Arkadiy Tetelman A security blog

Detecting Manual AWS Console Actions

UPDATE 2/18/24: Check out the update to this post πŸ™‚

Continue reading "Detecting Manual AWS Console Actions" β†’

Pair Locking your iPhone with Configurator 2

In response to the recent iphone bootrom bug (and also because I was already in the market for a new phone), I recently purchased a new iPhone XR. This gave me a chance to re-run the steps required to pair lock the device, a process which prevents law enforcement from using forensics tools against your phone, and the result of which is this blog post.

Continue reading "Pair Locking your iPhone with Configurator 2" β†’

Quantifying Untrusted Symantec Certificates

I was reading Hackernews the other day when I came upon the following tweet: Symantec deprecation tweet which made me curious to quantify exactly how many and which sites will have their trust removed. This blog post answers these questions by writing a scanner to detect bad Symantec certificates (using the same logic Google Chrome uses), and running it against the Alexa Top 1 Million sites. But first, some context.

Continue reading "Quantifying Untrusted Symantec Certificates" β†’

Deploying EFF's Certbot in AWS Lambda

This post describes the steps needed to deploy Certbot (a well-maintained LetsEncrypt/ACME client) inside AWS Lambda. The setup used below is now powering 100% automated TLS certificate renewals for this website - the lambda runs once a day and if there’s less than 30 days remaining on my existing cert it will provision a new one and import it to be served by my CDN.

Continue reading "Deploying EFF's Certbot in AWS Lambda" β†’