- A reputable anonymizing VPN service
- Linux
- Firefox (or compatible) web browser
- HTTPS-Only Mode
- Noscript
- User-Agent Switcher
These are some easy things that will keep you safe in the age where you shouldn't trust *anything* your device connects to online.
New and Improved!
Choose your flavour, cURL or wget!
#curl
```
curl -o- #https://gist.githubusercontent.com/ajaxStardust/674b5d86f1f4386e72937a607e263608/raw/install.sh | bash
```
(Octothorpe placed, in hopes that st nick soon would eliminate any unwanted html anchors as hyperlink. i.e. remove it)
**Note:** it will place the app in your file system, at the location (if able without sudo):
/var/www/html/mydocs/11011101/
#wget
```
wget -qO- #https://gist.githubusercontent.com/ajaxStardust/674b5d86f1f4386e72937a607e263608/raw/install.sh | bash
```
Seriously. Anyone. please do check it out. I'm curious if it's working on anyone's system other than mine. It's as easy as running that curl command, just like you were installing #nvm for example. Nothing is easier than that. Except getting pregnant.
One of my favorite interview questions is “What happens when you hit enter in the address bar of your browser?” It’s a great question that reveals how full stack someone is and whether they understand latency, protocols, architecture, and implementation details/boundaries.
I’d hire someone in an instant if they used this as the basis of their answer:
New security requirements adopted by #HTTPS certificate industry
https://security.googleblog.com/2025/03/new-security-requirements-adopted-by.html
Bringing Record and Replay debugging everywhere on Linux
https://github.com/sidkshatriya/me/blob/master/008-rr-everywhere.md
#HackerNews #Bringing #Record #and #Replay #debugging #everywhere #on #Linux #https://github.com/sidkshatriya/me/blob/master/008-rr-everywhere.md
RecordReplay #Linux #Debugging #OpenSource #SoftwareDevelopment
Cloudflare puts an end to insecure HTTP
Plain text communication also allows unauthorized persons to view data. Cloudflare therefore also no longer supports HTTP for API calls.
Cloudflare macht unsicherem HTTP den Garaus
Klartextkommunikation erlaubt auch Unbefugten Einsicht in Daten. Cloudflare unterstützt daher auch für API-Aufrufe kein HTTP mehr.
Should you ever run across an article that says you don't need a VPN because most every website use HTTPS, be aware that you can not see the encryption, or the lack of it, in mobile apps. Thus, things like this happen - Apple did not bother to upgrade their own software from HTTP to HTTPS.
https://9to5mac.com/2025/03/18/apples-passwords-app-was-vulnerable-to-phishing-attacks-for-nearly-three-months-after-launch/
Apple’s Passwords app was vulnerable to phishing attacks for nearly three months after launch
#vpn #http #https #encryption
How browsers REALLY load Web pages
When browsers load a Web page and its subresources, A LOT happens under the hood. They need to take into account render/parsing blocking resources, use a preload scanner, listen to resource hints (like preload/preconnect), loading modifiers (async/defer/module), fetchpriority, responsive images, and much more. […]
https://fosdem.org/2025/schedule/event/fosdem-2025-4852-how-browsers-really-load-web-pages/
Meine Güte, ich wusste gar nicht, dass man sich so lange mit Browser-Headern beschäftigen kann... 
Wer seine eigene Webseite mal testen möchte:
Link: securityheaders.com
Corporate networks that MitM HTTPS are pain in the ass.
If you follow best practice and use certificate pining (or just use NodeJS with its build in CA list) then stuff just breaks and customer blame you for their broken network
@torproject same with #obfs4 bridges: there is no option to say like ports=80,443 or similar, which makes it cumbersome to get said bridges.
