New Hugo build

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2022-07-17 06:00:20 -04:00
parent f2d8189536
commit 6b30fb93fe
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2
22 changed files with 103 additions and 21 deletions

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -17,6 +17,17 @@ Tommy System Administrator. Benevolent dictator for life @privsec.dev.
Website: tommytran.io</description>
</item>
<item>
<title>Choosing Your Desktop Linux Distribution</title>
<link>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</link>
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
<guid>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</guid>
<description>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often dont update package versions and fall behind on security updates.
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer.</description>
</item>
<item>
<title>Docker and OCI Hardening</title>
<link>https://privsec.dev/os/docker-and-oci-hardening/</link>

View File

@ -1,6 +1,6 @@
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>Knowledge Base | PrivSec.dev</title><meta name=keywords content><meta name=description content="Knowledge Base - PrivSec.dev"><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/knowledge/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/knowledge/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="Knowledge Base"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/knowledge/"><meta name=twitter:card content="summary"><meta name=twitter:title content="Knowledge Base"><meta name=twitter:description content><script type=application/ld+json>{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":2,"name":"Knowledge Base","item":"https://privsec.dev/knowledge/"}]}</script></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span class=active>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a></div><h1>Knowledge Base
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class=post-entry><header class=entry-header><h2>Multi-factor Authentication</h2></header><div class=entry-content><p>Multi-factor authentication is a security mechanism that requires additional verification beyond your username (or email) and password. This usually comes in the form of a one time passcode, a push notification, or plugging in and tapping a hardware security key.
Common protocols Email and SMS MFA Email and SMS MFA are examples of the weaker MFA protocols. Email MFA is not great as whoever controls your email account can typically both reset your password and recieve your MFA verification....</p></div><footer class=entry-footer>6 min&nbsp;·&nbsp;1225 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Multi-factor Authentication" href=https://privsec.dev/knowledge/multi-factor-authentication/></a></article></main><footer class=footer><span>&copy; 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
Common protocols Email and SMS MFA Email and SMS MFA are examples of the weaker MFA protocols. Email MFA is not great as whoever controls your email account can typically both reset your password and recieve your MFA verification....</p></div><footer class=entry-footer>6 min&nbsp;·&nbsp;1223 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Multi-factor Authentication" href=https://privsec.dev/knowledge/multi-factor-authentication/></a></article></main><footer class=footer><span>&copy; 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
<span>Powered by
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -1,9 +1,11 @@
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>Operating Systems | PrivSec.dev</title><meta name=keywords content><meta name=description content="Operating Systems - PrivSec.dev"><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/os/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/os/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="Operating Systems"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/os/"><meta name=twitter:card content="summary"><meta name=twitter:title content="Operating Systems"><meta name=twitter:description content><script type=application/ld+json>{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":2,"name":"Operating Systems","item":"https://privsec.dev/os/"}]}</script></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span class=active>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a></div><h1>Operating Systems
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class=post-entry><header class=entry-header><h2>Docker and OCI Hardening</h2></header><div class=entry-content><p>Containers arent that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class=post-entry><header class=entry-header><h2>Choosing Your Desktop Linux Distribution</h2></header><div class=entry-content><p>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often dont update package versions and fall behind on security updates.
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer....</p></div><footer class=entry-footer>5 min&nbsp;·&nbsp;944 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Choosing Your Desktop Linux Distribution" href=https://privsec.dev/os/choosing-your-desktop-linux-distribution/></a></article><article class=post-entry><header class=entry-header><h2>Docker and OCI Hardening</h2></header><div class=entry-content><p>Containers arent that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
- Hey, your software doesnt work…
- Sorry, it works on my computer! Cant help you.
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries....</p></div><footer class=entry-footer>19 min&nbsp;·&nbsp;3925 words&nbsp;·&nbsp;Wonderfall</footer><a class=entry-link aria-label="post link to Docker and OCI Hardening" href=https://privsec.dev/os/docker-and-oci-hardening/></a></article><article class=post-entry><header class=entry-header><h2>Linux Insecurities</h2></header><div class=entry-content><p>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonixs Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post....</p></div><footer class=entry-footer>1 min&nbsp;·&nbsp;86 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Linux Insecurities" href=https://privsec.dev/os/linux-insecurities/></a></article><article class=post-entry><header class=entry-header><h2>Securing OpenSSH with FIDO2</h2></header><div class=entry-content><p>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since theyre cryptographically sane by default, and are therefore resilient to most bruteforce atacks. Theyre also easier to manage while enabling a form of decentralized authentication (its easy and painless to revoke them). So, whats the next step? And more exactly, why would one need something even better?
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonixs Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post....</p></div><footer class=entry-footer>2 min&nbsp;·&nbsp;238 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Linux Insecurities" href=https://privsec.dev/os/linux-insecurities/></a></article><article class=post-entry><header class=entry-header><h2>Securing OpenSSH with FIDO2</h2></header><div class=entry-content><p>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since theyre cryptographically sane by default, and are therefore resilient to most bruteforce atacks. Theyre also easier to manage while enabling a form of decentralized authentication (its easy and painless to revoke them). So, whats the next step? And more exactly, why would one need something even better?
Why? The main problem with SSH keys is that theyre not magic: they consist of a key pair, of which the private key is stored on your disk....</p></div><footer class=entry-footer>5 min&nbsp;·&nbsp;863 words&nbsp;·&nbsp;Wonderfall</footer><a class=entry-link aria-label="post link to Securing OpenSSH with FIDO2" href=https://privsec.dev/os/securing-openssh-with-fido2/></a></article></main><footer class=footer><span>&copy; 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
<span>Powered by
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &

