Tag: Site News

Defcon has concluded and I’m back in the Twin Cities. I plan to write a post detailing some of the cooler things I saw at the conference later but for now I’m just going to say I had a great time. Things may be a little slower around here than usual as I recover from my absence (557 unread e-mails, yay) but new material will be posted at regular intervals again.

I’m at Defcon (be jealous) this week so things are going to be very slow around here. I hope to have some good material to write about when I return but you’re going to have to be patient.

I have places to go and things to do. Check back next week.

I made a few updates to the site. Why do things still look the same? Because all the changes I made were on the back end.

A report released by Netcraft discussed the severe lack of servers that implement perfect forward secrecy (PFS). I hadn’t given PFS any thought but I decided to implement it yesterday. What does this mean to you? As we know, the National Security Agency (NSA) has been busy collecting everybody’s data. The agency claims to dispose of any information from persons inside of the United States but save all encrypted data because the identify of the creator can’t be verified (in truth, the NSA is almost certainly keeping all data regardless of the physical location of the creator). It’s saving everything in the hopes of decrypting it later.

Normally, under Hyper Text Transport Protocol Secure (HTTPS), any intercepted data can be decrypted with the private key. PFS negotiates a temporary keypair between a server and each client. This means the NSA can’t decrypt HTTPS secured data even if they are able to obtain a copy of the server’s private key.

Additionally, I redirected the unsecured version of this site to the secured version. If you try to access http://blog.christopherburg.com your browser will automatically be redirected to https://blog.christopherburg.com/.

Apple went and dropped a new version of iOS, which means I have to go update my know how again. Since I’ll be diving into pages of boring documentation to update my skill set things may be a little slow around here. I know I promised a guide on using Thurnderbird and Enigmail to send encrypted e-mails, and I will deliver it, but Apple’s latest drop is putting that guide on the back burning.

I’d apologize but I’m not sorry because I don’t get paid for blogging (unfortunately).

Today marked the beginning of a short vacation. Since I will be occupied with other matters I won’t be attending to this blog until the conclusion of my vacation. But have no fear, I wrote material for your enjoyment already!

Anyhow, enjoy yourselves.

I had a busy weekend and didn’t get back into town until 22:00. By the time I unpacked and settled back in I was too tired to get any posts written. Too bad, so sad.

Good news, if you’re seeing this it means my server is back online, running OpenBSD 5.3, and using the Nginx web server instead of Apache.

The only difference you may notice is Server Name Indication (SNI) is now working. What does this mean? It means you can use a secured (SSL) connection for https://blog.christopherburg.com/ and https://www.christopherburg.com/ (unless you’re still running Windows XP or an even older version of Windows, then SNI won’t work for you and you’ll have to keep using https://blog.christopherburg.com/ instead). Basically SNI allows me to have different virtual hosts use different certificates. Since I can get valid certificates for a single subdomain for free it’s cheaper for me to use a different certificate for each subdomain than to acquire a single certificate that is valid for every domain (if I made money off of this site I would have just purchased a certificate but I do this for free so you get what you pay for). I’m not sure if anybody will use it but it’s there for those who want to.

I’ll be tweaking things for a while so the site may be up and down throughout the evening.

Starting this afternoon or evening this site will likely be down. OpenBSD 5.3 was released so I want to upgrade the server and I’m planning on switching the web server from Apache to Nginx. As with most upgrades I expect this one to go smoothly but know it will turn out to be a rather frustrating affair. On the upside when it’s done this site should be… exactly the same as it is now. Still, the back end stuff will be newer!