Uncategorized

Kittens, Pr0n, and Bad Juju in the Blockchain

 art, cats, data, people, philosophy, security, tech, Uncategorized  Comments Off on Kittens, Pr0n, and Bad Juju in the Blockchain
Jul 022017
 
Kittens, Pr0n, and Bad Juju in the Blockchain

Modern digital currency mostly seem to revolve around a construct called a blockchain, which – by design – is a (mostly![1]) append-only distributed database that is intended to keeps all the transactions for all time. Blockchains use strong cryptographic methods to ensure its integrity and fidelity, and is typically decentralized, meaning that the entire chain is distributed in close-to-real-time fashion over the Internet to all computers that are using […]

 Posted by at 3:51 pm on July 2, 2017  Tagged with:

It was 20 years ago today…

 dinosaur, friend, people, security, Uncategorized  Comments Off on It was 20 years ago today…
Apr 052015
 
It was 20 years ago today...

… and a few lifetimes… that wietse and I released SATAN.  What a long strange journey, as they say. Thanks to all the folks who used it, to the friends who have been kind. Thanks to muffy, and friends that are no longer with us. But most of all, thanks to my great and wonderful pal wietse. We haven’t worked together in awhile, but perhaps some day again, who knows? […]

 Posted by at 3:10 am on April 5, 2015

openssl… let me count the ways I hate you….

 code, crypto, philosophy, security, tech, Uncategorized  Comments Off on openssl… let me count the ways I hate you….
Mar 112014
 
openssl... let me count the ways I hate you....

I put a script or two on github; generates a CA and server and client certs, suitable (I hope!) for openvpn and https and all that. Based on the easy-rsa scripts, but I didn’t find them that easy to use. A haiku to openssl: openssl a black crane over the lake may you rot in hell                   Image is Hokusai’s “Mount […]

Linda and Doris rule the ‘net

 ipmi, security, tech, Uncategorized, web  Comments Off on Linda and Doris rule the ‘net
Jul 032013
 

Some misc ramblin’ notes/data on IPMI & SSL Certificates. So I used the SSL observatory software (oddly written, but still cool) to scan for certificates on a bit over 300K systems suspected of running IPMI (which in turn were had from HD Moore of Rapid 7 – thanks HD!) and who were on the net.  In case anyone else was interested in using the SSL Observatory stuff, it’s pretty simple once […]

and the winner is…

 Uncategorized  Comments Off on and the winner is…
Jul 052012
 

I’ve been looking at IPMI lately (an under-the-server-hood set of arcanery) and ran across the ipmicmd tool… I can’t recall another tool with a more obscure set of command flags. Here’s an example: ipmicmd raw 0x3a 0x1c 0x01 0x00 As you’ve probably guessed, that’ll send the command to IMM to switch Bank and then reboot. Thanks to IBM dox for that example (and others.)

 Posted by at 10:04 pm on July 5, 2012