We're all impatiently waiting on quantum-proof asymmetrical crypto algorithms to
become commonplace. Until that happens, we must all live with the assumption
that all currently used asymmetric crypto will be trivially decryptable once
quantum computers become powerful enough. This is probably the reason why
government agencies have been wholesale logging …
I am working on documentation for an upcoming security audit and needed
a way to display how various externally available ports and URLs mapped
to internal VMs, clusters, and services. I didn't want to draw them
manually in various charting tools because this is the kind of data that
quickly …
The Linux Foundation Open Source Summit is happening in Beijing next
week, and some of the topics I've had to cover in my capacity as "the
security person" were from members of the IT staff asking my advice
about the best strategy for bringing laptops and being able to do …
I wanted to have a quick way to find out which systems had a particular
set of outstanding errata. There are actually quite a few solutions that
will do that for you, but I wanted a free/libre way of doing it that
would integrate with our existing open-source Puppet …
Howler is a small utility I wrote to be notified when my users were
logging in from unusual locations. I wanted to know if someone who
normally logs in from Canada was suddenly logging in from Korea -- and
especially if they were suddenly rapidly hopping between two different
locations. It's …
In my keynote to the 2015 Linux Kernel Summit I compared the way we
currently approach IT security to the way car makers approached
automotive design in the 1960s. Back in the day, car companies
concentrated on adding more engine power, improving vehicle reliability
and tweaking the overall body design …
Obligatory first post is obligatory. I guess I've grown fond of using
pelican for kernel.org, so I'm going to adopt it for my own needs as
well. Besides, I find writing my articles in VIM so much more appealing
than any kind of web tool like Medium.