Security-Bits.de

After a long while, I’ve finally managed to write a few lines on my telescope. In addition it’s the last chance to motivate you to see the rings of saturn from your own garden.

I’m often told my home network is typical me and far to complex. For me it’s just as complex as necessary, as I honestly don’t have very much time to invest. Here a few notes on how I got here and why

The German elektronische PatientenAkte or electronic patient file is a central approach, storing notes from all doctors on all generally insured patients in a central, more or less, secure place. Sadly it’s just having a rough start with risk analysis excluding nation state attackers and various proven attack vectors. I did a small writeup for friends and familiy which I didn’t want to share openly, but well, it sadly seems necessary.

As already mentioned on various channels, I brought a fun little card printer with me to this year’s H2HC in Sao Paulo. Here a little bit of information on getting something printed!

Back in 2019 I gave a presentation at hardwear.io titled “Day One with a TTIG-868” . My talk was aimed at two aspects: An insight into device, I was curious as I had seen multiple commercial LoRaWAN gateways before and sharing the concept of single day security tests. Right now, I’m back at the point to want to stress the method as a potential quality assurance approach.

Most things that can easily kill you and others, require certification to ensure that applicable measures to reduce risks have been applied and that they’re functional. While all this is pretty trivial in the analog world, open a door -> release a switch -> open switch triggers a relay -> machine stops, the digital world is a little more complex. Especially when a program running on an operating system periodically scans an I/O port to check whether it has changed its state. Even when using interrupts things don’t get much easier. Here a few things to consider when looking into similar topics.

A while back I started looking for a solution with which I could prove to be able to work safely from home while breaking devices. Sadly, I wasn’t able to find anything small and cheap enough to actually fit my desk. The best options I found where actual workbenches and tables in various sizes. Thus I decided to design my own Electronics Working Environment.

Back when COVID had started and the first vaccinations had been applied, there was the fun challenge of proving one’s vaccination status. It ended up working based on a digital signature provided as QR Code on a piece of paper. Needing it every day, paper didn’t quite have the necessary durability, the digital versions only helped people with smart phones, so I created a plastic card alternative.

Possibly highly intuitive to others, but a real b**** when not being fit. Here an insight into how to configure a Site to Site VPN with OpenVPN and two OPNsense routers and multiple subnets on both sides.

In Germany petrol stations have to regularly share the price of their products with a government agency. In addition public APIs were created, which give close to realtime access to the prices. Here a little example on how to fetch and use the data.