Menu

Fido Shootout - Too Lazy to Count Edition

I have loved Hardware based security for a Fucking eternity, and so I accumulated quite a few different Devices (for the rest of this article, "key" generally refers to the cryptographic keys to avoid confusion) over the years.so now I am going to compare them.

What's what in Metaphoric? #1 Cryptocurrencies

So I like metaphors and I like cryptography, so why not throw together a guide of what's what in Cryptocurrencies to help people understand it batter? Source code style, means terms of cryptocurrencies and bold are what my metaphors to Real Life and stuff I pull out. I think to understand everything and to establish a "lore" in this I am creating this story/guide with the very basics of crypto currencies skip the chapters you already know, but maybe keep ...

Webauthn via NFC/Bluetooth on PC

so I got a fun little new Toy (pics later, it's after 21:00 when writing this and I am LAZY), the Feitian Multipass (K13), which - dont worry - will get its place in the shootout soon enough, but as the Professors in Pokémon always tend to say "Now it's not the time to do that", as I have something of an a bit higher prio to get around. As the heading already says, I got Webauthn Working on PC ...

Webauthn's userVerification:preferred and its Pitfalls

Webauthn is a beauty. A relatively easy to implement way to allow users a secure 2-Factor experience. (easy enough that I could re-create my Webauthn Sandbox after losing it in my migration, FUN! Well, sarcasm aside, there are a few things I dont like with it, and one of them is the default state of the userVerification Flag. For anyone who isnt all-aware in Webauthn and stuff: more modern Fido2 devices are generally capable of a feature called userVerification, in ...

Pending Updates to Fido Shootout (Jan14 Edition)

So, I have a few things to update, but since writing it out in the middle in the night isnt awesome I'm just jotting them down, so I can get the news and corrections out as soon as Possible, and put them into the proper Article Later. 3 New Devices to Add Somu basically Solo in small 50 RKs stated and tested Updated Blue Yubi Yubikey-like thing with only FIDO things on, also the individual one I got being on ...

1Password joins the Dark Side (step 3)...

(I actually wanted to write about this in 2017 but I kinda forgot the draft, lol) Oh yeah, Password Managers, something I both love and hate at the same time, they can help with Security, but at the same time totally and completely destroy it, and the widely known Password Manager 1Password by AgileBits went on and annihililated customer trust. (and of course, I am going to need a Thesaurus, yet again -.- )

My1's Crazy Tech Ideas #01: Integrity header for proxies

Hi everyone, it's me again (not as if there would be many other options) I rather often have some pretty crazy Ideas and I kinda want to preserve them and also hear what the people think about them and maybe someone picks them up if they are good. so let's start with the first Idea of my set. Many people probably have heard of middleboxes or company-proxies and other similar things which attempt to "legitimately" play a Man in the ...

Quick Rant: Hosters and Updates [Update]

Hi it's me again. PHP7.2 Released today and I went around to do a quick check of some webhosters to see who can offer it, and well it is abysmal as always. We start off with the big German Hoster Strato which offers PHP 7.1, so far so normal, but they have a "newest version" label right next to it. Their excuse? well testing of course, but the even worse thing was the anser regarding the "newest version label". PHP ...

Steganos Privacy Suite 19 is a Joke

Let's be honest, I like ranting, but unlike others, I dont like to rant without at least having a point. And the point of this rant is Steganos' new Update of it's Privacy Suite and it has some neat features like converting Partitions on your drive into safes, but there's one of these which is the biggest joke I have seen in a long time. 2 Factor Authentication! 2FA isnt a bad thing in general, after all I have put ...

My1s TechTuts #1: Secure Authentication

With this Blog finally finished moving to it's new .tech domain (announcement later) it's time to write some techy stuff. So I think I'll be doing some tutorials. And the first one is about somethink I like, I use and I like using. Secure Authentication!