Subsonic and licensing

Subsonic Subsonic is a reasonably neat “personal cloud” sort of thing for playing music. In many ways, it replicates the Owncloud Music application. I’m a fan of that too, but switched to Subsonic once it became clear that upgrading OC would always be a trial. Unfortunately, although Subsonic is open-source, it includes a bunch of money-making “premium” stuff backed by a licensing scheme. This includes nagware, etc. With an open-source project, you can just fork it and release a version with all that crap removed, of course, and that’s precisely what @EugeneKay has done.

Read More

York Festival of Ideas 2015

Users vs. Techs This year, I learned about York’s Festival of Ideas. Started in 2011, this year’s theme was “Secrets and Discoveries”, which included a whole day (today) on Surveillance, Snowden and Security. Right up my alley, so off I went. This article is really about things that were brought up in a panel discussion, entitled The Future of Cyber-Security. I don’t know if these things are being recorded and uploaded, but I’ll link if it becomes available.

Read More

DNSSEC + DANE: Part 2

Setting up DNSSEC + DANE ( + SSHFP ) Assuming you’ve been convinced that it’s a good idea to set up DNSSEC and DANE, the point of this article is to demonstrate how I did it for my own domain - the individual steps to get from nothing to valid DANE records weren’t very difficult; just not documented in a recipe-style guide anywhere. Hopefully, this will help you get set up.

Read More

DNSSEC + DANE: Part 1

Problem Communications on the Internet overwhelmingly rely on SSL/TLS for protection. There are two forms of protection this is meant to provide - from snooping of traffic, and from impersonation. The first of those gets a lot of attention but, unless we have the latter as well, an attacker can snoop on your traffic by performing a man-in-the-middle attack on you with a dodgy certificate. Unfortunately, the current method of providing protection-from-impersonation is terrible.

Read More