Month: March 2018

DNS for authentication of ownership, and orphanage

There ‘s a reasonably large use of DNS for things other than ‘Doman Name Serving’. The use of TXT records (SPF, DKIM, Let’s Encrypt, …) is widespread (as is CNAMES etc) for purposes other than ‘resolving a host’. For example,

Speedtest & BBR, consistency

I’ve written a lot in the past about how speedtest is not a reliable tool. There is simply too much variation. Its also measuring all of your access, your ISP’s core, and the interconnection, and the server on the far

Et tu Redis? Another spear in the ‘trusted environment’ ideal

It pains me to say this, but trust is over-rated. You see I grew up in an era of Internet trust. Where you could just expect people would not sniff your telnet password, that port-25 wouldn’t be abused to send

Tagged with: , , , ,

That’s the kind of password an idiot uses on his luggage: cloud security

Say it ain’t so, etcd is on the public Internets? And its leaking like a sieve. A Shodan query shows 2593 etcd services out there flapping in the breeze. More detail was covered in Giovanni Collazo blog, but, in a

The unbelievable weakness of identification/authentication, bank edition

So I am in the process of opening a new bank account + credit card with my existing institution. And I call to check on the status of the credit card. And the call goes like this: ring ring press