Why I completely switched this website to HTTPS (and why you should do the same)

Posted on Sat 22 August 2015 in Sicurezza

I must admit it, there was a time when I was not using HTTPS, not even to protect the admin section of the website. This means that anyone could have intercepted the password and published (or deleted) things in my name. Since a couple of years ago I started protecting my admin sectio using an SSL certificate.  I haven't done it before for a couple of reason: my hosting was on a provider that required a lot of money (something like 100\$/year) to enable SSL support, plus an SSL certificated costed at least 100-120\$/year.

When I migrated my website on my own VPS on DigitalOcean I finally discovered that StartSSL was giving free class 1 certificates and I immediately got one. I made the mistake to just serve the admin pages using HTTPS, not all the website. I regretted about this decision after readin a couple of articles that were explaining how some internet providers where changing served HTTP pages injecting their own ads or banner. That was unacceptable to me and I swicthed the whole website to HTTPS.

Basically, if you don't serve even your personal website using HTTPS, someone could change the page while it's being transfered to the requester. Imagine if you have (like me) a page on your blog that let people download your public PGP key. Users could be served with a different key, so someone else would be able to decrypt a message intended for you only. Scary, isn't it?

If you need more informations about how to request a StartSSL certificate and how to install it on Nginx/Apache, I can suggest this nice tutorial: https://konklone.com/post/switch-to-https-now-for-free

If you need to serve a WordPress website, that configuration is not enough. In that case you may want to have a look at my own Nginx configuration, available at this address: https://gist.github.com/andreagrandi/5de9dc9c4eb7e732764c

p.s: if you are you curious to try how Digital Ocean VPS works and fancy 10\$ credit (enough for 2 months if you choose the basic droplet) for free, use this link and enjoy it https://www.digitalocean.com/?refcode=cc8349e328a5

Scollegate i carica batterie quando non li usate!

Posted on Tue 23 September 2008 in Sicurezza • Tagged with batterie, carica, nokia

nokia charger

Secondo quanto dichiarato da Nokia (che negli ultimi device usciti addirittura visualizza un messaggio di avviso sul display quando il dispositivo è completamente carico), è stato calcolato che se anche solo tutti gli utenti Nokia scollegassero i loro carica batterie quando la carica è completata, si potrebbe risparmiare energia per alimentare circa 100.000 case di media dimensione in tutta Europa.

Quando si lascia il carica batterie inserito nella presa di casa infatti, viene ugualmente consumata una certa quantità di energia che noi riteniamo irrilevante o addirittura non esistente. A leggere i dati di Nokia non è così.

Questo ovviamente non vale soltanto per i loro carica batterie, ma anche per quelli dei cellulari di altre marche. Se vogliamo dare il nostro piccolo contributo per il risparmio energetico mondiale, tutto quello che dobbiamo fare è scollegare il carica batterie dalla parete una volta che abbiamo finito di ricaricare il cellulare.