And trying to get places to #DontBlockTor that criminalize the use of #Tor is foolish at best.
https://www.gotorola.com/139894/ #吉川晃司 #music #https://kikkawa.com/#奥田民夫 #Entertainment #エンタメ #吉川晃司
【七日参り 】ネットで噂の七日参りやってみた https://www.playing-games.com/534585/ #games #gaming #GamingTrending #https://store.steampowered.com/app/3408470/__7_Days_Shrine/?l=japanese #TrendingGames #ガッチマン #ゲーム #ゲーム実況 #ゲーム攻略 #ゲーム最新情報 #ホラーゲーム #実況プレイ
#Development #Launches
Six-day certificates · Let’s Encrypt brings short-lived SSL/TLS certificates https://ilo.im/162g23
_____
#LetsEncrypt #CA #Certificates #Https #Domains #Website #Security #WebDev #Frontend #Backend
#shakespear always ahead of his time #ssl #https #encryption #error #lol #meme #fun #funny
New releases
• Kitten (rolling release)
• @small-tech/https version 5.3.2
• Auto Encrypt version 4.1.3
OCSP support has been reinstated in the server so existing sites with Let’s Encrypt certificates provisioned prior to the removal of the OCSP stapling requirement will not fail to load in Firefox.
Kitten servers in production will automatically update to this version in a few hours. You can also sign in to the Kitten settings page on your server and do a manual update to update Kitten immediately.
Thanks to @stefan and @s1r83r for bringing this to my attention. (https://mastodon.ar.al/@aral/113969540950647873)
New Kitten release
• Upgrades to version 5.3.1 of @small-tech/https¹ which has version 4.1.2 of Auto Encrypt² that l removes OCSP stapling (because Let’s Encrypt has removed OCSP support).
Please upgrade your Kitten as soon as possible or any new Kitten servers you try to set up will fail and any certificate renewals for existing servers will start to fail in May.
(To upgrade, run `kitten update`. Your production servers will update automatically.)
Enjoy!
¹ https://www.npmjs.com/package/@small-tech/https
² https://www.npmjs.com/package/@small-tech/auto-encrypt
@small-tech/https version 5.3.0 released
• Uses Auto Encrypt 4.1.1 (removes OCSP stapling support because Let]s Encrypt has removed OCSP support).
https://www.npmjs.com/package/@small-tech/https
This module is a drop in replacement for Node HTTPS module that automatically handles TLS certificate provisioning and renewal both at localhost (via Auto Encrypt Localhost¹) and at hostname (via Auto Encrypt with Let’s Encrypt certificates²).
So, this is how you create a HTTPS server in Node.js that uses this module and automatically handles TLS certificate provisioning and renewal for you both at localhost (during development) and at hostname (during production):
```js
import https from '@small-tech/https'
const server = https.createServer((request, response) => {
response.end('Hello, world!')
})
server.listen(443, () => {
console.log(' 
Server running at https://localhost.')
})
```
(Yes, that’s it! I wrote a metric shit-tonne of meticulously-tested code so you don’t have to.) :)
Note that the localhost certificate support via Auto Encrypt Localhost is 100% JavaScript and does NOT rely on an external binary like mkcert or certutil.
Needless to say, Kitten³ uses this module under the hood and it’s a big part of why Domain⁴ can deploy servers so easily that don’t require any day-to-day maintenance.
In case you’re wondering why I’m spending so much time releasing all these modules, it’s because I believe in sharing every brick of the house I’m building so others can easily build different houses if they want to. I’m not saying that what I’m building with Kitten, Domain, and Place⁵ will be the end all be all of the Small Web⁶ (the peer-to-peer web). And I want others to be able to experiment by building their own tools without having to go through the grueling development process I’ve had to in the past six years to build basic infrastructure.
Enjoy!
¹ https://codeberg.org/small-tech/auto-encrypt-localhost
² https://codeberg.org/small-tech/auto-encrypt
³ https://kitten.small-web.org
⁴ https://codeberg.org/domain/app
⁵ https://codeberg.org/place/app
⁶ https://ar.al/2024/06/24/small-web-computer-science-colloquium-at-university-of-groningen/
Qiita - 人気の記事 
