Reddit user ThatOnePrivacyGuy compiled this Google sheet with comparison of 130 VPN services.
It covers a whole lot of metrics for each – from pricing, encryption and configuration options to additional services, activism and jurisdiction. Enjoy!
Updated (May 22, 2017): If you want to learn more about different VPN providers, have a look at Anonymster.com.
Here’s yet another research confirming how much of a myth online security really is – “House of Keys: Industry-Wide HTTPS Certificate and SSH Key Reuse Endangers Millions of Devices Worldwide“:
We have correlated our data with data from Internet-wide scans (Scans.io and Censys.io) and found that our data set (580 unique keys) contains:
- the private keys for more than 9% of all HTTPS hosts on the web (~150 server certificates, used by 3.2 million hosts)
- the private keys for more than 6% of all SSH hosts on the web (~80 SSH host keys used by 0.9 million hosts)
So in total at least 230 out of 580 keys are actively used. Other research has pointed out the extent of this problem (Heninger, Nadia, et al. “Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices“, Durumeric, Zakir, et al. “Analysis of the HTTPS certificate ecosystem“). However using our approach, an attribution at a vendor/product level is now possible. Plus the private keys have now been obtained.
I’ve given up on privacy and security a long time ago. So I don’t really care much. But every time when my position is reinforced with things like “Weird New Tricks for Browser Fingerprinting“, I still lose some sleep for some reason. And she is on the good side too …
In a recent project I crashed into a wall. At least for a couple of days that is. The requirement was to integrate the Request Tracker (aka RT) installation on CentOS 7 server with Nginx to a client’s company single sign-on solution. Which wasn’t LDAP. Or Active Directory. Or anything standard at all – a complete homegrown system.
Continue reading Custom Single Sign-On with Nginx and Auth Request Module
SSO with Nginx auth_request module – SSO as in Single Sign-On. Absolutely beautiful solution for one set of requirements, and a horrendous for another. Worth knowing though.