View File

@ -5,6 +5,17 @@
<link>https://privsec.dev/os/</link>
<description>Recent content in Operating Systems on PrivSec.dev</description>
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/os/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>Choosing Your Desktop Linux Distribution</title>
<link>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</link>
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
<guid>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</guid>
<description>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often dont update package versions and fall behind on security updates.
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer.</description>
</item>
<item>
<title>Docker and OCI Hardening</title>
<link>https://privsec.dev/os/docker-and-oci-hardening/</link>

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -9,6 +9,8 @@
<loc>https://privsec.dev/apps/</loc>
</url><url>
<loc>https://privsec.dev/categories/</loc>
</url><url>
<loc>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</loc>
</url><url>
<loc>https://privsec.dev/tags/container/</loc>
</url><url>

View File

@ -1,4 +1,4 @@
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>Tags | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="Tags"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/"><meta name=twitter:card content="summary"><meta name=twitter:title content="Tags"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><h1>Tags</h1></header><ul class=terms-tags><li><a href=https://privsec.dev/tags/android/>android <sup><strong><sup>1</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/container/>container <sup><strong><sup>1</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/knowledge-base/>knowledge base <sup><strong><sup>1</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/linux/>linux <sup><strong><sup>3</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/operating-system/>operating system <sup><strong><sup>1</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/operating-systems/>operating systems <sup><strong><sup>2</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/security/>security <sup><strong><sup>5</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/software/>software <sup><strong><sup>1</sup></strong></sup></a></li></ul></main><footer class=footer><span>&copy; 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>Tags | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="Tags"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/"><meta name=twitter:card content="summary"><meta name=twitter:title content="Tags"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><h1>Tags</h1></header><ul class=terms-tags><li><a href=https://privsec.dev/tags/android/>android <sup><strong><sup>1</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/container/>container <sup><strong><sup>1</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/knowledge-base/>knowledge base <sup><strong><sup>1</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/linux/>linux <sup><strong><sup>4</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/operating-system/>operating system <sup><strong><sup>2</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/operating-systems/>operating systems <sup><strong><sup>2</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/security/>security <sup><strong><sup>6</sup></strong></sup></a></li><li><a href=https://privsec.dev/tags/software/>software <sup><strong><sup>1</sup></strong></sup></a></li></ul></main><footer class=footer><span>&copy; 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
<span>Powered by
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>

View File

@ -1,6 +1,6 @@
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>knowledge base | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/knowledge-base/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/knowledge-base/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="knowledge base"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/knowledge-base/"><meta name=twitter:card content="summary"><meta name=twitter:title content="knowledge base"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a>&nbsp;»&nbsp;<a href=https://privsec.dev/tags/>Tags</a></div><h1>knowledge base
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Multi-factor Authentication</h2></header><div class=entry-content><p>Multi-factor authentication is a security mechanism that requires additional verification beyond your username (or email) and password. This usually comes in the form of a one time passcode, a push notification, or plugging in and tapping a hardware security key.
Common protocols Email and SMS MFA Email and SMS MFA are examples of the weaker MFA protocols. Email MFA is not great as whoever controls your email account can typically both reset your password and recieve your MFA verification....</p></div><footer class=entry-footer>6 min&nbsp;·&nbsp;1225 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Multi-factor Authentication" href=https://privsec.dev/knowledge/multi-factor-authentication/></a></article></main><footer class=footer><span>&copy; 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
Common protocols Email and SMS MFA Email and SMS MFA are examples of the weaker MFA protocols. Email MFA is not great as whoever controls your email account can typically both reset your password and recieve your MFA verification....</p></div><footer class=entry-footer>6 min&nbsp;·&nbsp;1223 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Multi-factor Authentication" href=https://privsec.dev/knowledge/multi-factor-authentication/></a></article></main><footer class=footer><span>&copy; 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
<span>Powered by
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>

