February 2010
14 posts
2 tags
Properly Deploying a Private CA Cert in Ubuntu
I think the true strength of the certificate PKI is the ability to set up a CA for your organization and mint your own certs. You get the advantage of proper certificate validation without the cost of paying a third party to validate your identity (snicker).
There are copious sets of instructions on how to create your own CA but I had a very difficult time finding proper instructions on...
The Secret Life of Chaos →
If you’re even remotely interested in science or mathematics, set aside an hour to watch this.
2 tags
Mitre's 25 Most Dangerous Programming Errors →
I look at those things and I fear that people will look at it as “Oh, as long as I do these n items I’m fine.” Those people convince themselves they’re safe when they’re not. If your application has error #26, or #52, or #375, it’s still broken, it’s still insecure. The attackers don’t care if your application has RFI, SQL injection, or has a...
2 tags
Microwave + RFID = Plasma
It would appear that RFID chips in a microwave make plasma, and plasma melts glass microwave turntables. While I understand the latter, I was not expecting the former. The impressive thing was it kicked off at about 2.5 seconds. I wonder if it would have been “safely” destroyed in a glass jar submerged in water, this being a bank card.
Hopefully I’ve never made claims that...
2 tags
PCI
The security of a transaction-processing network varies inversely with the value the operators place in PCI.
WatchApply directly to brain.
2 tags
0(mfg)day
The term 0day has lost any significance in meaning. The original meaning was that a public vulnerability disclosure was made and the same day someone produces a working exploit.
Now 0day can mean a lot of things. It usually means something to the effect of “an exploit for which there is no patch available” but depending on who you ask it might mean “an exploit that’s leet...
1 tag
Lock Picking Observations
In a previous comment I noted that I intended to share my observations on beginning lock picking. I’ve only really been raking so far, not per-pin picking.
First, it’s very easy to apply too much pressure to the torsion wrench. Start by applying just a little bit of pressure and slowly increase the pressure. The wrenches with the half twist will absorb some of the pressure by bending...
1 tag
4chan
4chan is an Internet fever dream.
1 tag
Vint Cert on Cloud Computing: Everything Old Is... →
2 tags
Spoofing For Charity... or Not
The media is reporting a lot about SMS charities. You send a text message to a certain number and your cell phone company bills you $10 or whatever. The company keeps a percentage or flat fee and passes the rest on to a charity. It’s a very convenient way for charities to get money. Of course it’s huge for Haiti charities.
What if you set up your own SMS “charity”. Then...
1 tag
Ain't No Mountain High Enough
Some of my friends know that I have clinical depression. For the most part I have it licked; I was on medication for a couple years while I learned how to deal with it. Now I occasionally go through some bad patches but they usually don’t go on for longer than a week. I’ve learned that if I just wait them out they’ll pass. I had been stuck in one for all of January which finally...