About

1. About Me
2. Projects
3. Architecture
4. Services
5. Publications

About Me §

Projects §

• malware-filter: A collection of blocklists:

  • urlhaus-filter: A set of blocklists to restrict malware-hosting websites. Enabled by default in uBlock Origin. Based on URLhaus.

  • phishing-filter: A set of blocklists to restrict phishing websites. Bundled with uBlock Origin, requires manual enablement. Curated from PhishTank, OpenPhish, Phishunt and mitchellkrogza’s Phishing.Database.

  • (Inactive) pup-filter: A set of blocklists to restrict websites that host potentially unwanted programs (PUP). Based on Zhouhan Chen‘s malware-discoverer.

  • tracking-filter: A set of blocklists to restrict javascript links that perform browser fingerprinting. Based on DuckDuckGo Tracker Radar. Blokada version blocks more tracking links but the trade-off is more false positive; available at blokada.org.

  • vn-badsite-filter: A set of blocklists to restrict malicious websites targeting Vietnamese users; also suitable for global users. Based on Hieu Minh Ngo‘s list.

  • botnet-filter: A set of blocklists to restrict botnet IPs used as command and control (C2) servers. Based on Feodo Tracker. Recommend to use the upstream blocklist whenever possible, it has much more frequent update (every 5 minutes).

  • splunk-malware-filter: A Splunk add-on to update malware-filter lookups.

• splunk-scripts: Splunk add-ons, patches, setup scripts and threat hunting.

• aws-scripts: AWS CDK templates and security audit scripts.

• (Inactive) Core contributor of Hexo, a Nodejs-powered static site generator. (This site is created using Hexo)

  • hexo-yam: Yet Another Minifier plugin for Hexo. Minify static web assets and compress using brotli and zstd.

  • hexo-nofollow: A Hexo plugin that adds rel="external nofollow noopener noreferrer" to all external links in your blog posts.

Architecture §

mdleom.com is served from two identical VMs hosted in a cloud provider. The VMs are using NixOS and Caddy web server. The web server functions as a file server to serve static website. Each VM has cloudflared to connect the web server to Cloudflare CDN using an outbound tunnel. Each cloudflared instance acts as a replica that connects to the same tunnel to provide active-passive failover.

The web server itself is also able to failover to mirrors (Cloudflare Pages, Netlify, GitLab Pages and GitHub Pages). Blog content is deployed from a GitLab repository which hosts the source. The source is compiled to static site using Hexo. The compiled site is deployed to the web servers using ssh-secured rsync. SSH/rsync to the servers is only available via Tailscale network.

The GitLab repository also hosts images and attachments, images are resized on-the-fly using Cloudflare Images. microblog source is hosted on the microblog branch.

More details are available in the following series of posts:

• Part 1: Install NixOS
• Part 2: Configure NixOS
• Part 3: Configure Caddy
• Part 4: Setup Tor hidden service
• Part 5: Configure I2P
• Setup Cloudflare Argo Tunnel in NixOS
• Running Tailscale in GitLab CI/CD with Alpine container

Services §

• SimplyTranslate: Provide fast and private translations to the user without wasting much overhead for extensive styling or JavaScript. Supports Google Translate engine.
  • Onion
  • Eepsite
• Lingva: An alternative front-end for Google Translate. Retrieves the translation without using any Google-related service.
  • Onion
  • Eepsite
• Wikiless: A free open source alternative Wikipedia front-end focused on privacy.
  • Onion
  • Eepsite
• Scribe: Alternative front-end to Medium.com
  • Onion
  • Eepsite
• LibMedium: Privacy-focused proxy for medium.com
  • Onion
  • Eepsite
• Rimgo: An alternative frontend for Imgur. Images and albums can be viewed without wasting resources from downloading and running tracking scripts.
  • Onion
  • Eepsite
• Quetre: A libre front-end for Quora.
  • Onion
  • Eepsite
• libremdb: A free & open source IMDb front-end.
  • Onion
  • Eepsite
• AnonymousOverflow: View StackOverflow in privacy and without the clutter.
  • Onion
  • Eepsite
• LibreTranslate: Free and Open Source Machine Translation API.
  • Onion
  • Eepsite
• Redlib: Private front-end for Reddit.
  • Onion
  • Eepsite
• BiblioReads: An Alternative Private Goodreads Front-End.
  • Onion
  • Eepsite
• Mozhi: Alternative-frontend for many translation engines.
  • Onion
  • Eepsite
• Dumb: Private alternative front-end for Genius.
  • Onion
  • Eepsite
• Intellectual: Alternate frontend for Genius focused on privacy and simplicity.
  • Onion
  • Eepsite

Publications §

• Leom, MD, Deegan, G, Martini, B & Boland, J 2021, ‘Information disclosure in mobile device: examining the influence of information relevance and recipient’, HICSS, pp. 4632-4640. PDF
• Leom, MD 2020, ‘User privacy preservation on mobile devices: investigating the role of contextual integrity’, PhD thesis, University of South Australia. PDF
• Leom, MD, Choo, K-KR & Hunt, R 2016, ‘Remote wiping and secure deletion on mobile devices: a review’, Journal of Forensic Sciences, pp. 1-20, doi: 10.1111/1556-4029.13203. Postprint
• Leom, MD 2015, ‘Remote wiping in Android’, MSc thesis, University of South Australia. PDF
• Leom, MD, D’orazio, CJ, Deegan, G & Choo, K-KR 2015, ‘Forensic collection and analysis of thumbnails in Android’, Trustcom/BigDataSE/ISPA, IEEE, pp. 1059-66, doi: 10.1109/Trustcom.2015.483. Postprint