Recent Blog Posts

USPS incomplete address scam

Wednesday, Aug 2, 2023

How does the “incomplete address” scam work? What happens if you divulge your payment information? How can you avoid it?

Identity thieves are not sophisticated hackers, nor do they typically wear dark hoodies, but try telling that to the media.

Anti-fingerprinting Configuration for NGINX

Thursday, Aug 11, 2022

Software on the web discloses a wealth of information with little prompt. Help protect your privacy by using these anti-fingerprinting options.

Fingerprinting the web.

Peplink FusionHub - Looking under the hood

Tuesday, Aug 3, 2021

I decided to take a look at the FusionHub virtual routing appliance from Peplink. Here’s how to open it up and get inside.

CVE-2018-10756: Transmission

Thursday, May 14, 2020

CVE-2018-10756: Transmission can crash or possibly execute arbitrary code when opening a maliciously crafted torrent file.

Clean Up Your Gems

Sunday, Jun 23, 2019

In this post, I urge Ruby gem maintainers to be aware of the files they distribute with their gems. If your gem includes files which you have not consciously included for a specific reason, please consider removing these files from your gem.