Security

Rakkhi posted a great Lessons Learned on implementing email encryption: http://rakkhi.blogspot.com/2010/08/implementing-email-encryption-lessons.html The post got me thinking because I struggle dealing with subcontractors getting encryption. I refuse to send sensitive or even somewhat sensitive data over unencrypted links, but find that small (and even midsize companies) do not have the resources to implement. In a bind I have trained them on installing GnuPG and doing trusted exchanges, but the same pitfalls occur. ...

I struggle with ROM for log file storage. It is one of those things that no one EVER looks at, but everyone covers their asses. As an example DHS requires 90 days online, 7 years offline. Anton Chuvakin from Security Warrior posted this today and I thought it was pretty good: 100,000 log messages / second x 300 bytes / log message ~ 28.6 MB x 3600 seconds ~ 100.6 GB / hour ...

There is so much hoopla about Private Mode browsing not actually keeping you private. Most of it is due to your addons for Flash and Java. Here are the extensions I use to keep the browser private ALWAYS: Chrome – Click&Clean Firefox – Click&Clean Internet Explorer – CCleaner plugin since IE is the suckage

The amount of banter on the topic is extensive, but there really are good reasons to leave Facebook. When I started dabbling in Social Networking back on the BBS days there was always a desire and reason for anonymity. It could have been for the illegal activities going on or for the fact people just didn’t want to over expose themselves. It was around the time AOL picked up some steam that sharing really became trendy. There were extensive pushes to kick AOL off the grid for the amount of anonymous data leaked from their pipes, but that was not enough to place controls on the system. As I joined sites like Friendster, Jaiku, etc. there were always controls in place for the amount of information I could share and what people could share about me. That layer of control allowed me to keep tabs on my personal identity and persona. I left MySpace and Hi5 since everyone told me “Facebook is way more secure,” but at the time I was unable to join due to no college affiliation. That changed and I joined… ...

Autologin in Ubuntu 9.10 would not default unlock your keyring for security I assume. If I am using autologin, chances are security isn’t high on the list and speed is… sudo vi /etc/pam.d/gdm-autologin and add the italic lines below #%PAM-1.0 auth requisite pam_nologin.so auth required pam_env.so readenv=1 auth required pam_env.so readenv=1 envfile=/etc/default/locale auth required pam_permit.so auth optional pam_gnome_keyring.so @include common-account session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close session required pam_limits.so ...