urn:uuid:f6d9e764-f597-5370-94e1-c01aa3928860
Ctrl blog
Daniel Aleksandersen
https://www.daniel.priv.no/
Copyright © 2023 Daniel Aleksandersen.
https://www.ctrl.blog/assets/logo/logo-square.svg
2023-09-10T22:12:00Z
daily
4
urn:uuid:c563f648-bb50-4a50-a1bf-7d83ebfb28cd
2023-09-10T22:12:00Z
2023-09-10T22:12:00Z
Microsoft has not stopped forcing Edge on Windows 11 users
Microsoft has <strong>not</strong> stopped forcing Edge on Windows 11 users
Microsoft announces vague changes to the default web browser setting for Windows Insider. Nothing but wishful thinking. Still force-opens web links in Edge.
<p>Microsoft published a blog post on the Windows Insider Blog in late August with a vague statement saying that “Windows system components“ were to begin respecting the default web browser setting. Windows 10 and 11 regularly bypass this setting and force-open links in Microsoft Edge instead. In my extensive testing, I haven’t found any changes in the new Windows Insider version.</p> <p><a href="https://www.ctrl.blog/entry/windows-system-components-default-edge.html#src=feed">Read more …</a></p>
urn:uuid:d17dde9e-ee38-47d3-b639-41ed8f29bc71
2023-08-08T12:56:00Z
2023-08-08T12:56:00Z
The trouble with decommissioning a used FIDO security key
The trouble with decommissioning a used <abbr title='Fast IDentity Online'>FIDO</abbr> security key
You can’t throw out your worn-out USB security keys when you can’t recall what locks they’re for. Physical security tokens come with their own problems.
<p>Five years ago, I wrote about adopting security keys — small second-factor authentication token devices — to secure some of my most precious online accounts. In that article, I foresaw a future problem and detailed how I planned to mitigate it. The future is now, and I did not heed my own advice. 🤦♂️</p> <p><a href="https://www.ctrl.blog/entry/security-key-decommission.html#src=feed">Read more …</a></p>
urn:uuid:2f548a61-84c1-4fbb-bf74-26990cab8ae2
2023-05-01T14:11:00Z
2023-05-01T14:11:00Z
The deafening problem with the FreeStyle Libre 3 app for Android
People with diabetes use the app to monitor glucose levels and trigger alerts when it goes critical. Unfortunately, it raises the volume to uncomfortable levels.
<p>I’ve finally begun using the Abbott FreeStyle Libre 3 continuous glucose monitoring (CGM) system a year after I first wrote about it. The newer sensor has been a significant upgrade except for a few issues. One of those issues could be damaging to your hearing.</p> <p><a href="https://www.ctrl.blog/entry/freestyle-libre3-volume-level.html#src=feed">Read more …</a></p>
urn:uuid:933ffdf1-dc6d-48c0-8ef3-4a7e35fdb230
2023-04-07T13:43:00Z
2023-04-07T13:43:00Z
Phone Link relays your personal data through Microsoft servers
<cite>Phone Link</cite> relays your personal data through Microsoft servers
The Phone Link app doesn’t transfer data directly between your devices over the local network. Instead, it allows Microsoft to peak at your personal data.
<p>The Microsoft Phone Link (formerly known as “Your Phone”) app for Windows, Android, and iOS lets you access parts of your smartphone from within Windows. However, Microsoft has not built the service with your privacy in mind. Instead, the software behemoth relays your personal data through its servers, despite the app only working while your devices are connected to the same local network.</p> <p><a href="https://www.ctrl.blog/entry/microsoft-phone-link-privacy.html#src=feed">Read more …</a></p>
urn:uuid:70607ead-1938-43b0-ba58-f4a0a34ef953
2023-02-05T21:38:00Z
2023-02-05T21:38:00Z
Norway’s BankID undermines anti-phishing best practices
An easily-spoofed iframe embedded onto every random online merchant’s websites is not a safe place to enter my bank password! Is it really BankID‽
<p>Imagine a privatized nationwide authentication system used to access government services, confirm contracts and online payments, and everything else. Now, imagine that the system was designed to be extra friendly to imitation and credential theft (“phishing”). Here’s everything wrong with Norway’s BankID authentication system.</p> <p><a href="https://www.ctrl.blog/entry/bankid-iframe-phishing.html#src=feed">Read more …</a></p>
urn:uuid:7b453461-c66a-45db-acb7-06207a4ef953
2023-01-01T22:26:00Z
2023-01-01T22:26:00Z
I’ve joined Vivaldi Technologies
Back in November, I began my new job as a Quality Assurance (QA) Tester at Vivaldi Technologies. Vivaldi is the productivity super-app of web browsers.
<p>On November 1st, I joined familiar faces from my days at Opera Software and new colleges at Vivaldi Technologies. I joined as a Quality Assurance Tester working on the Vivaldi web browser product for mobile and desktop.</p> <p><a href="https://www.ctrl.blog/entry/vivaldi-technologies.html#src=feed">Read more …</a></p>
urn:uuid:487cc23e-2503-4b15-83cc-46d73aa64d35
2022-11-14T22:15:00Z
2022-11-14T22:15:00Z
Sync issues finally drove me away from the Joplin note-taking app
Joplin for Android stopped supporting local file syncing and Syncthing. I tried cloud-storage alternatives, but the other sync methods are slow and unreliable.
