The free certs from https://letsencrypt.org/ do indeed work as described. I wanted to check them out for some public facing services I wanted to run. To get the certificate you run a program on a host that DNS resolves to the cert you want to get – so if “foo.example.com” resolves to 10.6.6.6, you need to install the cert generation program on 10.6.6.6, and have either 80 or 443 free (I […]

stupid docker tricks #239192

 cats, hack, security, virtual  Comments Off on stupid docker tricks #239192
Feb 022016
 
stupid docker tricks #239192

1) Limit max processes on container; unfortunately docker seems intent on me not doing docker stupid tricks, so this is actually a bit of a pain on some systems… but if you figure out/etc/security/limits.conf, or can use prlimit (or write your own; use RLIMIT_NPROC instead of RLIMIT_NOFILE), you can do “prlimit –pid 666 –nproc=3:3” to limit the processes on the system to a very small number. Say… only what you’re running inside […]

a bit of levity

 art, web  Comments Off on a bit of levity
Oct 112015
 
a bit of levity

Everyone.. and esp. me… needs humor from time to time…. from various sources, I present my kind of humor.

d3ck, d3ck, goose

 code, crypto, hack, philosophy, security  Comments Off on d3ck, d3ck, goose
May 132015
 
d3ck, d3ck, goose

A bit over 2 years ago I started on a journey that has become a bit surreal; I had what seemed like a modest goal, simply create something that would facilitate confidential (e.g. encrypted) sharing of information in an easy way. Then snowden came along, and things started become even more… interesting, in the Chinese way. Tragedy, comedy, farce, delays and complications beyond belief followed. But the basic problem […]

It was 20 years ago today…

 dinosaur, friend, people, security, Uncategorized  Comments Off on It was 20 years ago today…
Apr 052015
 
It was 20 years ago today...

… and a few lifetimes… that wietse and I released SATAN.  What a long strange journey, as they say. Thanks to all the folks who used it, to the friends who have been kind. Thanks to muffy, and friends that are no longer with us. But most of all, thanks to my great and wonderful pal wietse. We haven’t worked together in awhile, but perhaps some day again, who knows? […]

© 2012 trouble Suffusion theme by Sayontan Sinha