Trouble

  • Get Device ID (moar IPMI… yawn….)

    I’d had this sitting around for awhile and thought I’d take another look at it; in this I simply toss out an IPMI Get Device ID command and see what happens. This is an interesting one; the GUID is a Vendor Specific ID – the specification says that it’s “a unique number per device”, and that…

  • mega mega mega… chan chan chan….

    Or… Notes on the IPMI Protocol Security Model. I wrote in Sold Down the River about the curious aspects of channels and authentication and users and all that stuff. Here’s a slimmed down model… and as a bonus a program that iterates through all the channels, users types, and authentication for a host, which is…

  • certificates and security

    npm is the defacto package manager for the node.js javascript network programming environment thingee. The folks who make npm have taken a security leap: npm no longer supports its self-signed certificates Ah, they build the bastions of light and goodness, protecting us from the sins of the masses by standing tall. So… how do you install…

  • The Dynamic and Depreciating Value of Computers

    I wrote this while I was at my company Elemental, and was meant for engineers to implement, so despite some of the very specific language for implementation purposes it was never meant to be dogmatic. I love the idea of calculating value based on… not much. I don’t know how accurate it is, but I can say that…

  • Def Con, Jeff Moss, and Sexism

    I suppose this could be subtitled “why I won’t be going to Def Con again.” Last August I wrote a letter to Jeff Moss (who is the founder of Def Con) about the disturbing sexism – including a conference sponsored strip show – I personally witnessed on a short jaunt I took to Def Con…

Got any book recommendations?

Get In Touch