how many factors, anyway?

 crypto, risk, security, tech  Comments Off on how many factors, anyway?
Feb 242017
 
how many factors, anyway?

I’ve been using Google’s 2 factor authentication for awhile now, it’s simple to use and seems effective (and is probalby the most commonly used 2F on earth.) But how many factors is it, really? But perhaps I could try to distill this even a bit more, and go radical… is the 2nd factor really necessary or just a productivity hit/distraction? Once per month or so it dutifully asks me […]

stupid docker tricks #239192

 cats, hack, security, virtual  Comments Off on stupid docker tricks #239192
Feb 022016
 
stupid docker tricks #239192

1) Limit max processes on container; unfortunately docker seems intent on me not doing docker stupid tricks, so this is actually a bit of a pain on some systems… but if you figure out/etc/security/limits.conf, or can use prlimit (or write your own; use RLIMIT_NPROC instead of RLIMIT_NOFILE), you can do “prlimit –pid 666 –nproc=3:3” to limit the processes on the system to a very small number. Say… only what you’re running inside […]

<3 Policy

 art, audit, dinosaur, philosophy, security, tech, work  Comments Off on <3 Policy
Dec 082014
 
<3 Policy

Security Policies Let us praise, slay, and bury security policies together. A security policy is perhaps the best way to deal with the security monster. It concerns itself with business and organizational issues, and is designed to assist the organization succeed in spite of human nature. I sometimes not-so-glibly say that a security policy is simply an expression of your desire. What do you want to see within your organization […]

certificates and security

 crypto, philosophy, security, tech, web  Comments Off on certificates and security
Aug 052014
 
certificates and security

npm is the defacto package manager for the node.js javascript network programming environment thingee. The folks who make npm have taken a security leap: npm no longer supports its self-signed certificates Ah, they build the bastions of light and goodness, protecting us from the sins of the masses by standing tall. So… how do you install npm, anyway? Ah, yes, you look it up on their site… let’s see… why, […]

ITAR

 audit, code, DARPA, data, fast track, ipmi, python, security, tech  Comments Off on ITAR
Feb 262013
 

Well, not really.  Actually I.tar.gz.  In the gzip’d tar there are 3 files; little IPMI/BMC configuration file sucker, a suggested set of security recommendations that could be checked, and an even smaller program to parse the first program’s output. Because… well, no good reason, actually, one is in python3 and the other in python2. I guess I’m testing your readiness. The programs are pretty heavily commented, especially ipmifreely.py, so […]