Modern digital currency mostly seem to revolve around a construct called a blockchain, which – by design – is a (mostly!) append-only distributed database that is intended to keeps all the transactions for all time. Blockchains use strong cryptographic methods to ensure its integrity and fidelity, and is typically decentralized, meaning that the entire chain is distributed in close-to-real-time fashion over the Internet to all computers that are using […]
how many factors, anyway?
I’ve been using Google’s 2 factor authentication for awhile now, it’s simple to use and seems effective (and is probalby the most commonly used 2F on earth.) But how many factors is it, really? But perhaps I could try to distill this even a bit more, and go radical… is the 2nd factor really necessary or just a productivity hit/distraction? Once per month or so it dutifully asks me […]
I once had lunch with Paul Karger at IBM Watson labs while visiting my pal Wietse many years ago. I’d known he’d been around a long time… so I asked him what he thought security was, something that still confounds me. I find myself returning back to his answer: “security is when the money you put in the bank stays in the bank” He was a really neat guy, […]
The free certs from https://letsencrypt.org/ do indeed work as described. I wanted to check them out for some public facing services I wanted to run. To get the certificate you run a program on a host that DNS resolves to the cert you want to get – so if “foo.example.com” resolves to 10.6.6.6, you need to install the cert generation program on 10.6.6.6, and have either 80 or 443 free (I […]
stupid docker tricks #239192
1) Limit max processes on container; unfortunately docker seems intent on me not doing docker stupid tricks, so this is actually a bit of a pain on some systems… but if you figure out/etc/security/limits.conf, or can use prlimit (or write your own; use RLIMIT_NPROC instead of RLIMIT_NOFILE), you can do “prlimit –pid 666 –nproc=3:3” to limit the processes on the system to a very small number. Say… only what you’re running inside […]