Skip to content

Category Archives: Web

Matters related to the Web

Oh no! The certificate has expired!

Hey kids! You know those SSL certificates you obtained and installed today? Yeah, put a reminder in your calendar right now for a week before the expiry date, so you don’t get caught out. Future you will thank you.

OpenSSL on HighSierra

Recently I finally got around to reading the excellent OpenSSL Cookbook from Ivan Ristić – you can grab a free copy via https://www.openssl.org/docs/ – and the first question in my mind was “what version of OpenSSL is already installed on my Mac”. A quick check showed it’s there pre-built in HighSierra in /usr/bin: Hmm. Wikipedia […]

TLS 1.3 – It’s like Christmas

Via The Register I see that TLS 1.3 has finally rolled off the standards and committee draft assembly line. This is pretty big news, not least because we’ve been working with the current TLS 1.2 standard for almost a decade, and the defects in it have well and truly been discovered and exploited. There’s a […]

Two-factor in the middle of the night

Wherever possible I have been enabling two-factor authentication and similar protections. Not that I am paranoid, it’s just that I am paranoid. One of these I have had in play for a long time is protection on my Google account. So it’s somewhat comforting to get an unexpected SMS message from Google in the middle […]

SSL Made Easy

Time for a shout-out to DreamHost, who have partnered with LetsEncrypt to make using SSL with this website very, very easy. DreamHost have always aimed to make many actions against the site push-button, with sensible defaults, and clear documentation, and generating and attaching the certificate was a walk in the park. I was a little surprised to […]

A man is not dead while his name is still spoken.

Something I have been meaning to do for quite a time is to take up the idea of keeping PTerry’s name alive by adding the X-Clacks-Overhead header to parts of this site. Even if it is only in the overhead: GNU Terry Pratchett.

CSS3 Oops.

Revising my resumé as part of an overall overhaul of my site, I realised that the presentation on mobile devices was not very good. Fortunately since I last did anything major, CSS3 has become widely implemented, so Media Queries are now an option for degrading onto smaller screens. To my pleasure it did (eventually) just […]

Robots. They are coming to take your content.

I am in the process of revising my site, and discovered for whatever reason that I had an empty robots.txt file present. I know it is only a voluntary ‘standard’, but as far as I know all the major players do respect it. As the overwhelming proportion of users use a search engine that respects […]

Doing More With Less (Part 1 of N)

In recent weeks I have been massively overhauling the monitoring and alerting infrastructure. Most of the low-level box checks are easily handled by CloudWatch, and some of the more sophisticated trip-wires can be handled by looking for patterns in our logs, collated by LogStash and exported to Loggly. In either case, I have trip wires […]

Passwords definitely considered broken

So we have news of yet another major slurping-up of poorly secured credential sets. A column at the Guardian talks about all the usual measures that can be taken to more-or-less protect your multiple identities, but once again misses the two subtle and deeply geeky issues that underly this breach. First off, we can guess that […]