Tag Archives: private

Etsy 如何用 Let's Encrypt 的 SSL certificate 做生意...

Etsy 的「How Etsy Manages HTTPS and SSL Certificates for Custom Domains on Pattern」這篇文章講了如何用 Let's Encrypt 實作 Custom Domain。 主要是因為 Let's Encrypt 在設計時就考慮到的 auto-renew 機制,可以全自動處理後續的動作。這使得接 Let's Encrypt 比起接其他家來得容易 (而且省掉許多費用與合約上要處理的問題)。 文章後半段則是討論另外一個問題:當你有上千把 private key (& certificate) 時要怎麼管理,以確保這些 private key 都夠安全。其中有提到未來打算要引入 HSM: One of … Continue reading

Posted in Computer, Hardware, Murmuring, Network, Programming, Security, Software, WWW | Tagged , , , , , , , , , , , , , , , , | Leave a comment

伊朗透過 BGP 管制網路的手段影響其他國家網路...

Dyn (之前被 DDoS 打爆,過一陣子被 Oracle 買去的那個 Dyn) 的這篇「Iran Leaks Censorship via BGP Hijacks」講到他們偵測到伊朗透過 BGP hijack 管制網站的問題。 前陣子伊朗透過 private ASN 放了 99.192.226.0/24 出來,影響到其他國家: Last week, Iranian state telecom announced a BGP hijack of address space (99.192.226.0/24) hosting numerous pornographic websites. 由於這段 … Continue reading

Posted in Computer, Murmuring, Network, Political, Security, Social | Tagged , , , , , , , , , , , , , | Leave a comment

Linode 記憶體升級,以及新的日本機房計畫

Linode 的 13 歲禮物:「Linode’s 13th Birthday – Gifts for All!」。包括了記憶體的升級計畫: Old Plan New Plan Price Linode 1 GB Linode 2 GB $10/mo ($0.015/hr) Linode 2 GB Linode 4 GB $20/mo ($0.03/hr) Linode 4 GB Linode 8 GB $40/mo ($0.06/hr) Linode … Continue reading

Posted in Computer, Hardware, Murmuring, Network | Tagged , , , , , , , , , , | Leave a comment

GitHub 提供新的 contribution (小綠點) 計算方式

以往 GitHub 在個人頁面上的 contribution 只會計算 public repository,現在則可以設定將 private repository 也統計進去:「More contributions on your profile」。 private repository 的部份只會顯示數量,不會公開任何細節,像是我用 incognito mode (無痕模式) 可以看到在沒有登入時的資訊: 但如果是登入後就會有詳細資料:

Posted in Computer, Murmuring, Network, Software | Tagged , , , , , , , | Leave a comment

Amazon 推出自有品牌產品...

Amazon 打算推出自有品牌產品:「Amazon to Expand Private-Label Offerings—From Food to Diapers」,所以之後會看到 Amazon 牌子的飲料、食物等等的東西: Amazon.com Inc. in the coming weeks is set to roll out new lines of private-label brands that will include its first broad push into perishable foods, according to people … Continue reading

Posted in Computer, Food, Murmuring, Network, Recreation, Social | Tagged , , , , | Leave a comment

對 ECDSA 實體非破壞性的 Side Channel 攻擊

用很簡單的設備透過 Side Channel 攻擊取得 ECDSA private key:「ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels」。這次 Side Channel 只需要簡單的線圈,透著一塊玻璃也 okay: 文章裡面提到是 Tracker Pre,查了一下二手價是 USD$80: 這邊抓出了 ADD 產生出的訊號: 然後就可以利用這些訊號重建出 private key: After observing the elliptic-curve DOUBLE and ADD operations during … Continue reading

Posted in Computer, Hardware, Murmuring, Security | Tagged , , , , , , , , | Leave a comment

Microsoft SQL Server 出 Linux 版...

微軟的 Microsoft SQL Server 將會推出 Linux 版:「Announcing SQL Server on Linux」。 看到 Ubuntu 這個關鍵字: “We are delighted to be working with Microsoft as it brings SQL Server to Linux,” said Mark Shuttleworth, founder of Canonical. “Customers are already taking advantage … Continue reading

Posted in Computer, Database, Linux, Murmuring, OS, Software | Tagged , , , , , , , | Leave a comment

Amazon EMR 可以在 Private Subnet 裡面執行了...

以前 Amazon EMR 都只能接著 Public IP 跑 (AWS 端會認這個 IP),現在可以丟進 Private Subnet 裡面跑:「New – Launch Amazon EMR Clusters in Private Subnets」。 看起來主要是半年前的功能的延伸。 在今年五月時 Amazon VPC 內有直通 Amazon S3 的介面,不需要再通過 Internet 處理:「Amazon VPC 的 Private Subnet 不需要透過 NAT 去 Amazon S3 … Continue reading

Posted in AWS, Cloud, Computer, Murmuring, Network, Security, Software | Tagged , , , , , , , , , , , , , | Leave a comment

Dell 在出廠的電腦上裝自己的 Root Certificate,順便把 Private Key 也裝進去了...

Dell 在出廠的電腦上裝了 Root Certificate (eDellRoot),並且附上 Private Key:「Dell apologizes for HTTPS certificate fiasco, provides removal tool」。 出自 Reddit 上 rotorcowboy 的爆破:「Dell ships laptops with rogue root CA, exactly like what happened with Lenovo and Superfish」。 Dell 官方的正式回應:「Response to Concerns Regarding eDellroot … Continue reading

Posted in Browser, Computer, Murmuring, Network, Security, Software, WWW | Tagged , , , , , , , , , | Leave a comment

Let's Encrypt 預定於 2015 年 12 月 3 日進入 Public Beta

Let's Encrypt 宣佈 2015/12/03 進入 Public Beta,也就是不需要額外填寫表格申請就可以使用:「Public Beta: December 3, 2015」。 從 2015/09/19 開始到現在已經發出 11K 個 SSL certificate 了: Our Limited Beta started on September 12, 2015. We’ve issued over 11,000 certificates since then, and this operational experience has given … Continue reading

Posted in Computer, Murmuring, Network, Security, WWW | Tagged , , , , , , | Leave a comment