Feel free to browse around and you'll have a pretty good idea of what this is about. I write about security, privacy, vulnerabilities and exploits, retro computing, various programming languages and my projects. I might have written some stuff that's in my GitHub, but I'll never admit it anyway.

Hacker. Not Phineas Fisher. My other computer is your computer.

#Tor · #Ricochet · #Debian · #Infosec · #CubeSat · #OSdev · #Cyberpunk · #Cypherpunk

If you want to contact me, do it. I might answer. Probably. Or not.

 PGP  Key: 0xFAEA6AF5567BE45D
Fingerprint: 9AB8 10E5 AC82 1C12 53A3 D1D8 FAEA 6AF5 567B E45D

Favorite Movies, TV shows and Short Movies

A “small” and non-exhaustive list of my favorite full-featured movies, TV shows and short movies; ordered alphabetically. Constantly updated (March, 2019).

Rating system: In my humble opinion, those movies are all 1010 (IMDB stars) so in order to implement a rating system I will additionaly rate them 15. A movie with a 1 personal rating is not a bad movie, just means I’ve enjoyed it more than Titanic or the newest shield-throwing love-making silly-talking superhero flick.

Warning The page contains lots of images and no IMDB links.

Building Shallot on macOS

Shallot allows you to create customized .onion addresses for Tor’s hidden services. (By customized, it is meant that part of the address can be selected. Choosing an entire address would take far longer than the universe is believed to have been in existence.) - Project Github page

Make sure you have Homebrew installed and start by installing the Homebrew OpenSSL package:

$ brew install openssl

DNS servers

A public recursive name server (also called public DNS resolver) is a name server service that networked computers may use for query to DNS, the decentralized Internet naming system, in place of or in addition to name servers operated by the Internet service provider to which the devices are connected.

Below is a list of public DNS service operators.


Quad9 is a not-for-profit public-benefit organization supported by IBM, Packet Clearing House (PCH), Global Cyber Alliance (GCA), and many other cybersecurity organizations for the purpose of operating a privacy-and-security-centric public DNS resolver. Its main differentiators from other DNS resolvers are that it does not record the queries users send to it, and that it automatically blocks domains known to be associated with malicious activity. Quad9 offers DNS over TLS service over port 853, DNS over HTTPS over port 443 and DNSCrypt service over port 443. - Wikipedia


DNS over TLS

Compile a list of all Facebook-owned IPs

Sometimes you want to block all Facebook IPs for various reasons (1, 2, 3, 4, 5, 6, 7, 8). Sometimes you really really do want that (and you should do it), so compiling a list with all the IPs is easy (both IPv4 and IPv6):

$ whois -h whois.radb.net '!gAS32934' | tr ' ' '\n' | awk '!/[[]]/' > facebook-ips-ipv4.txt
$ whois -h whois.radb.net '!6AS32934' | tr ' ' '\n' | grep '::' > facebook-ips-ipv6.txt

And a list of Facebook-owned IPs will be saved into the facebook-ips-{ipv4/ipv6}.txt files, ready to be used.

Azure and Full Disk Encryption


Here is a small tutorial on encrypting a Microsoft Azure virtual machine disk.

Preparing the Azure Virtual Machine

Enable the Azure Key Vault provider within your Azure subscription.

$ az provider register -n Microsoft.KeyVault

Create a resource group in your favorite location (keep in mind different locations enable different features, some VM sizes are not available in other locations).