Available immediately is a new super-simple WordPress plugin, Logout Clear Cookies, which does just what it’s name says — when you log out of your WordPress site, it will clear all the cookies that WordPress has set in your browser. Because leaving a trail of cookies behind you is bad! more …
Update 2/2016: You don’t need to follow any of the instructions in this post any more! You can just enable a Let’s Encrypt certificate in the Dreamhost panel! But if you want to generate your own Let’s Encrypt certificate locally and add it to your site, keep reading, original post follows …
EFF’s Let’s Encrypt initiative just made getting a free, CA-signed server certificate easier than it’s ever been before. Running a single command generates everything you need, obtains the public cert and even installs it into your webserver of choice. So let’s encrypt, and move the web closer to HTTPS everywhere!
Here’s a quick tutorial for using Let’s Encrypt with Dreamhost’s shared hosting. It’s not quite automatic, since you’ll have to copy-paste 3 things into boxes via the Dreamhost web panel, but it’s a lot simpler than the alternatives. As someone who’s done this the old way countless times, Let’s Encrypt was shockingly easy! more …
Yesterday, Google revealed that it had used its “security of last resort” remote removal feature this week to wipe 58 malicious applications from user’s devices.
Google also removed the bad apps from the Android Market, contacted law enforcement, and is pushing a security update to protect devices’ identification codes. Needless to say, these are all good moves, and unlike some privacy advocates I’m not going to quibble with Google’s remote app removal power as long as it’s being used conservatively, in a security context, as in this case. Analogous to public health or combatting botnets, Google must be able to wipe malware from people’s phones to protect everyone, not just the infected.
What does bother me about this news is that these applications appeared in the Android Market at all, where they were available for some time before being reported to the Android security team. I’ve owned an Android phone for a couple of months now, so I thought I’d weigh in on one of the sad realities of the experience: I find myself increasingly worried about security, certainly more so than I have been about any personal computing device since the last time I ran a Windows PC 10 years ago. more …