<p>My note-taking app of choice for the last three years has been Joplin, an open-source note-taker for Android, Linux, MacOS, and Windows. As I discussed in my app review, the desktop app is good, but the Android app has some issues. In the last year, updates to the app have brought along more issues. I can no longer rely on it, and the time has come for me to migrate away from the Joplin app.</p> <p><a href="https://www.ctrl.blog/entry/joplin-notes-sync.html#src=feed">Read more …</a></p>
urn:uuid:1a7d38d8-2b1c-4c40-8933-fd052e8c2142
2022-11-08T22:29:00Z
2022-11-08T22:29:00Z
Don’t record your social life on an append-only social network
The tech behind peer-to-peer (P2P) social networks such as Secure Scuttlebutt enforces permanency. Absolute permanency isn’t what you want in a social network.
<p>Secure Scuttlebutt (SSB) is an alternative, self-governed, distributed social network without gatekeepers. You only see updates and mentions from people you follow, so moderation isn’t as much of an issue as on Twitter. However, the technology that powers the platform is ill-suited for sharing things with our ever-changing social circles.</p> <p><a href="https://www.ctrl.blog/entry/append-only-social.html#src=feed">Read more …</a></p>
urn:uuid:53bc6889-732e-49bf-9de2-08ec110fda20
2022-10-25T15:08:00Z
2022-10-25T15:08:00Z
First look at Microsoft PC Manager and its conflicting interests
First look at <cite>Microsoft PC Manager</cite> and its conflicting interests
Microsoft’s new PC cleaner app puts the company’s interests in front of its customers’. At least it doesn’t over-promise and under-deliver like its competitors.
<p>Microsoft is testing a new app to compete with the many dubious “PC cleaner” software available on the market (like CCleaner and CleanMyMac). However, Microsoft’s new app looks out for the company’s interests before its customers’.</p> <p><a href="https://www.ctrl.blog/entry/microsoft-pc-manager-conflicting-interests.html#src=feed">Read more …</a></p>
urn:uuid:8daecf9b-084a-4ec3-a0c3-b2e783c378c2
2022-10-21T13:13:00Z
2022-10-21T13:13:00Z
The frustrating RouterOS–WireGuard VPN peering bug
A bug in RouterOS’ webconfig interface caused me to waste hours troubleshooting what I initially believed was a mistake in my WireGuard VPN configuration.
<p>I’ve wanted to move my home virtual private network (VPN) server from a virtual machine onto my physical MikroTik router. I use the VPN to connect back to my home network to reach internal devices and services when I’m out and about. The router runs the RouterOS operating system, which supports WireGuard, a modern VPN protocol. I wasted several afternoons and late evenings but didn’t manage to set it up. It would turn out that a bug caused all my hardship in the MikroTik web configuration interface.</p> <p><a href="https://www.ctrl.blog/entry/routeros-wireguard-peer-bug.html#src=feed">Read more …</a></p>
urn:uuid:411d5307-7d8f-4581-b275-e63be128dc69
2022-10-15T12:23:00Z
2022-10-15T12:23:00Z
TP-Link network equipment hijacks some DNS requests
No one remembers the IP address of their favorite websites. Why should you remember your router’s IP address? TP-Link hijacks DNS to give itself a domain name.
<p>TP-Link network products — including Wi-Fi routers, repeaters, and access points (AP) — use deep packet inspection (DPI) to intercept specific domain name system (DNS) requests. Each product looks for one or two domain names and will hijack the request to issue a local response containing its own internet protocol (IP) address.</p> <p><a href="https://www.ctrl.blog/entry/tplink-dns-hijacking.html#src=feed">Read more …</a></p>
urn:uuid:4c301105-5fa9-4f2a-bd38-7604b11b9d70
2022-10-10T10:34:00Z
2022-10-10T10:34:00Z
I miss del.icio.us – the web’s discovery-engine and link classifier
The early 2000s social bookmarking and link-sharing website was great for organizing and discovering the web by topic. I really wish it still was around.
<p>Delicious (stylized after its domain <code>del.icio.us</code>) was a social bookmarking website. It might not sound all that interesting, but it was one of the best websites in the early 2000s. Here’s why I miss this defunct website so much.</p> <p><a href="https://www.ctrl.blog/entry/delicious-bookmarks.html#src=feed">Read more …</a></p>
urn:uuid:3e3cceea-cea2-4378-a8b5-845c629c3ec9
2022-10-09T12:20:00Z
2022-10-09T12:20:00Z
A Sony Headphones app feature kills your phone’s battery life
Adaptive Sound Control auto-adjusts your noise-canceling and ambient-awareness levels based on detected activities and location. At a significant battery cost.
<p>I recently bought a pair of Sony WH-1000XM4 wireless headphones. Many of the headphone’s capabilities are unlocked using the Sony Headphones Connect (SHC) companion app. Unfortunately, the SHC app slashes hours off my phone’s battery life. Here’s what the app did wrong and how to rein in its energy consumption.</p> <p><a href="https://www.ctrl.blog/entry/sony-headphones-app-battery.html#src=feed">Read more …</a></p>