Trouble.org

You're in trouble now

Tag: security

  • … not dead yet

    Well… I decided to resurrect the old site. Lotsa reasons why nothing in the last several years, but primarily didn’t want to deal with work and their restrictions on social (sic) media and so on. Anyway, I’ve got a few things I need to write up… but I’m also now looking for work (always 2+…

  • how many factors, anyway?

    I’ve been using Google’s 2 factor authentication for awhile now, it’s simple to use and seems effective (and is probalby the most commonly used 2F on earth.) But how many factors is it, really? But perhaps I could try to distill this even a bit more, and go radical… is the 2nd factor really necessary…

  • stupid docker tricks #239192

    1) Limit max processes on container; unfortunately docker seems intent on me not doing docker stupid tricks, so this is actually a bit of a pain on some systems… but if you figure out/etc/security/limits.conf, or can use prlimit (or write your own; use RLIMIT_NPROC instead of RLIMIT_NOFILE), you can do “prlimit –pid 666 –nproc=3:3” to limit the processes…

  • <3 Policy

    Security Policies Let us praise, slay, and bury security policies together. A security policy is perhaps the best way to deal with the security monster. It concerns itself with business and organizational issues, and is designed to assist the organization succeed in spite of human nature. I sometimes not-so-glibly say that a security policy is simply…

  • certificates and security

    npm is the defacto package manager for the node.js javascript network programming environment thingee. The folks who make npm have taken a security leap: npm no longer supports its self-signed certificates Ah, they build the bastions of light and goodness, protecting us from the sins of the masses by standing tall. So… how do you install…

  • ITAR

    Well, not really.  Actually I.tar.gz.  In the gzip’d tar there are 3 files; little IPMI/BMC configuration file sucker, a suggested set of security recommendations that could be checked, and an even smaller program to parse the first program’s output. Because… well, no good reason, actually, one is in python3 and the other in python2. I…