Make a diff!
“The first financial Platform that is free and fully open source. The OpenBB Platform offers access to equity, options, crypto, forex, macro economy, fixed income, and more while also offering a broad range of extensions to enhance the user experience according to their needs.”
https://github.com/OpenBB-finance/OpenBB
“A command-line vanity (public) key generator for WireGuard. By default, it only matches the prefix of generated public keys, and not whether the search matches anywhere in the public key. The concept is based on wireguard-vanity-address, however I wanted something a little more streamlined.”
Pretty good overview of better-than-average to top-notch software, in terms of security and privacy (note that there are also service providers and tools listed on this page that I would neither endorse nor recommend):
Off-grid, resilient mesh communication with strong encryption, forward secrecy and extreme privacy.
Nomad Network allows you to build private and resilient communications platforms that are in complete control and ownership of the people that use them. No signups, no agreements, no handover of any data, no permissions and gatekeepers.
Information is the basis of society in the digital world.
Freedom of expression/speech and free access to information are indispensable prerequisites for democracy.
Sadly, there are misleading and dubious organisations, lobbyists, parties, secret services, legislative and executive bodies that work against these liberal, enlightened and humanitarian values and demand or advocate censorship, online and offline.
This is a big threat for civil society – you and me, all of us.
And this is what makes projects like NomadNet important and valuable.
Stand up for freedom of expression/free speech and fight censorship!
(And as always, please note the disclaimer: All software and hardware can have security bugs).
An interesting project if you want to self-host your own Bitwarden compatible server, written in Rust instead of in C#:
Unofficial Bitwarden compatible server written in Rust
(/ht https://news.ycombinator.com/item?id=41243147)
(Disclaimer: Keep in mind that every software, also formally verified one, can contain bugs, also security bugs.)
I verified the tips on the page below. The only mistake I’ve noticed is that the date format is wrongly indicated, i.e. instead of in MM/DD/YYYY format, the dates have to be specified in DD/MM/YYYY format.
So, the 1) command should be:
$ zmmailbox -z -m alice@example.com gru "//?fmt=tgz&query=after:"20/07/2022"&before:"26/07/2022"" >> /tmp/alice.tgz
https://wiki.zimbra.com/wiki/How_to_export_import_emails_for_a_specific_date
TCP BBR looks promising and somehow managed to escape my radar so far.. need to take a look at how to improve my IT infrastructure with it:
Increase your Linux server Internet speed with TCP BBR congestion control
A nice summary by Werner Fischer (Thomas-Krenn) about how to enable and use Serial over LAN, particularly for Linux boxes:
(In German, but you can easily translate it using your favourite online translation tool, e.g. deepl.com or Google Translate)
It might be worth taking a closer look at Clip OS, a relatively new, security focused Linux distribution by the ANSSI, based on Hardened Gentoo and with some similarities to Qubes OS.
GitLab 10.5 introduced built-in support for Let’s Encrypt.
Unfortunately, if you follow the official GitLab instructions how to enable Let’s Encrypt support, you may encounter the following error when rebuilding GitLab:
Running handlers:
There was an error running gitlab-ctl reconfigure:letsencrypt_certificate[yourhost.yourdomain.com] (letsencrypt::http_authorization line 3) had an error: RuntimeError: acme_certificate[staging] (/opt/gitlab/embedded/cookbooks/cache/cookbooks/letsencrypt/resources/certificate.rb line 20) had an error: RuntimeError: [yourhost.yourdomain.com] Validation failed for domain yourhost.yourdomain.com
Running handlers complete
Chef Client failed. 11 resources updated in 11 secondsWarnings:
Let’s Encrypt is enabled, but external_url is using http
The last line is rather misleading, as the domain validation can apparently also fail if one sets external_url = “https://yourhost.yourdomain.com”
As a workaround, add the following two additional lines to /etc/gitlab/gitlab.rb (hat tip to Kai Mindermann and Thomas Jost for the hints):
nginx['redirect_http_to_https_port'] = 80 nginx['redirect_http_to_https'] = true
So, all in all, you need to set in /etc/gitlab/gitlab.rb:
external_url 'https://yourhost.yourdomain.com'
and add the following lines (adjust the notification e-mail address):
letsencrypt['enable'] = true letsencrypt['contact_emails'] = ['gitlab-notifications@yourdomain.com'] # optional nginx['redirect_http_to_https_port'] = 80 nginx['redirect_http_to_https'] = true
Make sure that your firewall doesn’t block access to ports 22 (SSH), 80 (HTTP), 443 (HTTPS).
After that, reconfigure GitLab (in a shell):
# gitlab-ctl reconfigure
That’s it! You can now register/login at https://yourhost.yourdomain.com.