View File

@ -1,9 +1,11 @@
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>linux | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/linux/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/linux/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="linux"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/linux/"><meta name=twitter:card content="summary"><meta name=twitter:title content="linux"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a>&nbsp;»&nbsp;<a href=https://privsec.dev/tags/>Tags</a></div><h1>linux
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Docker and OCI Hardening</h2></header><div class=entry-content><p>Containers arent that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Choosing Your Desktop Linux Distribution</h2></header><div class=entry-content><p>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often dont update package versions and fall behind on security updates.
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer....</p></div><footer class=entry-footer>5 min&nbsp;·&nbsp;944 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Choosing Your Desktop Linux Distribution" href=https://privsec.dev/os/choosing-your-desktop-linux-distribution/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Docker and OCI Hardening</h2></header><div class=entry-content><p>Containers arent that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
- Hey, your software doesnt work…
- Sorry, it works on my computer! Cant help you.
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries....</p></div><footer class=entry-footer>19 min&nbsp;·&nbsp;3925 words&nbsp;·&nbsp;Wonderfall</footer><a class=entry-link aria-label="post link to Docker and OCI Hardening" href=https://privsec.dev/os/docker-and-oci-hardening/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Linux Insecurities</h2></header><div class=entry-content><p>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonixs Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post....</p></div><footer class=entry-footer>1 min&nbsp;·&nbsp;86 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Linux Insecurities" href=https://privsec.dev/os/linux-insecurities/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Securing OpenSSH with FIDO2</h2></header><div class=entry-content><p>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since theyre cryptographically sane by default, and are therefore resilient to most bruteforce atacks. Theyre also easier to manage while enabling a form of decentralized authentication (its easy and painless to revoke them). So, whats the next step? And more exactly, why would one need something even better?
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonixs Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post....</p></div><footer class=entry-footer>2 min&nbsp;·&nbsp;238 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Linux Insecurities" href=https://privsec.dev/os/linux-insecurities/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Securing OpenSSH with FIDO2</h2></header><div class=entry-content><p>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since theyre cryptographically sane by default, and are therefore resilient to most bruteforce atacks. Theyre also easier to manage while enabling a form of decentralized authentication (its easy and painless to revoke them). So, whats the next step? And more exactly, why would one need something even better?
Why? The main problem with SSH keys is that theyre not magic: they consist of a key pair, of which the private key is stored on your disk....</p></div><footer class=entry-footer>5 min&nbsp;·&nbsp;863 words&nbsp;·&nbsp;Wonderfall</footer><a class=entry-link aria-label="post link to Securing OpenSSH with FIDO2" href=https://privsec.dev/os/securing-openssh-with-fido2/></a></article></main><footer class=footer><span>&copy; 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
<span>Powered by
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &

View File

@ -5,6 +5,17 @@
<link>https://privsec.dev/tags/linux/</link>
<description>Recent content in linux on PrivSec.dev</description>
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/tags/linux/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>Choosing Your Desktop Linux Distribution</title>
<link>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</link>
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
<guid>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</guid>
<description>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often dont update package versions and fall behind on security updates.
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer.</description>
</item>
<item>
<title>Docker and OCI Hardening</title>
<link>https://privsec.dev/os/docker-and-oci-hardening/</link>

View File

@ -1,6 +1,8 @@
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>operating system | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/operating-system/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/operating-system/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="operating system"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/operating-system/"><meta name=twitter:card content="summary"><meta name=twitter:title content="operating system"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a>&nbsp;»&nbsp;<a href=https://privsec.dev/tags/>Tags</a></div><h1>operating system
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Linux Insecurities</h2></header><div class=entry-content><p>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonixs Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post....</p></div><footer class=entry-footer>1 min&nbsp;·&nbsp;86 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Linux Insecurities" href=https://privsec.dev/os/linux-insecurities/></a></article></main><footer class=footer><span>&copy; 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Choosing Your Desktop Linux Distribution</h2></header><div class=entry-content><p>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often dont update package versions and fall behind on security updates.
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer....</p></div><footer class=entry-footer>5 min&nbsp;·&nbsp;944 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Choosing Your Desktop Linux Distribution" href=https://privsec.dev/os/choosing-your-desktop-linux-distribution/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Linux Insecurities</h2></header><div class=entry-content><p>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonixs Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post....</p></div><footer class=entry-footer>2 min&nbsp;·&nbsp;238 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Linux Insecurities" href=https://privsec.dev/os/linux-insecurities/></a></article></main><footer class=footer><span>&copy; 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
<span>Powered by
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>

