Skip to main content

Site hosting update


what's this site all about then?!

This site has been around since 2016 in one form or another and tends to get heavily modified with little warning! I created this site for two reasons:

  1. as a place to put down my thoughts about the things that interest me, such as technology, techno, aviation and travel, amongst others.
  2. as a testing site for some of the new and interesting security related features that are available on the internet.

That second point means that this site was hosted in an AWS S3 bucket, served via Cloudfront (with Lambda@Edge injecting Content Security Policy headers) and is IPv6 enabled. In previous incarnations, it was self hosted on an EC2 instance just to get the CSP headers to work, but Lambda @ Edge smashed that one out the park!

However, I recently migrated away from that AWS tech stack to just for simplicity. I wasn't updating the site very often so figured I'd migrate to a blog site for a while and see how that goes. For now, it's really simple and cheaper, which is a bonus given what's happening in the world right now.


Popular posts from this blog

Threat modelling this website

My previous post looked at producing a C4 model for my (simple) website. This post takes that a step further and looks at how we can use C4 modelling to elicit security and privacy threats using two frameworks: STRIDE . Most people know STRIDE, it’s derived from the Microsoft security threat modelling process from the early 2000s and represents Spoofing, Tampering, Repudiation, Information leakage, Denial of service and Elevation of privilege. LINDDUN . This is not so widely known but I first came across it in one of the Application Security Podcasts on  Privacy Threat Modelling . “ LINDDUN  was created in 2010 as a collaboration between the DistriNet and COSIC research groups of KU Leuven, Belgium”. It is a framework, not unlike STRIDE, which represents Linkability, Identifiability, Non-repudiation, Detectability, Disclosure of information, Unawareness and Non-compliance. However, both STRIDE and LINDDUN base themselves around classical threat modelling techniques which, in my opinion

Smart home equipment

My home is relatively smart in that I run a Home Assistant server with quite a few integrations with lighting, motion sensors, door/window sensors, CCTV, temp/humidity, energy and heating so I figured I'd list out my tech choices and any good/bad points that I've found while in use. My tech choices are now pretty stable after a few iterations over a few different types which means I have time to write a blog about it rather than play with Home Assistant all the time! Home Assistant This is the brains of the operation - it sits in the garage running on an old Shuttle PC with a DeConz Conbee II Zigbee stick in the back and is exposed to the internet so that the associated Android phone app can communicate with it at all times. That's pretty useful as I have a bunch of geo based automations hooked in but means that I have to be on top of my security model. Home Assistant has been rock solid for many years now. It's consumed A LOT of time in configuration and maintenance b

C4 modelling this website

This site has been around for a few years now and has changed significantly, mainly from an infrastructure perspective, over that time. That can be done as the site gets very few hits so I can use it to test features and experiment without worrying about outages.‌ In a work context, I very much promote the use of  C4 modelling  as a consistent and clear means of expressing a system architecture. C4 modelling struck a chord with me when I first came across it as it takes the best bits from UML and structured systems engineering, which is my background, but allows them to be used in a more agile (with a small ‘a’) software development context. Consistency is also the key; on a daily basis I review a handful of threat models which have historically been drawn using  any  drawing method (logical, physical, software based, high level, low level, etc) and tooling that you can imagine. Such a lack of consistency brings with it a time burden; it takes time to understand how each of the varying