Crypto Jargon

Crypto Jargon Hash Functions

A hash function is a completely public algorithm (no key in that) which mashes bit together in a way which is truly infeasible to untangle: anybody can run the hash function on any data, but finding the data back from the hash output appears to be much beyond our wit. The

Read More » Crypto Jargon

Security Pages that Count

Security Pages that Count

With so many sites that offer helpful security information, this is my start of the must read sites.

Latest Reports ThreatPost – latest news of exploits HackerNews Browsers How they Work Browser Security Handbook Best Practices SSL Deployment Guide SSL Problems Survey of the SSL Implementation of the Most Popular Web

Read More » Security Pages that Count

Web Browser Security for the Layman

We hear that the connection between our browser and a website like amazon.com is encrypted when we use https but how does that actually work? Learn about certificates and encryption in easy to understand terms.

Read More » Web Browser Security for the Layman

Building vs Buying a Dropbox Solution

Building vs Buying a Dropbox Solution

Privacy, Security, Control, and Easy are trade offs we need to make on deciding our best solution.  Recently, I found this option in cloud hosting from a NANOG  thread. After installation and observing the speed, I was more impressed and wanted to know more and found this video of

Read More » Building vs Buying a Dropbox Solution

Self-Signed Certificates can be Useful

Self Signed Certificates another Layer

There is a lot of Internet press from companies and experts alike that self-signed certificates have to go away. It is a little unfair because they do have their place and if used within these limitations might even increase your security for certain edge cases. A few things to remember

Read More » Self-Signed Certificates can be Useful

Zimbra 32 to 64 bit migration version 2

Migrating Zimbra 7.2 32bit to 64bit on centos 6.5

I did this procedure before and I had a longer outage than I wanted. This time, we are doing it without taking down the old server with a very slight outage for just a few minutes.  I also use front end non zimbra MX mail servers

Read More » Zimbra 32 to 64 bit migration version 2

Spoofing GSM Cell Base Stations

Researcher Chris Paget pulled off a stunt at the Defcon security conference Saturday that required as much legal maneuvering as technical wizardry: eavesdropping on the cell phone calls of AT&T subscribers in front of thousands of admiring hackers.

Read More » Spoofing GSM Cell Base Stations

Registrar Domain Name Transfer

Registrar Domain Name Transfer

This use to be a very simple process but in recent years steps have been added to prevent numerous abuses.  Unfortunately, we now have a process where registrar’s intentionally hold up legitimate transfers which is the point of this short note.

Recently I received an email from one of my current

Read More » Registrar Domain Name Transfer

DEFCON 17 – SQL Injection Attacks

SQL Injection Attacks

I don’t know about you but part of my education has always been to study code and learn the latest attack techniques.  I enjoy reading code and have been doing this for longer than I can remember.  Much of this code can be found with a google search or on some of

Read More » DEFCON 17 – SQL Injection Attacks

Google I/O 2013

Take Away from Google I/O 2013

One of the problems with being too close to something is that you tend to be early on adoption.  I would  like to think with maturity and  wisdom comes patience to wait before jumping in.  After watching last year’s google i/o keynote, I immediately pre-ordered a 16GB nexus 7

Read More » Google I/O 2013