security

Kittens, Pr0n, and Bad Juju in the Blockchain

 art, cats, data, people, philosophy, security, tech, Uncategorized  Comments Off on Kittens, Pr0n, and Bad Juju in the Blockchain
Jul 022017
 
Kittens, Pr0n, and Bad Juju in the Blockchain

Modern digital currency mostly seem to revolve around a construct called a blockchain, which – by design – is a (mostly![1]) append-only distributed database that is intended to keeps all the transactions for all time. Blockchains use strong cryptographic methods to ensure its integrity and fidelity, and is typically decentralized, meaning that the entire chain is distributed in close-to-real-time fashion over the Internet to all computers that are using […]

 Posted by at 3:51 pm on July 2, 2017  Tagged with:

how many factors, anyway?

 crypto, risk, security, tech  Comments Off on how many factors, anyway?
Feb 242017
 
how many factors, anyway?

I’ve been using Google’s 2 factor authentication for awhile now, it’s simple to use and seems effective (and is probalby the most commonly used 2F on earth.) But how many factors is it, really? But perhaps I could try to distill this even a bit more, and go radical… is the 2nd factor really necessary or just a productivity hit/distraction? Once per month or so it dutifully asks me […]

Security is….

 dinosaurs, friend, people, security  Comments Off on Security is….
Jul 032016
 
Security is....

I once had lunch with Paul Karger at IBM Watson labs while visiting my pal Wietse many years ago. I’d known he’d been around a long time… so I asked him what he thought security was, something that still confounds me. I find myself returning back to his answer: “security is when the money you put in the bank stays in the bank” He was a really neat guy, […]

 Permalink  crypto, security, tech, web  Comments Off on
Feb 052016
 

The free certs from https://letsencrypt.org/ do indeed work as described. I wanted to check them out for some public facing services I wanted to run. To get the certificate you run a program on a host that DNS resolves to the cert you want to get – so if “foo.example.com” resolves to 10.6.6.6, you need to install the cert generation program on 10.6.6.6, and have either 80 or 443 free (I […]

stupid docker tricks #239192

 cats, hack, security, virtual  Comments Off on stupid docker tricks #239192
Feb 022016
 
stupid docker tricks #239192

1) Limit max processes on container; unfortunately docker seems intent on me not doing docker stupid tricks, so this is actually a bit of a pain on some systems… but if you figure out/etc/security/limits.conf, or can use prlimit (or write your own; use RLIMIT_NPROC instead of RLIMIT_NOFILE), you can do “prlimit –pid 666 –nproc=3:3” to limit the processes on the system to a very small number. Say… only what you’re running inside […]