Home Assistant Remote Access with Cloudflare Argo

In this post, I will walk through how to setup Argo Tunnels from Cloudflare to remotely access your Home Assistant instance from anywhere. This will cost USD $5 a month plus 10 cents per GB of bandwidth, but also allows you to proxy out more than just Home Assistant, all included in the same $5 plan. You also need a device inside your home network - in this tutorial I’ll be using a Linux VM - to act as the outbound connector to Argo.

Some updates

Well, it’s been a while.

Attacking Windows EFS With Metasploit

Windows EFS Overview EFS, which stands for “Encrypting File System“, is a feature of the NTFS file system that has been available since NTFS version 3. Every business-focused version of Microsoft Windows since Windows 2000 has had the capability to employ Windows EFS. This article is old and outdated Note: This post was originally written on a WordPress-powered blog, and has been exported and imported to this blog platform. As a result, unfortunately, not all markdown, code, and output looks as pretty as it once did.

Externally-Hosted Libraries: Good or Bad Idea?

Many developers tout the benefits of using externally-hosted libraries for various website content – most typically javascript libraries. Google, for example, hosts most of the popular javascript libraries, including jQuery, MooTools, Prototype, etc. They state on their informational page that there are a number of benefits, including “stable, reliable, high-speed, globally available access”. This article is old and outdated Note: This post was originally written on a WordPress-powered blog, and has been exported and imported to this blog platform.

Password Security

One of the most frequent questions I get from people who know about what I do for a living is, “Is it bad that I use the same password everywhere?” I always answer in the affirmative, but I know that is not the answer people want. Password security is a complex topic. With so many websites requiring usernames and passwords yet many websites and organizations not caring as much about password security, and security in general, what can you do?

PHP extract() Vulnerability

PHP has a function named extract() to take all provided GET and POST requests and assign them to internal variables. Developers will, at times, use this function instead of manually assigning ‘$_POST[var1]’ to ‘$var1’. This function will overwrite any previously defined variables, including server variables. Extract() has options which prevent overwriting previously-defined variables, however this safety is not enabled by default, and developers might not enable the safety, just as many do not perform input validation.