Categories
Security

Security.txt in the wild

A few years ago, I covered here in the blog the “security.txt spec”. A standard place with the security related contacts, designed to help researchers, and other people, find the right contacts to report vulnerabilities and other problems. At the time, I added it to my personal domain, as an example. When I wrote the […]

Categories
Blockchain Personal

New Nostr and Lightning Addresses

Bitcoin Atlantis is just around the corner. This conference, happening here in Madeira, is something unusual for us locals. The common pattern is that we have to fly to attend such conferences. I plan to attend the event, and I will be there with an open mindset, since there are always new things to learn. […]

Categories
Python Software Development

Filter sensitive contents from Django’s error reports

Reporting application errors to a (small) list of admins is a feature that already comes built in and ready to use in Django. You just need to configure the ADMINS setting and have the application ready to send emails. All application errors (status 500 and above) will trigger a new message containing all the details, […]

Categories
Python

Take advantage of Django’s system checks

Today, let’s go back to the topic of the first post in this series of Django tips. At the time, I focused on the python manage.py check –deploy command. In this article, I will explore the feature on which it is built and how it can be quite handy for many other scenarios. So, the […]

Categories
Security

Meet the InfoSec Planet

If you are a frequent reader of this blog, you might already know that I created a small tool to generate a simple webpage plus an RSS feed, from the content of multiple other RSS sources, called worker-planet. This type of tool is often known as a “planet”: In online media a planet is a […]

Categories
Python Software Development

So you need to upgrade Django

No matter how much you try to delay and how many reasons you find to postpone, eventually the time comes. You need to update and upgrade your software, your system components, your apps, your dependencies, etc. This happens to all computer users. On some systems, this is an enjoyable experience, on other systems as painful […]

Categories
Technology and Internet

Improving your online privacy: An update

Ten years ago, after it became clear to almost everyone that all our online activity was being tracked and stored, I wrote a blog post about simple steps a person could take to improve their privacy online. Essentially, it contains a few recommendations that everyone could follow to reduce their fingerprint without much effort. It […]

Categories
Technology and Internet

New release of worker-planet

Two years ago, I made a small tool on top of Cloudflare’s Workers to generate a single feed by taking input from multiple RSS sources, a kind of aggregator or planet software as it was usually known a few years ago. You can read more about it here and here. This is a basic tool […]

Categories
Security Technology and Internet

What to use for “TOTP” in 2023?

At the start of last week, we received great news regarding new improvements to a very popular security app, “Google Authenticator”. A feature it was lacking for a long time was finally implemented, “cloud backups”. However, after a few days, the security community realized the new feature wasn’t as good as everybody was assuming. It […]

Categories
Technology and Internet

New release of “inlinehashes”

Last year, I built a small tool to detect inline styles and scripts in a given webpage/document and then calculate their hashes. It can be useful for someone trying to write a strict “Content-Security-Policy” (CSP) for pre-built websites. I described the reasoning at the time in this blog post. Today, I’m writing to announce that […]