Using Certificate Authority Authorisation (CAA) to restrict the Certificate Authorities that are permitted to issue certificates for your domain.
Thursday 13th February 2020
Sunday 12th January 2020
Implementing the new MTA-STS specification and adding your domain to the STARTTLS-Everywhere list to help secure inbound email transport.
Friday 27th December 2019
A reference guide to PGP/GPG key server search output.
Saturday 26th October 2019
Using the Ansible configuration management tool to automatically deploy a Tor Onion v3 Hidden Service to a Linux machine.
Monday 16th September 2019
If your Content Management System or hosting provider doesn't allow you to host a proper security.txt file, you can instead use Cloudflare Serverless Workers to serve the file directly from Cloudflare.
Wednesday 31st July 2019
A script to automatically download and perform integrity verifications for specific pre-programmed software packages.
Wednesday 19th June 2019
I was recently a guest on the 'Conversations in Cyberspace' podcast.
Saturday 11th May 2019
Using Git to centrally manage, verify, update and distribute your SSH known_hosts.
Tuesday 23rd April 2019
Using a reverse HTTP proxy to forward Tor Hidden Services across the internet to another server.
Tuesday 26th February 2019
Implementing a Content Security Policy on your PHP website with fine-grain control over the policy on a per-page basis.
Saturday 19th January 2019
Restricting SSH users to specific commands, directories and system access.
Sunday 13th January 2019
Anonymizing personal data in web server access logs in order to improve data security and comply with the GDPR.
Monday 17th December 2018
A Travis-CI build configuration for automatically testing your website's Content Security Policy.
Saturday 28th July 2018
A write-up of launching the public HackerOne security vulnerability disclosure program for JamieWeb.
Friday 11th May 2018
Connecting to hotel Wi-Fi through a Raspberry Pi and forwarding an external VPN connection.
Tuesday 8th May 2018
Let's Encrypt certificates now have Signed Certificate Timestamps (SCTs) included by default.
Wednesday 4th April 2018
Assessing browser compatibility and disabling older TLS protocol versions.
Tuesday 13th March 2018
Using Namecoin Core to register a .bit domain and setting up ncdns.
Tuesday 16th January 2018
Generating a vanity address for Onion v3 Hidden Services.
Saturday 6th January 2018
A look at the security.txt draft specification.
Tuesday 26th December 2017
Testing the new Tor Onion v3 Hidden Services.
Saturday 21st October 2017
Using iOS 6 on the iPad Mini + iOS 6 Security.
Tuesday 19th September 2017
Using the Pastebin Alerts Service.
Saturday 2nd September 2017
Blocking sites using the hosts file and an integrity verification script.
Saturday 15th July 2017
Discussing the Chrome extension that I am developing.
Tuesday 7th March 2017
An overview of Subgraph OS: Adversary Resistant Computing.
Tuesday 21st February 2017
Setting up a Tor Hidden Service for my site.
Sunday 12th February 2017
Blocking exploitable web content in your browser.
Tuesday 7th February 2017
Cryptographically proving a timestamp.
Thursday 19th January 2017
Enciphering text and files using Plainsight.
Sunday 4th December 2016