In a previous post I shared my experience with moving my page from Github pages to Cloudflare. It is now time to follow up that post and comment on my experiences after approximately a quarter. The experience of publishing new posts is about the same as when hosting on Github, you just push an update to the specified branch and then a build is triggered that will be published upon completion. The main difference is that the build process is somewhat slower in Cloudflare than on Github. This means that a build can take about 5 minutes, instead of the previous 1. This is most likely due to the fact that Cloudflare pulls everything and builds locally, instead of using Jekyll remote themes. ...

When looking at the communications of the major players in the operating system market (for both computers and smartphones) there are one company that repeatedly talks about privacy more than the others. The company I am thinking about is Apple. Their continuous talk about privacy got me curious, how do they handle their users privacy. And when curious it’s time to investigate, so I dug into their Privacy Policy (Updated June 1, 2021), and my thoughts resulted in this blogpost. ...

This investigation should not be taken as a full review of the browsers, but wishes to highlight the differences that different browsers have in how they handle user privacy. The test aims to give an overview, not describe in detail what each browser does or does not do. Methodology To perform this test I created a new virtual machine based on Windows MSEdge win10 VM. In this VM I installed the browsers intended to be tested, using the default configuration. After that I configured BurpSuite as a proxy for the VM, so that all traffic is routed through it. This way it will document all the traffic that the browser in the VM is sending. ...

Previously I’ve written a post about security for development teams, and now it’s time for the continuation. Just as for developer there are great benefits in performing security tests for administrators. However, the methodology when testing the infrastructure is not the same as when testing an application. In this post I’m going to introduce categories of testing for administrators in much the same way as I did for developers, allowing any team to begin thinking about security and performing basic security testing. The categories proposed can also be adapted to be used as requirements, more so than the ones used for developers. This is since they are easier to apply regardless of what solution is tested. ...

I’ve been looking around on how to get some statistics from my blog, especially regarding the number of visitors. Sadly the current solution (GitHub pages) does not seem to natively support this kind of statistics without adding third party tracking. After looking around for different solutions Cloudflare caught my attention. I know that among others, Troy Hunt writes about and uses Cloudflare, so I decided to give it a try. Migrating from GitHub pages to Cloudflare pages was as easy as configuring what GitHub repo to use in Cloudflare, picking Jekyll and then it just worked. Right after the page was built you see some basic statistics, such as the amount of request grouped by country. Below the first hours of traffic is shown in a map, as presented by Cloudflare. ...