diff options
| -rw-r--r-- | TODOs.org | 33 |
1 files changed, 32 insertions, 1 deletions
@@ -1,4 +1,7 @@ * Tasks +:PROPERTIES: +:CUSTOM_ID: tasks +:END: ** TODO External volume #+BEGIN_SRC hcl variable "storage_name" { @@ -36,6 +39,10 @@ re-creating everything from scratch. - http://rkhunter.sourceforge.net/ ** TODO Security review https://cheatsheetseries.owasp.org/Glossary.html +* Bugs +:PROPERTIES: +:CUSTOM_ID: bugs +:END: * Services ** TODO =git.$tld=: cgit ** TODO =$project.$tld=: static documentation for projects @@ -44,8 +51,32 @@ https://cheatsheetseries.owasp.org/Glossary.html ** TODO =chat.$tld=: Matrix/XMPP ** TODO =meet.$tld=: Jitsi/Nextcloud Talk ** TODO =$tld=: Jekyll blog +* Improvements * Decisions -** Matrix over XMPP +:PROPERTIES: +:CUSTOM_ID: decisions +:END: +** DONE On public SSH key leakage +:PROPERTIES: +:CUSTOM_ID: d38019ac-a2ad-484d-91e5-f4bdb1fa00ca +:END: +CLOSED: [2020-11-29 dim. 00:27] +- State "DONE" from [2020-09-06 dim. 00:00] + +As described in "[[https://rushter.com/blog/public-ssh-keys/][Public SSH keys can leak your private infrastructure]]", public +SSH keys can expose undesired infrastructure, specially for targeted attacks. + +I'm not considering this a threat, since the link between the server and me is +already public. It may be much more effective to just change the SSH port away +from the default: it doesn't accomplish the same thing, but it prevents simple +detections. It is still possible to find this out via a script, but is orders of +magnitute harder for the attacker. +** DONE Matrix over XMPP +:PROPERTIES: +:CUSTOM_ID: de89fc4e-5c36-4f6b-9227-221b70e9f321 +:END: +CLOSED: [2020-11-29 dim. 00:29] +- State "DONE" from [2020-11-29 dim. 00:29] I'm picking Matrix. Not because of the protocol or anything else, but because it has the two relevant double-puppeting bridges: mautrix-telegram and mautrix-whatsapp. |