A question from a distinguished colleague of mine: Q: Some security group is claiming that locking apps down to a single cpu is more secure that multi-threaded apps. Is there any basis in fact that I don’t know of or is this as ridiculous as I think it is? – Distinguished Dude A: It is called Side Channel Attacks…thus far its only a theory that has no known in the wild exploit ...
Contents 1 Katrina 1.1 The Move 1.2 The Storm 1.3 The Evacuation 1.4 The Night before the Storm 1.5 The Morning of Truth 1.6 The Afternoon/Evening of Boredom 1.7 The Trip to Shreveport 1.8 The Aftermath 1.8.1 Share this: Katrina I haven’t written much about my time during Katrina, but I wanted to put some thoughts to paper as I don’t want to forget when I am older. I have waited 5 years to write this, I hope it was worth it. ...
Rakkhi posted a great Lessons Learned on implementing email encryption: http://rakkhi.blogspot.com/2010/08/implementing-email-encryption-lessons.html The post got me thinking because I struggle dealing with subcontractors getting encryption. I refuse to send sensitive or even somewhat sensitive data over unencrypted links, but find that small (and even midsize companies) do not have the resources to implement. In a bind I have trained them on installing GnuPG and doing trusted exchanges, but the same pitfalls occur. ...
I struggle with ROM for log file storage. It is one of those things that no one EVER looks at, but everyone covers their asses. As an example DHS requires 90 days online, 7 years offline. Anton Chuvakin from Security Warrior posted this today and I thought it was pretty good: 100,000 log messages / second x 300 bytes / log message ~ 28.6 MB x 3600 seconds ~ 100.6 GB / hour ...
I love Debian (looks over lovingly @ the fileserver) and look forward to many more years of stable releases. Debian was my first distro when I ran 1.3 at the ripe old age of 12. I built a VM a few years ago just to see how far we’ve come: http://geekyschmidt.com/2008/03/29/login-looking-back-on-debian-13 A link to some interesting history: http://digitizor.com/2010/08/16/happy-17th-birthday-debian-and-some-interesting-history/