Starting the year in security

2 minute read

Welcome to 2018! I hope you had a great new year. First, lets talk about the major security thing of this week. Next I will give a quick update on what I am planning this year.

You are being tracked

It turns out ad targeters are using your browsers’ password manager to keep a track on you.

By using hidden forms in the browser they trick the browser into giving them your usernames and passwords. This is done to fingerprint you so they can track you even when you have removed tracking cookies and use the Do Not Track (DNT) feature of your browser. This obviously is very bad situation.

How to protect yourself

I highly recommend using password managers, they keep you very safe by using unique passwords for every single account. To prevent them being abused this way you will need to change your browser settings to prevent autofill from occuring. Lets take a look at how you can do this in Chrome and Firefox.

Within Chrome you can visit the settings URL chrome://settings. Here, under Advanced, you will find Passwords and Forms. This section allows you to change the autofill settings.

Change the autofill settings in Chrome

For Firefox the same approach works. Go the configuration URL about:config, accept the warning about warranty and search for autofill. Double clicking on signon.autofillforms will toggle the value to false.

Change the autofill settings in Firefox

If you use a different browser or an external passwordmanager, please check their settings to change this behaviour. With that you should be a little safer again.

Personal life

My life has changed a bit since the summer. You might’ve noticed that the live coding has stopped and my videos are not that frequent anymore. This is mostly due to me having 2 jobs at the moment.

Teaching

Since the summer I have been teaching a security semester at the Amsterdam University of Applied Sciences. This has been an awesome, but time intensive, experience. I taught both Infrastructure Security as well as Incident Response, for which I actually designed and built the course materials.

At the end of January the semester is over. What will be next? Well, I am going to attempt the OSCP certification by Offensive Security. I am aiming to have that done in a timeframe of about 3 months. This means I would be able to do the examn before the summer.

Clojure

Last year I did about half of the Advent of Code. I did it in Go, which made some people ask if I was still into Clojure at all. The answer is YES. I love Clojure, nothing beats its productivity, but my curiousity makes me look at other languages as well, such as Go.

I am still building apps in Clojure, but I have very little time to do it in the public light, such as live coding.

What to expect this year?

I am focussing my first 6 months of the year on security. I will try to (semi) regularily post about software security and do some videos on the topic as well. Perhaps there will even be some time to show my security related Clojure projects in these as well.

Tags:

Updated: