summaryrefslogtreecommitdiff
path: root/content/entry/oxen-security-fail.md
diff options
context:
space:
mode:
Diffstat (limited to 'content/entry/oxen-security-fail.md')
-rw-r--r--content/entry/oxen-security-fail.md1
1 files changed, 1 insertions, 0 deletions
diff --git a/content/entry/oxen-security-fail.md b/content/entry/oxen-security-fail.md
index 5ad80a0..a32abef 100644
--- a/content/entry/oxen-security-fail.md
+++ b/content/entry/oxen-security-fail.md
@@ -1,6 +1,7 @@
---
title: "Oxen Security Fail"
date: 2021-09-28T00:00:00
+tags: ['computing']
draft: false
---
Lately I've been doing research on the Oxen Privacy Tech Foundation and their various projects. On 19 September while looking at Session, I noticed getsession.org was missing the [Strict-Transport-Security header](https://securityheaders.com/?q=https%3A%2F%2Fgetsession.org&followRedirects=on). So I decided to also check the security headers for [oxen.io](https://securityheaders.com/?q=https%3A%2F%2Foxen.io&followRedirects=on), [lokinet.org](https://securityheaders.com/?q=https%3A%2F%2Flokinet.org&followRedirects=on), and [optf.ngo](https://securityheaders.com/?q=https%3A%2F%2Foptf.ngo&followRedirects=on) and what do you know, they're also missing HTTP security headers.