Posts

To this day I am flabbergasted by the assertion that because your network is not connected to the big “I” Internet you can practice lax security. Countless places I have walked in the door to find unencrypted email traffic, no antivirus, and zero firewalls. Like the Masons of the middle ages they draw the boundary around the castle/network and assume they are safe. As architects and security professionals it is up to us to remind the Castle Builders that the threat of today is not warded off with simple walls of rock… ...

WAMU, our local NPR station in DC, left me with a cliff hanger as I rushed back from the grocery store. In the days prior to the streaming web I would have just sat with the car idling in the driveway. Tonight though I was able to rush up the stairs and start the live stream. I made one strategic mistake though. I went to http://wamu.com rather than http://wamu.org I thought the outcome was share worthy: ...

Let me start by saying I am not a benchmarker. At all…so these results are posted for friendly banter and I make no claim to their validity. Consider this the glxgears of filesystem testing. The testing was done with two identical OpenBSD 4.8 installs running in VMware Fusion 3.1 on a Mac Mini Server. The bonnie test was done to the same /home partitions mounted in crypto volumes. In green you will find the winner for each category. ...

It is unfortunate, but the OpenBSD disk encryption tool-sets are no where near as mature as those found in FreeBSD or Linux. You would think with such a security focused operating system that disk encryption would be a no brainer. You would be wrong. On OpenBSD -misc mailing list you often get this impression with them: XKCD - Security ...

Letter Written in Cipher on Mourning Paper by Rose Greenhow If you have been following my posts as of late, you will have seen that I am on a anonymous bend. Some of my friends have wondered why I was seeking to disappear digitally and if that is the takeaway from my work it should not be. By the very act of posting this information I am by nature not anonymous. I think its important as our society becomes more open that we are able to close and keep private what we want. The option should always be yours. In that vein this post will cover email storage and usage. ...