Security-Privacy on Roethof.Net

Security-Privacy on Roethof.Nethttps://roethof.net/categories/security-privacy/Recent content in Security-Privacy on Roethof.NetHugo -- gohugo.ioenronny@roethof.net (Ronny Roethof)ronny@roethof.net (Ronny Roethof)© 2026 Ronny RoethofTue, 31 Mar 2026 05:47:20 +0200The Compliance Mirage: 350GB of EU Silencehttps://roethof.net/posts/2026/03/the-compliance-mirage-350gb-eu-silence/Tue, 31 Mar 2026 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2026/03/the-compliance-mirage-350gb-eu-silence/The European Commission ran its infrastructure on AWS while writing sovereignty frameworks for everyone else. Now 350GB is gone. This was not a surprise.The Summer Slump: Security Doesn't Take a Holidayhttps://roethof.net/posts/2026/03/the-summer-slump-security-doesnt-take-a-holiday/Fri, 20 Mar 2026 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2026/03/the-summer-slump-security-doesnt-take-a-holiday/Een waarschuwing voor organisaties: in de zomer neemt mentale vermoeidheid toe, waardoor security-risico’s stijgen, ondanks dat systemen operationeel blijven.We Did This To Ourselveshttps://roethof.net/posts/2026/03/we-did-this-to-ourselves-sovereignty-failure/Wed, 18 Mar 2026 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2026/03/we-did-this-to-ourselves-sovereignty-failure/A decade of Dutch digital sovereignty surrendered through procurement. From the failed Rijkscloud to the CLOUD Act, and now a state secretary who confirms it in writing and presses on anyway.The Illusion of Control: Your Laptop Choice Isn't the Security Riskhttps://roethof.net/posts/2026/03/the-illusion-of-control-your-laptop-choice-isnt-the-security-risk/Tue, 17 Mar 2026 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2026/03/the-illusion-of-control-your-laptop-choice-isnt-the-security-risk/Mobile authenticator vulnerabilities expose a fundamental truth. Securing the endpoint OS while leaving the phone untouched is security theater. Here is what actually works.Fortinet’s Quiet War on Linux Workstationshttps://roethof.net/posts/2026/03/fortinet-war-on-linux-workstations/Thu, 12 Mar 2026 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2026/03/fortinet-war-on-linux-workstations/How Fortinet’s licensing changes force Linux engineers into costly VPN workarounds, creating operational risk.If You Can Read It in OWA, You Can Archive It: A Playwright Approachhttps://roethof.net/posts/2026/03/extract-owa-email-history-playwright/Wed, 11 Mar 2026 12:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2026/03/extract-owa-email-history-playwright/The ISO 27001 Hallucination: Documenting Your Way to Disasterhttps://roethof.net/posts/2026/03/iso-27001-compliance-illusion-resilience-failure/Mon, 09 Mar 2026 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2026/03/iso-27001-compliance-illusion-resilience-failure/ISO 27001 documentation can give a false sense of security, leading to compliance illusions and enterprise risk.The Apeldoorn Illusion: A Post-Mortem of Dutch Digital Sovereigntyhttps://roethof.net/posts/2026/03/unconscious-incompetence-apeldoorn-illusion-deep-dive/Fri, 06 Mar 2026 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2026/03/unconscious-incompetence-apeldoorn-illusion-deep-dive/A post-mortem of Dutch digital sovereignty failures, exploring enterprise and systemic IT accountability.The DJI and AP Collapse: A Masterclass in Institutional Hypocrisyhttps://roethof.net/posts/2026/02/dji-ap-collapse-institutional-hypocrisy/Fri, 27 Feb 2026 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2026/02/dji-ap-collapse-institutional-hypocrisy/A case study of institutional failures in cybersecurity and governance, highlighting systemic risks in enterprise IT.The Badge, The Burnout, and the Backdoor: Why Scammers Love Your CISOhttps://roethof.net/posts/2026/02/the-tired-admin-scam-gamification/Sun, 01 Feb 2026 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2026/02/the-tired-admin-scam-gamification/How burnout and gamification create easy targets for social engineering attacks on enterprise admins.The State of SSH: Neglect Disguised as Stabilityhttps://roethof.net/posts/2026/01/state-of-ssh-neglect-disguised-as-stability/Thu, 22 Jan 2026 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2026/01/state-of-ssh-neglect-disguised-as-stability/SSH infrastructure is often treated as stable, but neglect can create hidden vulnerabilities in enterprise environments.The Panopticon Economy: How the EU is Building China-Litehttps://roethof.net/posts/2025/11/the-panopticon-economy-eu-china-lite/Thu, 20 Nov 2025 09:48:04 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/11/the-panopticon-economy-eu-china-lite/The Exit That Never Was: ISO27001, the Dutch Government, and the Solvinity Panichttps://roethof.net/posts/2025/11/the-exit-that-never-was-iso27001-dutch-government-solvinity-panic/Wed, 12 Nov 2025 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/11/the-exit-that-never-was-iso27001-dutch-government-solvinity-panic/The