title><link rel=canonical href=https://privsec.dev/tags/software/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://privsec.dev/tags/software/"></head></html>
|
|
Binary file not shown.
Before Width: | Height: | Size: 160 KiB |
Loading…
Reference in New Issue
Block a user