View File

@ -5,6 +5,17 @@
<link>https://privsec.dev/tags/operating-system/</link>
<description>Recent content in operating system on PrivSec.dev</description>
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/tags/operating-system/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>Choosing Your Desktop Linux Distribution</title>
<link>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</link>
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
<guid>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</guid>
<description>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often dont update package versions and fall behind on security updates.
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer.</description>
</item>
<item>
<title>Linux Insecurities</title>
<link>https://privsec.dev/os/linux-insecurities/</link>

View File

@ -1,13 +1,14 @@
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>security | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/security/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/security/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="security"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/security/"><meta name=twitter:card content="summary"><meta name=twitter:title content="security"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a>&nbsp;»&nbsp;<a href=https://privsec.dev/tags/>Tags</a></div><h1>security
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Docker and OCI Hardening</h2></header><div class=entry-content><p>Containers arent that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Choosing Your Desktop Linux Distribution</h2></header><div class=entry-content><p>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often dont update package versions and fall behind on security updates.
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer....</p></div><footer class=entry-footer>5 min&nbsp;·&nbsp;944 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Choosing Your Desktop Linux Distribution" href=https://privsec.dev/os/choosing-your-desktop-linux-distribution/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Docker and OCI Hardening</h2></header><div class=entry-content><p>Containers arent that new fancy thing anymore, but they were a big deal. And they still are. They are a concrete solution to the following problem:
- Hey, your software doesnt work…
- Sorry, it works on my computer! Cant help you.
Whether we like them or not, containers are here to stay. Their expressiveness and semantics allow for an abstraction of the OS dependencies that a software has, the latter being often dynamically linked against certain libraries....</p></div><footer class=entry-footer>19 min&nbsp;·&nbsp;3925 words&nbsp;·&nbsp;Wonderfall</footer><a class=entry-link aria-label="post link to Docker and OCI Hardening" href=https://privsec.dev/os/docker-and-oci-hardening/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>F-Droid Security Analysis</h2></header><div class=entry-content><p>F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider.
Before we start, a few things to keep in mind:
The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone elses work....</p></div><footer class=entry-footer>25 min&nbsp;·&nbsp;5298 words&nbsp;·&nbsp;Wonderfall</footer><a class=entry-link aria-label="post link to F-Droid Security Analysis" href=https://privsec.dev/apps/f-droid-security-analysis/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Linux Insecurities</h2></header><div class=entry-content><p>There is a common misconception among privacy communities that Linux is one of the more secure operating systems, either because it is open source or because it is widely used in the cloud. This is however, a far cry from reality.
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonixs Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post....</p></div><footer class=entry-footer>1 min&nbsp;·&nbsp;86 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Linux Insecurities" href=https://privsec.dev/os/linux-insecurities/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Multi-factor Authentication</h2></header><div class=entry-content><p>Multi-factor authentication is a security mechanism that requires additional verification beyond your username (or email) and password. This usually comes in the form of a one time passcode, a push notification, or plugging in and tapping a hardware security key.
Common protocols Email and SMS MFA Email and SMS MFA are examples of the weaker MFA protocols. Email MFA is not great as whoever controls your email account can typically both reset your password and recieve your MFA verification....</p></div><footer class=entry-footer>6 min&nbsp;·&nbsp;1225 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Multi-factor Authentication" href=https://privsec.dev/knowledge/multi-factor-authentication/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Securing OpenSSH with FIDO2</h2></header><div class=entry-content><p>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since theyre cryptographically sane by default, and are therefore resilient to most bruteforce atacks. Theyre also easier to manage while enabling a form of decentralized authentication (its easy and painless to revoke them). So, whats the next step? And more exactly, why would one need something even better?
Why? The main problem with SSH keys is that theyre not magic: they consist of a key pair, of which the private key is stored on your disk....</p></div><footer class=entry-footer>5 min&nbsp;·&nbsp;863 words&nbsp;·&nbsp;Wonderfall</footer><a class=entry-link aria-label="post link to Securing OpenSSH with FIDO2" href=https://privsec.dev/os/securing-openssh-with-fido2/></a></article></main><footer class=footer><span>&copy; 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, Whonixs Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post....</p></div><footer class=entry-footer>2 min&nbsp;·&nbsp;238 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Linux Insecurities" href=https://privsec.dev/os/linux-insecurities/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>Multi-factor Authentication</h2></header><div class=entry-content><p>Multi-factor authentication is a security mechanism that requires additional verification beyond your username (or email) and password. This usually comes in the form of a one time passcode, a push notification, or plugging in and tapping a hardware security key.
Common protocols Email and SMS MFA Email and SMS MFA are examples of the weaker MFA protocols. Email MFA is not great as whoever controls your email account can typically both reset your password and recieve your MFA verification....</p></div><footer class=entry-footer>6 min&nbsp;·&nbsp;1223 words&nbsp;·&nbsp;Tommy</footer><a class=entry-link aria-label="post link to Multi-factor Authentication" href=https://privsec.dev/knowledge/multi-factor-authentication/></a></article><footer class=page-footer><nav class=pagination><a class=next href=https://privsec.dev/tags/security/page/2/>Next »</a></nav></footer></main><footer class=footer><span>&copy; 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
<span>Powered by
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>

