Posts

BLUF Competing priorities, cost-consciousness, and lower-hanging security fruit were the reasons penetration didn’t make it into my AOP this year. I’m not in a highly regulated environment, though, so if regular penetration testing is a requirement, then your options are limited, but here are some things to consider. Analysis Each offensive security consultancy and penetration tester has their own methodlogy. Penetration testing isn’t guaranteed to find your most prevalent vulnerability, nor your most difficult, movie-plot security threat....

CVE-2024-3094 highlights the strengths and weaknesses of Open Source.

Life’s busy. Also, it’s hard. Software that breaks compatibility or predictability makes life harder. Returning to a project after years off requires re-orientation of architecture and tooling. Although difficult, it’s a fair assumption to make that one should need to re-orient on an architecture: understanding where everything goes is natrual. The tooling, on the other hand, should remain stable. Familiar. Predictable. Imagine moving out of your childhood room to attend university or join the military....

I describe how Pillars, Pipelines, and Vaults is the best Life Management system I’ve found

Add MFA to sudo and gnome in Fedora using a Yubikey and authselect

RMS, Dan Kaminsky, FLoCS, Fedora

This post covers using AWS Config as a starting point to find public s3 buckets in your organization.

This article covers previous work and introduces a warning

This post covers increasing security for a static site hosted on s3 using cloudfront and cloudflare

Today on my Mastodon feed, several folks were discussing a new tool by TheMarkup called Blacklight. This tool is billed as a “real-time website privacy inspector” that showcases the ad and tracking tech deployed by a website. I shared this tool with several colleagues and it engendered a stimulating conversation surrounding company commitment to privacy. I argued during this conversation that it would be worse for a company to claim to value customer privacy and then have Blacklight reveal otherwise, than to have made no such claim in the first place....

The fresh new look of this site is provided by the Academic Hugo Theme. Because I value your privacy just as I value my own, I needed to modify this theme to not make use of Google Web Fonts because use of this service enables Google to further track users. In this guide, I’ll add the Montserrat font by Julieta Ulanovsky as the heading font for this blog: TL;DR - Recap...

When my Dad turned 70, I couldn’t decide what to get him. He claimed to not want anything leaving me in a bind. I thought for days about what to get him and the idea I finally settled on seemed inadequate to me, but it wound up being a hit: I presented him with a hand-written book containing 70 memories of him throughout my life. He got emotional over this gift, and for a man as stoic as he is, this was a surprise....

I’ve updated this site’s appearance with a new hugo blog theme

Brave and Firefox bill themselves as privacy champions. How do they fare at fingerprinting protection?

Use AWS Config to locate AWS resources

I’ve joined the Free Software Foundation and so should you!

I’ve switched to Mastodon and so should you.

I’ve adopted Linux on the desktop. Here’s how I adapted my macOS workflow…

The easy way to compile Emacs 27 on macOS using Homebrew

This post covers how to secure an S3 bucket serving content through Cloudflare