Dutch Kill Switch: Kyndryl, Solvinity, and the Sovereignty Miragehttps://roethof.net/posts/2025/11/kyndryl-solvinity-sovereignty-kill-switch/Mon, 10 Nov 2025 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/11/kyndryl-solvinity-sovereignty-kill-switch/Target Acquired: When WSUS Becomes the Weapon (CVE-2025-59287)https://roethof.net/posts/2025/11/wsus-weaponized-cve-2025-59287/Fri, 07 Nov 2025 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/11/wsus-weaponized-cve-2025-59287/Inception-Level Evasion: When Your EDR Can’t See the Linux VM Hiding in Windowshttps://roethof.net/posts/2025/11/inception-level-evasion-edr-linux-vm/Thu, 06 Nov 2025 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/11/inception-level-evasion-edr-linux-vm/Pro-Russian hackers exploit Linux VMs inside Windows to bypass EDR, creating a critical security blind spot.You Blocked ChatGPT? That’s Cute. Your Data Still Leaks.https://roethof.net/posts/2025/06/blocking-chatgpt-is-cute/Thu, 19 Jun 2025 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/06/blocking-chatgpt-is-cute/That Cybersecurity Alarm Bell? It's Ringing for All of Us in the Netherlands.https://roethof.net/posts/2025/06/digital-security-nl-political-urgency/Tue, 17 Jun 2025 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/06/digital-security-nl-political-urgency/NCSC's Late-Stage Panic: BYOD Is Risky? No Shit.https://roethof.net/posts/2025/05/ncsc-byod-late-panic-rant/Wed, 28 May 2025 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/05/ncsc-byod-late-panic-rant/Consult the European Vulnerability Database: Another Damn Database, or a Real Step Forward?https://roethof.net/posts/2025/05/consult-european-vulnerability-database/Sun, 11 May 2025 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/05/consult-european-vulnerability-database/Vendor Lock-In: Why Every Company Needs a Microsoft Exit Strategy (But Almost None Have One)https://roethof.net/posts/2025/05/ms-exit-strategy/Tue, 06 May 2025 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/05/ms-exit-strategy/Beyond the Hype: Navigating AI's Power and the Critical Privacy Linehttps://roethof.net/posts/2025/05/navigating-ai-privacy-security/Mon, 05 May 2025 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/05/navigating-ai-privacy-security/EU Sells Out 450 Million Citizens: Israel Gets OUR Data While Fining TikTok for the SAME THING? What the Actual Fuck?https://roethof.net/posts/2025/05/eu-gives-citizen-data-to-israel-fuck-our-privacy/Sun, 04 May 2025 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/05/eu-gives-citizen-data-to-israel-fuck-our-privacy/The Human in Cybersecurity: Liability or Asset? My Take.https://roethof.net/posts/2025/04/human-factor-liability-or-asset/Sun, 20 Apr 2025 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/04/human-factor-liability-or-asset/Taming the Log Tsunami: My Quest for an Open Source Syslog Solutionhttps://roethof.net/posts/2025/04/oss-syslog-journey/Tue, 15 Apr 2025 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/04/oss-syslog-journey/Community-Driven Anti-Spam Arsenal: From SpamCop to Modern Defense Networkshttps://roethof.net/posts/2025/04/community-anti-spam-tools/Mon, 14 Apr 2025 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/04/community-anti-spam-tools/Building an Open Source Security Fortress: A Blueprint for Sovereignty (and Sanity)https://roethof.net/posts/2025/04/oss-security-platform-blueprint/Fri, 11 Apr 2025 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/04/oss-security-platform-blueprint/The Update Obsession: Are We Really Opening the Front Door to Cybercriminals?https://roethof.net/posts/2025/04/rant-update-obsession/Wed, 09 Apr 2025 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/04/rant-update-obsession/The Digital Driver's License: Convenience or Control?https://roethof.net/posts/2025/04/digital-drivers-license-netherlands/Mon, 07 Apr 2025 16:03:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/04/digital-drivers-license-netherlands/Let's Build an Ansible Role for Basic Linux Hardeninghttps://roethof.net/posts/2025/04/ansible-role-linux-hardening/Wed, 02 Apr 2025 00:00:00 +0200ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/04/ansible-role-linux-hardening/My Personal Take: Company Laptops - Security Ain't Everything (But It's Still My Job, Damn IT)https://roethof.net/posts/2025/03/company-laptops-personal-use-security-balance/Tue, 25 Mar 2025 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/03/company-laptops-personal-use-security-balance/A personal reflection on company laptop security, balancing policy, autonomy and practical IT responsibilities.The Paradox of Excessive Security Measures: When Does 'Safer' Become 'Overkill'?https://roethof.net/posts/2025/03/the_paradox_of_excessive_security_measures_when_does_safers_become_overkill/Sat, 22 Mar 2025 00:00:00 +0100ronny@roethof.net (Ronny Roethof)https://roethof.net/posts/2025/03/the_paradox_of_excessive_security_measures_when_does_safers_become_overkill/