Trying to set up IPv6 each of my home nodes created an unusual challenge. All my laptops Just Worked(tm), but the mac mini server wouldn't. They were running the same OS version, Yosemite, but I couldn't get any IPv6 traffic to talk to my home server, running on an older mac mini. I even went…
Lately, there have been vendors who believe it is acceptable to break into encrypted and private communications, just because the packets partially traverse a given network. This isn't just wrong, it's dangerous. Few would argue that if you are using a Hotel wireless, that the hotel has the right to break into your communications, break…
You don't have to even have a computer to have your data compromised. AT&T stored SSN data in customer record data. This was exposed by the news article stating that AT&T Mobility (the cellular phone branch) had customer data, including SSN and CPNI exposed when three employees of a vendor with access to the records…
With the trend toward email bills, it is easy for them to get lost in the shuffle of email. It is harder to just put them on the counter and easily go through that pile looking for anything that might be a bill. I want a reminder. The problem is, Apple Mail doesn't have a…
A recent discussion led me to once again revisit the whole issue that a good sysadmin team is not made up of just one role repeated several times. I may use different roles than are used in some of the standard books about the sysadmin team, but here are a few I outline:
Another ramble about the Target issue. A recent article says that there were "thousands" of alerts from a new security product (identified as Fireeye, but claimed to be developed by the CIA, which the commercial product supposedly is not) that was deployed a few months prior to the breach. Each of these alerts was supposedly…
Any who claim that DOCX is "good enough", right now is not the time to present such claims. I just lost a couple hours fighting translation issues because of the lack of clear documentation of DOCX format so that no tool can write it the same way.
One of the common jokes about mathematics is that you can easily get four mathematicians in the room and none of them knows anything about what the other studies, even though they agree they are all mathematicians. System administration is rapidly approaching the same point. I have worked with several others in the field who…
Much digital ink has been spilled over the Payment Card Industry Digital Security Standard (PCI-DSS), the standard security rules that any vendor that accepts credit card payments agrees to follow. Many of the articles try to find a way to criticize the standard. "PCI wouldn't have stopped this breach, it's worthless!" being the normal battlecry….
The recent announcement of a third major retailer that has lost credit card information drives home several points I've tried to make over the years. Security cannot be an afterthought. Some of the complaints I've heard many a time is that security "gets in the way", or "doesn't make money, we can just absorb the…