mig5 @mig5@rezo.mig5.net
- Website
- https://mig5.net
- Pronouns
- he/him | il/lui
Linux sysadmin consultant, working across the realm of DevSecOps for various organisations around the world.
One of the core developers of the #OnionShare project, also working on similar projects and with organisations in the open source data privacy/freedom ecosystem.
Available for hire on a contracting and telecommute basis.
This account is protected but please feel free to send a request if you're human (and a decent one).
Joined Jun 2020
Pinned toot
Just finished up a sysops consulting gig at Freedom of the Press (FPF), it was great!
I now have some availability, so I’m looking to work for similar orgs in the privacy/freedom space, between 10-20 hours a month.
I work as a freelance sysadmin since 2007. I live in Australia (GMT+10) but work mostly with orgs in Europe and USA.
If interested or if you want more info, please visit https://mig5.net/availability.html
Pinned toot
Back on my own instance 🙄 #introductions
I’m a freelance sysadmin consultant since 2007. Currently working on cool open source privacy projects such as #OnionShare. I’ve also contributed in different shapes and sizes to QubesOS, Tails, Haven, OSSEC, and others in that sort of space 🧅🔒
Been on and off Masto since the great wave of 2017 🌊
Available for hire to help provision, manage or harden your servers, automate the deployment of your apps etc https://mig5.net
Has anyone written an RSS app to passively follow the feeds of multiple masto users in a way that is not ugly as hell? Like, maybe somehow handles threads?
A regular RSS app just won’t cut it.
mig5
boosted
QSB #058: Insufficient cache write-back under VT-d (XSA-321) https://www.qubes-os.org/news/2020/07/07/qsb-058/ #security
Australia’s COVIDSafe app has not detected a case despite 6 million downloads
The only problem with this article is the focus on whether this means the app “isn’t functioning properly”.
That’s not the message to convey.
The message is that as usual: regular, human-driven detective work is perfectly suitable. Privacy-invading technology is not the hammer with which to treat everything as a nail. Just like surveillance/encryption backdoors.
As predicted, the US now trying to follow Australia’s 2018 lead by making mathematics illegal https://www.theregister.com/2020/06/24/us_encryption_backdoor/
TIL: OpenVPN 2.4 rejects client connections when “CRL has expired” https://mig5.net/blog/openvpn-2-4-crl-has-expired/
Just finished ‘The System’ from the razor-sharp mind of James Ball: “how an invention once hailed as a democratising force has concentrated power in places it already existed – that the system, in other words, remains the same as it did before.”
The message is clear; that many things need to be done to fix the mess that is the internet, that there is no silver bullet, and that old solutions may not lend themselves well to new iterations of the same challenges.
The OTF also helps fund Localization Lab, who drive a lot of translation work for many open source tools, including OnionShare. Their team and volunteers are incredible. They’ve even taught me to write English in a way that is less ambiguous to translate.
Please sign this petition https://saveinternetfreedom.tech
I wrote the Stem implementation for the ONION_CLIENT_AUTH control port commands, if anyone wants to help test: https://github.com/torproject/stem/pull/67 #tor
Oups, https://mastodon.tetaneutral.net SSL cert expired.
HTTP Basic Auth alternative with Nginx auth_request and a custom auth form
https://mig5.net/blog/http-basic-auth-alternative-with-nginx-auth_request-and-a-custom-auth-form/
Simple Nagios config management with #Ansible https://mig5.net/blog/simple-nagios-config-management-with-ansible/ #sysadmin
TIL: #Tor added Control Port support for adding Client Auth in v3 onions, but only for the ‘client’ side (e.g TBB).
There is, as yet, no way to add the onion service side’s Client Auth settings via the Control Port.
In other words, Client Auth can’t be used with v3 *ephemeral* onions. (so not with #OnionShare, or even via Stem’s create_ephemeral_hidden_service())
https://lists.torproject.org/pipermail/tor-dev/2020-June/014375.html
Rebuilt my website in Lektor https://mig5.net/blog/this-site-is-now-built-with-lektor/
Just stating for the record that I stepped down from the role of sysadmin at Whonix, this week.
Just deployed a new #Tor relay with the excellent #Ansible playbook by @nusenu https://github.com/nusenu/ansible-relayor
@nusenu I’m new to your OrNetStats (thanks for providing). Is this current status typical of the ubiquitous nifty family (that I seem to see in almost every circuit :( )? Seems pretty bad? https://nusenu.github.io/OrNetStats/endtoend-correlation-groups
BLM, assault on journalists
US police assaulting Australian journalists during #BlackLivesMatter protests
What can be done about all these nifty servers :/ https://nusenu.github.io/OrNetStats/endtoend-correlation-groups I don’t think I’ve seen entry/exit nodes match up with them (at least when I’ve been looking), but I don’t like seeing so many nifty relays across all my circuits, as in once per *every* circuit almost all the time.
That’s what you want... at least 4 Tor circuits all with an exit node in the same /24 and similar nickname 😵 #nifty
- Website
- https://mig5.net
- Pronouns
- he/him | il/lui
Linux sysadmin consultant, working across the realm of DevSecOps for various organisations around the world.
One of the core developers of the #OnionShare project, also working on similar projects and with organisations in the open source data privacy/freedom ecosystem.
Available for hire on a contracting and telecommute basis.
This account is protected but please feel free to send a request if you're human (and a decent one).
Joined Jun 2020
