This is a topic that I have been thinking about for a long time and finally started creating some content for it. The idea is to create a series of posts, workshops and presentations that will help create security awareness at many levels. The topics will go across the board but I will be starting with those I think will have a greater impact in reducing the amount of low-hanging fruit out there.
I normally try to stick to posting original content on my site, but I ran across this post today while doing some research for the Hacker High School project.
It presents a really well structured analysis of the communities that support and give life to the main Cloud Computing projects: OpenStack, CloudStack, Eucalyptus and OpenNebula. All the information was extracted from public forums and code management systems.
You can find the post here: http://t.co/qmwUUcsiHu
The first hand-held mobile phone was demonstrated by Motorola in 1973 and since 90s, mobile phones have become one of the technologies that have the biggest impact on the way we live. Cell phones or mobile phones have reached an impressive 96.2% of the world population and have penetrations rates of over 100% in developed nations. This information technology has spread faster that any other, including TV, Radio and the Internet. Can you remember how we lived before cellphones?
Fritz!Box is a series of home routers from AVM, which can do a lot. Among the features is VPN support: site-to-site and client-to-site (road warrior).
I wanted to play with the road warrior setup, because it is always practical to have a way back into a network: for privacy if on a hot spot or just to be able to access hosts on it.
Fritzbox deliverers it own Windows / Mac VPN client (FRITZ!Box VPN Connection) which works pretty good, but as a Linux user I would really enjoy native support (so I don’t have to get access through a VM, which works pretty well by the way).
After multiple failing tests and toggling all possible vpnc configuration options, which aren’t that many by the way, it was time to play: find the differences!
Have you ever questioned the security best practices?
In the process of building / designing the infrastructure for a new project the following question was asked: “shouldn’t we use a reverse proxy to secure or protect the web servers?” Of course the first question I asked myself is “do reverse proxies provide real security?” or is this a best / common practice that has been adopted without foundation? Keep Reading →
I’m impressed how some software Vendor have resisted to provide support for Red Hat Enterprise Linux 6 (RHEL6) and its derivates for their products. This week I ran into two examples:
I had the pleasure of attending WebOS Developer Workshop in Mainz on Saturday Thgtwi (@thgtwi) did a great job with the organization. SuVuK(@SuVuK_open) did a nice report on the contents of the Workshop in his blog.
I took the opportunity talk about Security in the WebOS platform. I ran some tests based on WebOS 3.X, which is currently available for the HP TouchPad and is being opensourced as Open WebOS. Keep Reading →
This post was originally going to be dedicated to Karate, but I stumbled upon a reflective article: “Mind Control” by Pete Herzog and decided to try to build on top of it.
Pete, makes reference that given the speed of our sensors and our brain we basically live in the past: 80 ms in the past to be precise. So since we live in the past, our mind has been made up before we actually know or realize it; this enables us to perform complex tasks in “mental autodrive” or mental cruise control and how much energy is necessary to change mental patterns. Keep Reading →