View File

@ -5,6 +5,17 @@
<link>https://privsec.dev/tags/security/</link>
<description>Recent content in security on PrivSec.dev</description>
<generator>Hugo -- gohugo.io</generator><atom:link href="https://privsec.dev/tags/security/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>Choosing Your Desktop Linux Distribution</title>
<link>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</link>
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
<guid>https://privsec.dev/os/choosing-your-desktop-linux-distribution/</guid>
<description>Not all Linux distributions are created equal. When choosing a Linux distribution, there are several things you need to keep in mind.
Release cycle You should choose a distribution which stays close to the stable upstream software releases, typically rolling release distributions. This is because frozen release cycle distributions often dont update package versions and fall behind on security updates.
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such example) rather than bump the software to the “next version” released by the upstream developer.</description>
</item>
<item>
<title>Docker and OCI Hardening</title>
<link>https://privsec.dev/os/docker-and-oci-hardening/</link>

View File

@ -0,0 +1,6 @@
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>security | PrivSec.dev</title><meta name=keywords content><meta name=description content><meta name=author content="PrivSec Team"><link rel=canonical href=https://privsec.dev/tags/security/><link crossorigin=anonymous href=/assets/css/stylesheet.8b523f1730c922e314350296d83fd666efa16519ca136320a93df674d00b6325.css integrity="sha256-i1I/FzDJIuMUNQKW2D/WZu+hZRnKE2MgqT32dNALYyU=" rel="preload stylesheet" as=style><link rel=icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://privsec.dev/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://privsec.dev/tags/security/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript><meta property="og:title" content="security"><meta property="og:description" content><meta property="og:type" content="website"><meta property="og:url" content="https://privsec.dev/tags/security/"><meta name=twitter:card content="summary"><meta name=twitter:title content="security"><meta name=twitter:description content></head><body class="list dark" id=top><script>localStorage.getItem("pref-theme")==="light"&&document.body.classList.remove("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://privsec.dev accesskey=h title="PrivSec.dev (Alt + H)">PrivSec.dev</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><ul id=menu><li><a href=https://privsec.dev/knowledge/ title="Knowledge Base"><span>Knowledge Base</span></a></li><li><a href=https://privsec.dev/os/ title="Operating Systems"><span>Operating Systems</span></a></li><li><a href=https://privsec.dev/apps/ title=Applications><span>Applications</span></a></li><li><a href=https://privsec.dev/providers/ title=Providers><span>Providers</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://privsec.dev>Home</a>&nbsp;»&nbsp;<a href=https://privsec.dev/tags/>Tags</a></div><h1>security
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>Securing OpenSSH with FIDO2</h2></header><div class=entry-content><p>Passwordless authentication with OpenSSH keys has been the de facto security standard for years. SSH keys are more robust since theyre cryptographically sane by default, and are therefore resilient to most bruteforce atacks. Theyre also easier to manage while enabling a form of decentralized authentication (its easy and painless to revoke them). So, whats the next step? And more exactly, why would one need something even better?
Why? The main problem with SSH keys is that theyre not magic: they consist of a key pair, of which the private key is stored on your disk....</p></div><footer class=entry-footer>5 min&nbsp;·&nbsp;863 words&nbsp;·&nbsp;Wonderfall</footer><a class=entry-link aria-label="post link to Securing OpenSSH with FIDO2" href=https://privsec.dev/os/securing-openssh-with-fido2/></a></article><footer class=page-footer><nav class=pagination><a class=prev href=https://privsec.dev/tags/security/>« Prev</a></nav></footer></main><footer class=footer><span>&copy; 2022 <a href=https://privsec.dev>PrivSec.dev</a></span>
<span>Powered by
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>