Kittens, Pr0n, and Bad Juju in the Blockchain

 art, cats, data, people, philosophy, security, tech, Uncategorized  Comments Off on Kittens, Pr0n, and Bad Juju in the Blockchain
Jul 022017
 
Kittens, Pr0n, and Bad Juju in the Blockchain

Modern digital currency mostly seem to revolve around a construct called a blockchain, which – by design – is a (mostly![1]) append-only distributed database that is intended to keeps all the transactions for all time. Blockchains use strong cryptographic methods to ensure its integrity and fidelity, and is typically decentralized, meaning that the entire chain is distributed in close-to-real-time fashion over the Internet to all computers that are using […]

 Posted by at 3:51 pm on July 2, 2017  Tagged with:

how many factors, anyway?

 crypto, risk, security, tech  Comments Off on how many factors, anyway?
Feb 242017
 
how many factors, anyway?

I’ve been using Google’s 2 factor authentication for awhile now, it’s simple to use and seems effective (and is probalby the most commonly used 2F on earth.) But how many factors is it, really? But perhaps I could try to distill this even a bit more, and go radical… is the 2nd factor really necessary or just a productivity hit/distraction? Once per month or so it dutifully asks me […]

trivial command line…..

 ipmi, tech  Comments Off on trivial command line…..
Sep 112016
 

Was just noticing the shell option in ipmitool.. wondered if you could echo a set of commands to it via stdin, and sure enough… the final bit is sending it a ctrl^D via \003 and echo -e. This sends a chassis power status as well as a sol, channel, and mc info to BMC – $ echo -e "chassis power status\nsol info\nchannel info 0\nmc info\n\004" | ipmitool -I lanplus […]

Security is….

 dinosaurs, friend, people, security  Comments Off on Security is….
Jul 032016
 
Security is....

I once had lunch with Paul Karger at IBM Watson labs while visiting my pal Wietse many years ago. I’d known he’d been around a long time… so I asked him what he thought security was, something that still confounds me. I find myself returning back to his answer: “security is when the money you put in the bank stays in the bank” He was a really neat guy, […]

 Permalink  crypto, security, tech, web  Comments Off on
Feb 052016
 

The free certs from https://letsencrypt.org/ do indeed work as described. I wanted to check them out for some public facing services I wanted to run. To get the certificate you run a program on a host that DNS resolves to the cert you want to get – so if “foo.example.com” resolves to 10.6.6.6, you need to install the cert generation program on 10.6.6.6, and have either 80 or 443 free (I […]