First Impressions using iStorage CloudAshur

I’ve been using iStorage devices for several years now and following the Sky News coverage of one of my data breach discoveries I was offered the opportunity to test out iStorage’s newest device; the CloudAshur Encrypted Cloud Module (don’t worry there aren’t any affiliate tags in this post [or anywhere on this blog for that matter]).

CloudAshur only supports Windows and Mac for now but the product has only just entered the market, I’m hoping they’ll support Linux/Chromebook soon.

Read more →

Automating LetsEncrypt Certificates and OpenBSD’s HTTPD using Ansible

My newest side project involves the configuration of OpenBSDs HTTPD(8) to serve a clients domain via plain HTTP and via TLS using an automatically provisioned LetsEncrypt certificate. The difficulty is that if we don’t have a certificate but we do have the config then httpd will fail to launch leaving the user in a worse situation than they were before. The answer is to use Ansible’s stat module and liberal use of Jinja IF statements.
Read more →

Using Tor Hidden Services and GPG to Create Difficult to Attack Offsite Backups

Backups are very useful and in the event of fire or theft it is very useful to have them offsite, however offsite backups leave your data at risk of compromise if the offsite storage is attacked. To prevent an attacker from locating your offsite backup (e.g. if you were backing up your laptop whilst in a hotel) and preventing theft of the data in the event the location is discovered one can use Tor and GPG.
Read more →