tuesday night

Matt Kolon · Matt Kolon · commit 98e56e440c0a · 2026-01-13T22:16:40.000-06:00
diff --git a/_posts/2026-01-07-VPNRA.md b/_posts/2026-01-07-VPNRA.md
@@ -42,3 +42,19 @@ title:  "January 12: FDIC VPNs and Remote Access"
   - [**Public Key Infrastructure**](https://www.fortinet.com/resources/cyberglossary/public-key-infrastructure)
   - I must admit I love Cloudflare. Explainers like these, on [**Public Key Cryptography**](https://www.cloudflare.com/learning/ssl/how-does-public-key-encryption-work/) and [**SSL Certificates**](https://www.cloudflare.com/learning/ssl/what-is-an-ssl-certificate/), are a big part of why I feel that way.
 
+### Wednesday, Jan 14, 2026
+
+- Brad also shared [**this article**](https://support.apple.com/en-us/102602) about another Apple security enhancement called iCloud Private Relay. [**Here's another view**](https://9to5mac.com/2025/07/25/should-you-use-icloud-private-relay-heres-how-it-works/) (not from Apple) that goes a little deeper. As Brad said when he sent me the article, it seems this service "connects users to two relays, one can see your ip address, but not where you are going, the next can see where you are going, but not your IP address." Interesting and perhaps useful if you fit the use profile, but not a VPN.
+
+- Here's[some intel from purewl](https://www.purewl.com/vpn-vulnerabilities-you-should-know-about/) about VPN vulnerabilities. There's a bit of scaremongering because they're a security vendor, but it's interesting nonetheless.
+
+
+- I accidentally ran into this guide on [**Selecting and Hardening Remote Access VPN Solutions**](https://media.defense.gov/2021/Sep/28/2002863184/-1/-1/0/CSI_SELECTING-HARDENING-REMOTE-ACCESS-VPNS-20210928.PDF) while looking for something else. Honest I did! It's a few years old, but then again it's from the NSA, so it's pretty good, too.
+
+- Here are a couple of docs we've dreamed up over the years that you could find useful. A [**list of controls**](https://class.hillvt.com/assets/VPNRA-Controls.docx) and [**one of documentation**](https://class.hillvt.com/assets/VPNRA-Docs.docx) that might be useful in considering bank VPN and Remote Access implementations. **These are not official FDIC documents**, just my slightly informed thinking.
+
+- Here's a shot at making a [**Remote Access Risk Assessment**](http://class.hillvt.com/assets/Remote_Access_Risk_Assessment.pdf). What do you think of this? Is it useful, perhaps as the start of something you might make yourself?
+
+- You can't do anything today without encountering an Artificial Intelligence angle, and [**VPNs are no exception**](https://medium.com/@44dying/the-impact-of-ai-on-vpn-security-predictive-threat-detection-and-response-d371a34c71c0). We may not see [**AI doing its work in the VPN context**](https://www.makeuseof.com/how-does-ai-work-in-vpns/), but that doesn't mean VPN and networking companies aren't using it. What could that look like for banks?
+
+- In case you have questions about Wireguard, [**here's some good lightweight tech info**](https://www.techradar.com/vpn/what-is-wireguard) from TechRadar.
