[[!meta title="Research and tests"]]

Raw list with things to try, research, evaluate develop and maybe deploy!

## New stuff

* [FOSS Services](/services)!
* [isis' scripts](https://github.com/isislovecruft/scripts).
* [gitly self-hosted](https://gitly.io).
* [Git Large File Storage - Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server like GitHub.com or GitHub Enterprise.](https://git-lfs.github.com/)  / [#792075 - ITP: git-lfs -- Git Large File Support. An open source Git extension for versioning large files - Debian Bug report logs](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792075).
* https://shodan.io
* https://keybase.io
* https://en.wikipedia.org/wiki/Unikernel
* https://eng.fromatob.com/post/2017/02/lets-encrypt-oauth-2-and-kubernetes-ingress/
* https://stripe.com/blog/idempotency
* https://github.com/gorhill/uMatrix
* https://github.com/metabase/metabase
* https://lede-project.org/start

## Multimedia

* [qsstv](https://packages.debian.org/jessie/qsstv)
* mopidy/mpdris:
  * plugins like https://packages.debian.org/stretch/mopidy-podcast
  * https://packages.debian.org/jessie/mopidy
  * https://github.com/acrisci/playerctl
  * https://packages.debian.org/jessie/mpdris2
  * https://packages.debian.org/stretch/mpris-remote

## Tor

* ooniprobe, lepidopter.
* onionpi (tor, hostapd, iptables).
* onion smtp:
  * https://www.void.gr/kargig/blog/2014/05/10/smtp-over-hidden-services-with-postfix/
  * https://tech.immerda.ch/2016/12/ehlo-onion/
  * https://github.com/riseupnet/onionmx

## Security

* bitmask and LEAP.
* port knocking.
* hardened systems: apparmor, gradm2, firejail, seccomp, etc.
* sshd:
  * https://stribika.github.io/2015/01/04/secure-secure-shell.html
  * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774711#60
  * http://security.stackexchange.com/questions/64562/how-should-i-defend-against-zero-day-attack-on-ssh
  * https://charlieharvey.org.uk/page/ssh_port_pros_and_cons
* fuzzy testing: fusil, etc.
* router: serial console to other boxes with dhe luks! :)
* [Mailcap, HTML and AppArmor](http://www.justgohome.co.uk/blog/2014/02/mailcap-html-apparmor.html).
* Increased security on smtp/imaps password storage:
  * https://github.com/sup-heliotrope/sup/wiki/Securely-Store-Password
  * http://serverfault.com/questions/149452/how-can-i-use-fetchmail-or-another-email-grabber-with-osx-keychain-for-authent
  * http://mah.everybody.org/docs/mail/fetchmail_check
* Enhanced shell:
  * Add a counter-measure to prevent SSH timing attacks:
    http://users.ece.cmu.edu/~dawnsong/papers/ssh-timing.pdf
    http://www.slideshare.net/idsecconf/countermeasure-against-timing-attack-on-ssh-using-random-delay
    http://www.scribd.com/doc/59628153/Timing-Analysis-of-Keystrokes-and-Timing-Attacks-on-SSH-Revisited

## DevOps

* [Simet](http://simet.nic.br).
* auto start user screen sessions.
* backups: snapshots with remote transfer support.
* puppet:
  * deploy: multiple module paths: https://docs.puppet.com/puppet/3.6/dirs_modulepath.html
  * default modules as submodules from the bootstrap repository, custom modules closer to the config folder?
* php7-fpm:
  * https://serversforhackers.com/video/apache-and-php-fpm
  * http://www.binarytides.com/setup-apache-php-fpm-mod-proxy-fcgi-ubuntu/

    <FilesMatch \.php$>
      SetHandler "proxy:unix:/run/php/php7.1-fpm.sock|fcgi://localhost:9000";
    </FilesMatch>

## Virtualization

* kvm:
  * kvm-manager improvements (systemd support, packaging, docs).
  * env params.
  * FDE using bootless image.

## Smartphone

* snoopsnitch.
* mods: https://web.archive.org/web/20160402005909/https://people.torproject.org/~ioerror/skunkworks/moto_e/

## Torrent

Torrent workflow: torrent-maker, magnet2torrent and torrent-reseed:

* http://wiki.rtorrent.org/MagnetUri
* http://dan.folkes.me/2012/04/19/converting-a-magnet-link-into-a-torrent/
* https://github.com/danfolkes/Magnet2Torrent
* http://code.google.com/p/pyroscope/wiki/CommandLineTools
* https://trac.transmissionbt.com/ticket/4176
* http://wiki.rtorrent.org/MagnetUri
* https://github.com/rakshasa/rtorrent/issues/212
* saving/restoring `.meta` and `~/rtorrent/.session` files.
* multiple instances: https://kernelwho.wordpress.com/2011/11/15/running-multiple-instances-of-rtorrent/

    rtorrent -n -o import=/home/user/.rtorrent1.rc

## Git

* signed commits:
  * check using gpgv?
  * [Validating other keys on your public keyring](https://www.gnupg.org/gph/en/manual/x334.html)
  * https://git-annex.branchable.com/tips/using_signed_git_commits/
  * http://stackoverflow.com/questions/17371955/verifying-signed-git-commits
  * https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work
  * https://mikegerwitz.com/papers/git-horror-story.html
* Push-to-deploy plugin:
  * http://superuser.com/questions/230694/how-can-i-push-a-git-repository-to-a-folder-over-ssh
  * https://devcenter.heroku.com/articles/git
  * https://github.com/blog/1957-git-2-3-has-been-released (push-to-deploy)
  * https://github.com/git/git/blob/v2.3.0/Documentation/config.txt#L2155
  * http://stackoverflow.com/questions/1764380/push-to-a-non-bare-git-repository
  * http://bitflop.com/tutorials/git-bare-vs-non-bare-repositories.html
* Write a "git" interceptor:
  * Check proper user/email config.
  * Automatically set git-flow when initializing a repository.
  * Automatically set git-hooks integration.
  * Implement global hooks.
  * Check remote configuration.
  * Check hook tampering before doing anything in the repository.
  * That can disable/mitigate hooks by changing permission and ownership on `~/.git/hooks`.