Any half decent sysadmin will routinely test the security of his or her own systems. A good, and sensible, sysadmin will follow up those tests with an independent security audit by a professional company – preferably one which is a member of a recognised industry body (such as CREST). Finding the holes in your security …
June 2008 archive
Permanent link to this article: https://baldric.net/2008/06/20/backtrack-3-released/
Jun 19 2008
dental dos
On Tuesday 17 June, Craig Wright, supposedly “Manager of Risk Advisory Services” in an Australian Company called “BDO Kendalls”, posted a rather odd note to Bugtraq and a few other security related lists titled “Hacking Coffee Makers”. In that posting he said that the Jura F90 Coffee maker (which can apparently be networked) was vulnerable …
Permanent link to this article: https://baldric.net/2008/06/19/dental-dos/
Jun 05 2008
xkcd on the openssl fiasco
I’ve had my attention drawn to Randall Munroe’s take on the openssl coding change problem. Beautiful.
Permanent link to this article: https://baldric.net/2008/06/05/xkcd-on-the-openssl-fiasco/
Jun 02 2008
debian and the openssl flaw
Ben Laurie wrote about the Debian SSL problem a couple of weeks ago. That particular post has attracted a huge response which is well worth reading if you care about free open source software and/or privacy/security issues (or even if you don’t). The key point to take from the discussion is that about two years …
Permanent link to this article: https://baldric.net/2008/06/02/debian-and-the-openssl-flaw/
Jun 02 2008
recursion: see recursion
I have written about how I use one of my slugs to backup my internal files via rsync over ssh. Well it turns out I made a pretty silly mistake in my rsync options. I thought I’d been careful in specifying the files I specifically wanted excluded from the backup (ephemeral stuff, thumbnail images, some …
Permanent link to this article: https://baldric.net/2008/06/02/recursion-see-recursion/