URL filtering HTTP(S) proxy on Qubes OS

In this article, you will learn how to configure a squid proxy on Qubes OS to filter outgoing http(s) queries.

https://dataswamp.org/~solene/2025-08-29-qubes-os-filtering-out-proxy.html

gemini://perso.pw/blog/articles/qubes-os-filtering-out-proxy.gmi
#qubes #qubesos #security #squid

@solene

alcinnz
alcinnz boosted

Them: Why are you so concerned about #privacy? I mean, if you are doing nothing wrong who cares if Siri and Alexa are listening?

Me: I don't have time to explain five thousand years of history, the psychology of the Dark Triad, how often big companies fail at #security, and how Big Data works. Especially considering the look in your eyes when I said those words. So I'll just nod and stop here.

#HumanCondition #security

alcinnz
alcinnz boosted

After reading (and implementing) "Protecting against CSRF in 2025" (see link below), I'm wondering now whether cookies should still have any SameSite attribute at all, or whether it would be better to completely drop it and keep whatever is the browser's default for (session) cookies handling?

https://words.filippo.io/csrf/

#web #security #cookies #csrf

The next scheduled "Network Management with the OpenBSD Packet Filter Toolset" fullday session is at EuroBSDcon in Zagreb, 2025-09-25 10:30–17:30: https://events.eurobsdcon.org/2025/talk/FW39CX/

register here: https://2025.eurobsdcon.org/registration.html

#openbsd #freebsd #pf #packetfilter #networking #security #eurobsdcon

Them: Why are you so concerned about #privacy? I mean, if you are doing nothing wrong who cares if Siri and Alexa are listening?

Me: I don't have time to explain five thousand years of history, the psychology of the Dark Triad, how often big companies fail at #security, and how Big Data works. Especially considering the look in your eyes when I said those words. So I'll just nod and stop here.

#HumanCondition #security

Greg Lloyd
Greg Lloyd boosted

If you've ever typoed ghcr to ghrc, particularly with a "docker login" or any automation that performs a login to the container registry, I'm seeing a strong indication that your GitHub credentials have been leaked to a malicious actor.

https://bmitch.net/blog/2025-08-22-ghrc-appears-malicious/

#docker #container #registry#OCI #security

📢 The EU's Chat Control law would force scanning of all private messages—including encrypted apps & emails—to fight child abuse 🛡️

Experts warn of mass surveillance, privacy loss & false accusations from automated scans 🔍

Citizens can now email their MEPs directly to say NO. Take action before the Oct 14 vote 🗳️
✉️ https://fightchatcontrol.eu/

@Dexerto

https://www.dexerto.com/entertainment/what-is-fight-chat-control-viral-campaign-takes-off-over-proposed-eu-laws-3238717/

#Privacy#Encryption#EUlaw#ChatControl#DigitalRights#Surveillance#WhatsApp#Signal#Telegram#EU#Europe#Law#Security

@debacle No. I thought until recently that usepackage only installs released packages on ELPA, MELPA etc. so that I installed unreleased packages with straight that uses github directly. I only now learned that use-package can do this without straight. I know the brilliant package from Jason Ross for quite a while, which exports from org to context, which makes my writing workflow complete.

#security is always an issue but emacs seems to me quite robust in this regard. It's not npm. ;-)

@juh

That's the #Emacs equivalent to #curlPipeSudoBash, directly from trustworthy #MSGitHub? 🙂

#security #git