TIPC: case study in proactive Linux hardening
If you needed a nice case study for a CTO presentation on how proactive Linux does work in real life scenarios, here;s one I’ve just found in my old commits searching for something entirely else - the CVE-2021-43267 published in 2021 in Linux tipc module.
In defense of the National ID and Digital ID
Having watched another round of the British NO2ID debate, which has opposed the introduction of a single national ID document since 2004, I cannot help but notice a rather drastic misconception of the problem, including among many IT professionals.
Practical process auditing on FreeBSD
Linux process auditing using auditd has matured and become a standard feature for host-level intrusion detection. The same functionality is available on FreeBSD, but it is significantly underutilised. FreeBSD has been available for longer, but is significantly underutilised. This is not because it doesn’t work, but primarily due to the absence of usage templates suitable for real-life scenarios. This article attempts to address this issue by providing a practical guide on how to set up and configure process auditing on FreeBSD.
Comparison between Wazuh and CrowdSec
Having gained quite a lot of practical experience with both Wazuh and CrowdSec host intrustion detection systems, I wanted to share a few notes on how these compare in real life.
“Bourgeois equalization” between Lenin and Stalin
The first Bolshevik in the beginning of 20th century can be blamed for may things, but wealth accumulation for personal use certainly wasn’t one of them. The key figures in the Bolshevik movements may have been merciless war criminals, but their personal needs were at very basic level and they actively tried to highlight this equality with proletarians surrounding them.
How EU Digital Cash might look like
With increasing announcements about the introduction of EU Digital Cash, I wanted to demonstrate what this might look like in practice. The GNU Taler project is funded by the ECB, so it is a strong contender to provide the technology for EUDC.
Worst case scenarios for Russia-Ukraine war
There’s a lot of chatter about yet another “peace plan” for #Ukraine from #Russia and the #USA, which now seems to be just a repetition of old maximalist demands with no room for compromise.
The real story behind EU QWAC
In 2023 technical social media were shaken by a wave of criticism of EU QWAC (Qualified Website Authentication Certificate) which, according to the critics, was essentially tool of mass surveillance. Below I demonstrate why this criticism was based largely on ignorance, carefully fueled by several US tech companies.
Impact of the October 2025 US sanctions
Alexander Pomazuev, head of International Advocacy, The Anti-Corruption Foundation (FBK), about the US sanctions that were introduced in regard to “just two” #Russia oil companies. I have only translated the text from Russian: