I have a storage box in my house that stores important documents, backups, VM disk images, photos, a copy of the Tor Metrics archive and other odd things. I’ve put a lot of effort into making sure that it is both reliable and performant. When I was working on a modern CollecTor for Tor Metrics recently, I used this to be able to run the entire history of the Tor network through the prototype replacement to see if I could catch any bugs.
I’ve been thinking about improving my DNS setup. So many things will use e-mail verification as a backup authentication measure that it is starting to show as a real weak point. An Ars Technica article earlier this year talked about how “[f]ederal authorities and private researchers are alerting companies to a wave of domain hijacking attacks that use relatively novel techniques to compromise targets at an almost unprecedented scale.”
The two attacks that are mentioned in that article, changing the nameserver and changing records, are something that DNSSEC could protect against. Records wouldn’t have to be changed on my chosen nameservers, a BGP-hijacking could just give another server the queries for records on my domain instead and then reply with whatever it chooses.
I wrote on Monday about how I’ve swapped my home router for an OpenBSD box. One of the fun things I’ve done with this box is configure it as a network time server using ntpd(8).
Synchronising time with servers on the Internet isn’t that exciting, but I’ve had a USB GPS dongle sitting doing nothing for a while. I originally purchased it to use with amateur radio projects but I haven’t done much radio recently. It looks like you can pick these up on eBay for around £11.00 and the newer ones also support GLONASS (mine only does GPS as far as I can tell).