My $169 development Chromebook

How Chrome OS, Termux, YubiKey & Duo Mobile make for great usable security Update I'll give this a proper update in the coming days, but much of this post is no longer needed. First class support for native VMs and containers have landed in Dev & Canary channels for Chrome…

A day in the life of a nasty Word Malware

This is a write-up from an incident in 2015, but many lessons still apply today. Only 10 out of 55 anti-virus engines detected the malware, and those that missed it include some major players: Microsoft, TrendMicro, Symantec, Kaspersky, FProt, Bit Defender, Comodo, Fortinet and Sophos. The only two major vendors…

Barebones LetsEncrypt cron job

This is a barebones, simple LetsEncrypt cron job shell script to auto-refresh TLS (or SSL v 4 if you prefer) certificates. If you host your own site, the easiest solution is probably to run a Caddy web server and let it do the heavy lifting. But if you need a…