| Twittodon verification | https://twittodon.com/share.php?t=thorsheim&[email protected] |
| Obsessions | Passwords, digital authentication |
Per Thorsheim
@thorsheim
- 1.3K Followers
- 925 Following
- 712 Posts
Founder & organizer of PasswordsCon.org.
Linkedin.com/in/thorsheim
Infosec since 1994.
YouTube
I vibecoded a DNS Email Security Checker: check a domain for DNSSEC, MX, PTR, DANE, SPF, DKIM, DMARC, BIMI, RLS-RPT, MTA-STS, CAA, RPKI & Security.txt, with WHOIS info on top, recommendations & explanations & examples.
https://github.com/thorsheim/Mailcheck
Also available online at https://passwordscon.org/mailcheck/
GitHub - thorsheim/Mailcheck: Standalone html that runs in your browser to check any domain: DNSSEC, MX, PTR, DANE, SPF, DKIM, DMARC, BIMI, TLS-RPT, MTA-STS, CAA, RPKI, Security.TXT and WHOIS info.
Standalone html that runs in your browser to check any domain: DNSSEC, MX, PTR, DANE, SPF, DKIM, DMARC, BIMI, TLS-RPT, MTA-STS, CAA, RPKI, Security.TXT and WHOIS info. - thorsheim/Mailcheck
Paragon Initiative EnterprisesThe PHP extension (written in Rust):
I will be presenting "Our Vulnerable Networks" at #Sikkerhetsfestivalen 2026, talking BGP & RPKI history, status & "how to get it done".
Through history back to 1989 (BGP), L0pht testifying for congress in 1998 and lots more, I will explain the problem, the gaps, current status and what we need to do to fix a global internet routing security issue that is exploited many times daily.
Thanks to @internet_nl & @ripencc for their tools & knowledge, and the @cloudflare routing radar!
Jeg har vært på podcastinnspilling hos Advokatforeningen og snakket om mine undersøkelser av epost sikkerhet hos deres medlemmer. Resultatet kan du høre på Spotify og andre podcast plattformer. Mer info her:
https://www.advokatforeningen.no/aktuelt/podcast/bits-and-bytes-for-advokater-per-thorsheim/
RE: https://eupolicy.social/@finnmyrstad/116141082378515849
Proud to support this, and have co-signed the letter to Norwegian authorities.
Data Protection Agencies should have good security, right?
I've scanned almost 160 DPAs around the world using the Dutch Internet Standards Platform @internet_nl to check web, dns and email security.
The results are in, and you won't like them.
Data Protection Agencies (DPA) should have good security, right?
But they don't, and that's not just my personal opinion, but the result of scanning almost 160 DPAs around the world using the excellent free service of Dutch Internet Standards Platform (Internet.nl), checking their web, dns and email security.
Det går bedre med epost sikkerheten for norske advokatselskaper, men det er alltid rom for forbedringer!
Her en liten statusoppdatering pr februar 2026:
https://www.linkedin.com/pulse/det-g%25C3%25A5r-fremover-i-advokatbransjen-per-thorsheim-dx9qe/
Det går fremover i advokatbransjen!
I flere artikler her på Linkedin har jeg påpekt mangelfull epost sikkerhet hos norske advokatselskap. Jeg har stilt spørsmål ved advokaters bruk av gratis epost tjenester og deres konfidensialitetsplikt, samt hos ulike fagforbund og andre organisasjoner som bør forventes å ha orden på dette.
Lawyers using free mail services like Hotmail, Gmail & iCloud?
Oh yes!
Security, privacy & lawyers legal obligation to confidentiality?
Good question!
I've written about lawyers in Norway using such services, and my own personal recommendations about it.
https://www.linkedin.com/pulse/lawyers-using-free-email-services-per-thorsheim-4fkee/
Lawyers Using Free Email Services
I have previously written a couple of articles about email security at law firms in Norway & Denmark. I have also written about email security at Apple iCloud, labor unions in Norway, the Norwegian National Security Authority (NSM), the Norwegian Data Protection Authority (Datatilsynet), and the dec