Security-Bits.de

Back when COVID had started and the first vaccinations had been applied, there was the fun challenge of proving one’s vaccination status. It ended up working based on a digital signature provided as QR Code on a piece of paper. Needing it every day, paper didn’t quite have the necessary durability, the digital versions only helped people with smart phones, so I created a plastic card alternative.

Possibly highly intuitive to others, but a real b**** when not being fit. Here an insight into how to configure a Site to Site VPN with OpenVPN and two OPNsense routers and multiple subnets on both sides.

In Germany petrol stations have to regularly share the price of their products with a government agency. In addition public APIs were created, which give close to realtime access to the prices. Here a little example on how to fetch and use the data.

A while back Germany decided it would be a good idea to regulate the IT infrastructure in doctor’s practices. While obviously a smart move, it resulted in strange interpretations and even stranger architectures being implemented. This post shows the actual setup. But, er ist auf deutsch (it’s in German).

I recently received a nanoBTS 165G, which strangely enough made a rattling sound. While it’s a bad sign, as there might be a chance to short out and break the BTS, it’s a super easy fix. Here the insights!

One of my big Todo List projects is temperature monitoring for the house. Being a big fan of wired approaches, many available solutions don’t match my requirements or are far to expensive. Luckily Olimex published the perfect plattform a while back. I finally managed to get one. Here are some insights.

A lot of time is invested into defining and describing OT Security or Operational Technology Security, especially in contrast to IT Security. It’s very often hard to draw a proper line between both and complicated to keep it strict. Here is a little insight into why the line helps, where it makes things worse and a few recommendations on dealing with the resulting challenges.

A while back Germany decided it would be a good idea to regulate the IT infrastructure in doctor’s practices. While obviously a smart move, it resulted in strange interpretations and even stranger architectures being implemented. This post shows a secure reference architecture with explanations. But, er ist auf deutsch (it’s in German).

Working on trainings to teach basics can be very frustrating due to the word basic. The big question is: What is basic and what are basics?

Yet another PoC from my to do list: Which data passes through the SIM card on a data modem? The specific question was, whether the APN credentials where passed to the SIM and could be intercepted with a SIMTrace. This post gives a quick overview on how to use a SIMTrace2 to create a PCAP trace.