Thinking, occasionally.
-
Technical Leadership
Tarah Wheeler pointed out a SXSW panel titled “Can Diplomacy Save The Internet?” featuring Nathaniel Fick (the U.S.’s top technology diplomat). This brought up some thoughts that I’ve been having (and discussing with my coworkers) for a while about the backgrounds of people in some of the highest leadership positions of technical organizations. As one…
-
GIAC Test Prep
Information Security is a field with lots of certifications. And lots of certification study methods. I’ve experienced everything from the person who knows all the memory devices and will ensure you know the material you need to know, to the “instructor” who could barely read off the vendor-provided slides. However, GIAC is relatively unique in…
-
Mastodon, WordPress, and Verification
With the seemingly impending collapse of Twitter, many have started checking out Mastodon as an alternative for keeping in touch with the same people. And, while federation can make that a little different, I’d say it’s overall been going well. That said, one item that is very different is the concept of verification. With Twitter,…
-
Facebook Failure
For several hours on 4 October, 2021 Facebook disappeared from the Internet. Not just Facebook, but all of the services that Facebook provides. Big deal, right? It’s just a website. Just social media. Except Facebook isn’t just a website. It is an entire communications ecosystem that has worked very hard to get every person on…
-
Bridging Captive Portals
So, I’m working on my research project, and it involves a bunch of virtual machines (which I have set up according to @da_667‘s instructions from his book). Cool, too easy, everything works fine. …until I have to travel. Fortunately, my lab fits on my laptop. Unfortunately, when I connected to hotel Internet, none of my…
-
Supporting the Business
In Information Security (Infosec), one of the first things most of us learn is the concept of CIA – Confidentiality, Integrity, and Availability. This is such an important concept that is part of US Code: (1) The term “information security” means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction…
-
Notes
Here’s an example of what I’m *not* trying to do – I don’t want to add more crap to home networks; I just want juicy juicy log data. And to be able to understand it: https://www.sans.org/reading-room/whitepapers/hsoffice/protecting-home-devices-malicious-blacklisted-websites-36152 I’m definitely going to need to learn me some PowerShell to make this work – to dig through and…
-
Notes
Look at this thread for some thoughts on the autopilot problem: https://twitter.com/giorgio_montana/status/962740192334422017 Potentially useful article on DNS: https://www.sans.org/reading-room/whitepapers/analyst/securing-dns-emerging-threats-hybrid-approach-37692
-
Rebooting
Giving the blog a reboot. Please stand by while it finds a new personality.