VULNSCAN
  • Home
  • About
  • Hire me

Back and available for hire

I still plan to talk about IRC, Security and Linux, all those topics I love and still have plenty to say about. I had good intentions when I started this blog but sadly haven't been posting for quite a while. Life went on as usual but I just haven't been
Jun 23, 2023 1 min read

Data of hundreds of thousands of Dutch students sent unencrypted for years

Magister, the most widely used school administration software in The Netherlands, has been sending exam results and personal messages of students unencrypted over the internet for many years. They were informed repeatedly past 18 months about this issue but it was only fixed two weeks ago. UPDATE: After publishing this
Aug 14, 2018 8 min read
GDPR

The GDPR: Sending personal data by email

Traditional email is insecure: data travels over the internet unencrypted and can be intercepted. So, what does the GDPR say about sending personal data over email? Is it acceptable if certain technical measures are taken? This article starts with quoting what the Europen General Data Protection Regulation (GDPR) says about
Aug 11, 2018 9 min read

Why do some major websites still not use SSL/TLS?

There seems to be misconception out there: If a site never requires user input then there is no reason to use SSL/TLS. This is wrong. SSL/TLS is not only for securing logins or forms! A practical attack on a major news site 1. User visits an insecure news
Feb 1, 2018 2 min read
IRC

Improving IRC security step by step

I've been working at UnrealIRCd since 2001 to make IRC more secure. Below I would like to share the journey that IRC has taken so far with regards to deploying SSL/TLS and the way ahead. Step 1: Make IRC software support SSL Fortunately this step was completed long ago.
Sep 9, 2017 5 min read

Buffer overflow issue in UnrealIRCd, despite use of strncat

Today I had to release UnrealIRCd 4.0.11 due to a buffer overflow issue. In this article I give more information on the bug and exploitability. To UnrealIRCd users: You can upgrade the IRCd without a restart The bug First, the actual issue. This code is present in a
Feb 10, 2017 3 min read

YubiKey and 4096 bit RSA support

Yesterday I received my YubiKey 4. I ordered it so I could safely store my 4096 bit code signing certificate. Turns out this is not possible. Despite YubiKey telling "YubiKey 4 now supports RSA keys up to 4096 bits!" in a blog post and in their product comparisson. What!? Turns
Jan 29, 2017 2 min read
IRC

Moving on

I'm the head coder of UnrealIRCd, an Open Source IRC server written in C. I've been involved with this project since 2001 and maintainer of the stable branch since 2005. TL;DR quick links: My free modules have been moved and Note to commercial users. About IRC If you don't
Jan 7, 2017 2 min read
Page 1 of 1
VULNSCAN © 2024
  • Sign up
Powered by Ghost