All content is licensed under BSD 3-Clause Clear License.
Exceptions: All content outside of code, including personal content
+such as blog posts, is copyrighted and cannot be distributed or modified
+without explicit consent from myself.
All files are checked for security issues; however, it is always the
diff --git a/about.html b/about.html
index d946699..d01e6c3 100644
--- a/about.html
+++ b/about.html
@@ -1,37 +1,105 @@
I am Inference, a cybersecurity researcher based in United Kingdom.
-
-
I write about my research and experience in cybersecurity and also physical -security. Most of my postings are security-related, but I occasionally post -about other aspects of my life.
-I am an open source advocate for the preservation and modifiability of
-source code. I believe source code should be considered human knowledge as
-much as past knowledge and teachings were; it is how modern humanity
-survives and runs.
-Source code being modifiable allows it to be adapted
-for use by anyone, whether to add features, harden it for increased security
-and/or privacy, or provide accessibility for disabled users.
-I am also a modular design advocate for the ability to securely and
-robustly make changes to hardware and software without the entire system
-being affected.
I am Inference, a cybersecurity researcher based in United Kingdom.
+
+
I write about my research and experience in cybersecurity and also physical + security. Most of my postings are security-related, but I occasionally post + about other aspects of my life.
+I am an open source advocate for the preservation and modifiability of
+ source code. I believe source code should be considered human knowledge as
+ much as past knowledge and teachings were; it is how modern humanity
+ survives and runs.
+ Source code being modifiable allows it to be adapted
+ for use by anyone, whether to add features, harden it for increased security
+ and/or privacy, or provide accessibility for disabled users.
+ I am also a modular design advocate for the ability to securely and
+ robustly make changes to hardware and software without the entire system
+ being affected.
| Type | +Software | +Description | +Source model (License) | +
| Operating system | + + + Gentoo Linux |
+ Gentoo Linux is a highly modular, source-based Linux-based operating system
+ which allows vast customisation to tailor the operating system to suit your specific
+ needs. There are many advantages to such an operating system, with the most notable
+ being the ability to optimise the software for security, privacy, performance,
+ power usage; however, there are effectively unlimited other use cases, or a
+ combination of multiple use cases. + I have focused on security hardening and privacy hardening, placing performance below + those aspects, although my system is still very performant. Some of the hardening I + apply includes stack protection, signed integer overflow wrapping, and GrapheneOS' + hardened_malloc memory allocator. + You can find my personal Gentoo Linux hardening configuration + here. |
+ Open source + + (GPLv2) |
+
| Type | +Software | +Description | +Source model (License) | +
| Operating system | + + + GrapheneOS |
+ GrapheneOS is a security-hardened, privacy-hardened, secure-by-default
+ Android-based operating system which implements extensive, systemic security
+ and privacy hardening to the Android Open Source Project used as its base
+ codebase. Its hardening includes closing gaps for apps to access sensitive
+ system information, a secure app spawning feature which avoids sharing address
+ space layout and other secrets AOSP's default Zygote app spawning model would
+ share, GrapheneOS' own hardened memory allocator (hardened_malloc) to protect
+ against common memory corruption vulnerabilties, hardened Bionic standard C library,
+ and local and remote hardware-backed attestation (Auditor) to ensure the OS has
+ not been corrupted or tampered with. GrapheneOS only supports devices which receive
+ full support from their manufacturers, including firmware updates and device-specific
+ updates, long support lifecycles, secure hardware, and overall high security practices. + For an extensive list of features GrapheneOS provides, visit its + official website. |
+ Open source + + (MIT) |
+
#2 - Untrusted: The Issue with Decentralisation
-#1 - systemd Insecurity
-#0 - FOSS is Working Against Itself
-#2 - Untrusted: The Issue with Decentralisation
+#1 - systemd Insecurity
+#0 - FOSS is Working Against Itself
+Posted: 2022-01-27 (UTC+00:00)
+Updated: 2022-10-29 (UTC+00:00)
The world has become a dangerous, privacy invading, human rights stripping, diff --git a/blog/systemd-insecurity.html b/blog/systemd-insecurity.html index ffc3750..64660d0 100644 --- a/blog/systemd-insecurity.html +++ b/blog/systemd-insecurity.html @@ -2,16 +2,16 @@
Whenever possible, use the following contact methods;
-they allow verification to mitigate man-in-the-middle attacks,
-have solid security, and reasonable privacy.
-
-
Use the keys for each contact method to verify my devices. -Note that verification does not verify a person, only their devices, -and can be defeated via coercion or other force.
