Monday, April 27, 2009

mount RW in single user

mount -o remount,rw /


Wednesday, April 8, 2009

Venetian wingsuit

wingsuit in the venetians canals...


Wednesday, April 1, 2009

RIP Shane McConkey

Some people think that if you're not living on the edge, you're taking up too much room... He is definitely living on the edge... what kind of crazy guy flies through a canyon?!?


proxy firewall with Bill Cheswick

28th episode of The Silver Bullet Security Podcast.
Interview with Bill Cheswick

Bill Cheswick coined the term Proxy FW

At the moment everything is working, ppl buy from & search with Google...

Back in 1997 ppl thought I have a FW, I must be secure... that sort of naivete went away quickly
Back then port 80 was pretty much a empty place.

In 1991, at AT&T we have FW and they're pretty secure, we could sell it, but it was far ahead of time

Phone companies has to tap customer conversation to monitor phone quality and circuit stuff...

One of the direct application of mapping the network (Lumeta project) is to find routing loops.

lenght: 23:59m

Labels: ,

Web 2.0 and SOA security with Gunnar Peterson

27th episode of The Silver Bullet Security Podcast.
Interview with Gunnar Peterson

service-oriented arch SOA
security is really risk management

in web 2.0 world, we're going to have mashup - data coming from all kinds of source - and we're going to mash them up with a nice little Ajax screen inside of a browser, whicn will all work together at run time.

Butler Lampson calls the gold standard of information security:
authentication, authorization, auditing
it's called the gold standard because they all start with Au

Security ppl whine that we havent even secure Web 1.0 appl yet, and now we're moving to Web 3.0.... Look at OWASP (Open Web Appl Security Project), how much that is actually being implemented in the real world... it tells you all you need to know about the gaps in Web 1.0.

the idea behind federated identity is the technical solution that maps directly to the way almost every single business actually does business in the real world

federated identity approach says that it's the relationship between an identity provided and a service provider - through message-level security - to sign and encrypt our credentials, pass them across a potentiall untrusted system, and do business together.

that's how your mortage gets processed,
that's why you can use an ATM machine in the Bahamas or Norway

M$ is the leader of web 2.0
another leader Ping Identity

Alternative to the bix Bell-LaPadula matrix: separate the authentication logic from authorization logic

a single best book on consultancy: Secret of Consulting: A Guide to Giving and Getting Advice Successfully (Dorset house).

lenght: 27:56m

Labels: ,