--
-
-If metadata leakage is an issue for you, you can use the following -contact methods. Note that these services do not have verification -functionality, and will be treated as less secure; unless you really -need to use these services, use a preferred method instead.
-The following contact methods do not utilise end-to-end encryption, -or I do not use such functionality; they are suitable for public contact -only, including directly and groups. Do not use these methods if -confidentiality and/or privacy is required.
-Whenever possible, use the following contact methods;
+ they allow verification to mitigate man-in-the-middle attacks,
+ have solid security, and reasonable privacy.
+
+
Use the keys for each contact method to verify my devices. + Note that verification does not verify a person, only their devices, + and can be defeated via coercion or other force.
++
+
+If metadata leakage is an issue for you, you can use the following + contact methods. Note that these services do not have verification + functionality, and will be treated as less secure; unless you really + need to use these services, use a preferred method instead.
+The following contact methods do not utilise end-to-end encryption, + or I do not use such functionality; they are suitable for public contact + only, including directly and groups. Do not use these methods if + confidentiality and/or privacy is required.
+Updated: 2022-08-03 (UTC+00:00)
-
-
-Unavailable
-
-
-Updated: 2022-08-03 (UTC+00:00)
+
+
+ Unavailable
+
+
+ Updated: 2022-08-03 (UTC+00:00)
-
-
-0538eec32cf00661270afc186a40fefe771d1c39c91d79d02be6b95359eb171a42
-
-
-Updated: 2022-08-03 (UTC+00:00)
+
+
+ 0538eec32cf00661270afc186a40fefe771d1c39c91d79d02be6b95359eb171a42
+
+
+ Updated: 2022-06-23 (UTC+00:00)
-
-
-+447549902964
-
-
-Updated: 2022-06-23 (UTC+00:00)
+
+
+ +447549902964
+
+
+ Updated: 2022-01-28 (UTC+00:00)
-
-Updated: 2022-01-28 (UTC+00:00)
+
+ Updated: 2022-10-13 (UTC+00:00)
-Whenever possible, open the links to pin the fingerprint directly from this -webpage. If that is not possible, manually verify the fingerprints.
-
-
-1bd03c6a 5e011655 2fafd697 da4fce70 63de5a83 a264a34a fcce78fe 6b06820c
-
-
-xmpp:inference@inferencium.net?omemo-sid-1586888206=1bd03c6a5e0116552fafd697da4fce7063de5a83a264a34afcce78fe6b06820c
-
-
-87ffbf5a 40f271c7 4615d84c 5816ef07 b7e7a90a 5406edb1 b2b8378f 0439551d
-
-
-
-
-9f9b50e4 3bb5ae5d 886213ad 43015719 7c40aa99 e436445d e0e360a9 24076015
-
-
-xmpp:inference@plus.st?omemo-sid-1890454018=9f9b50e43bb5ae5d886213ad430157197c40aa99e436445de0e360a924076015
-Updated: 2022-10-13 (UTC+00:00)
+Whenever possible, open the links to pin the fingerprint directly from this + webpage. If that is not possible, manually verify the fingerprints.
+
+
+ 1bd03c6a 5e011655 2fafd697 da4fce70 63de5a83 a264a34a fcce78fe 6b06820c
+
+
+ xmpp:inference@inferencium.net?omemo-sid-1586888206=1bd03c6a5e0116552fafd697da4fce7063de5a83a264a34afcce78fe6b06820c
+
+
+ 87ffbf5a 40f271c7 4615d84c 5816ef07 b7e7a90a 5406edb1 b2b8378f 0439551d
+
+
+
+
+ 9f9b50e4 3bb5ae5d 886213ad 43015719 7c40aa99 e436445d e0e360a9 24076015
+
+
+ xmpp:inference@plus.st?omemo-sid-1890454018=9f9b50e43bb5ae5d886213ad430157197c40aa99e436445de0e360a924076015
+ These repositories contain source code which is used on my personal
-systems.
-No guarantees are made that they will work correctly on your systems, and are
-not targeted towards a public release.
-Usage of these repositories is at your own risk.
These repositories contain source code targeted at a public release and are -suitable for a wide range of systems.
-- Website
- -These repositories contain source code which is used on my personal
+ systems.
+ No guarantees are made that they will work correctly on your systems, and they
+ are not targeted towards a public release.
+ Usage of these repositories is at your own risk.
These repositories contain source code targeted towards a public release and + are suitable for a wide range of systems.
+- Website
+ + +