Category: all
More on the ‘now I know its not secure dilemma’
OK, from the previous post you see that I was experimenting with a Static Application Security Testing (SAST) solution. And, I was shocked and appalled by the problems that came from the upstream. See the table below, the dots on the left, each represents a problem. Red means ‘All your bases are belong to us’…
To know and do nothing, or to not know: which is worse
Just starting to integrate a Static Application Security Testing (SAST) system. I’m using Clair. And I thought I would start with something quite simple, something I wrote none of. Take 1 Ubuntu:18.04, add a dash of django, and… O No. Look at the list. (And before you make some comment about ubuntu or django, its…
Dual identity git
So we’ve all had the problem of getting me@home.com in the commit history of your work repo, or vice-versa. This causes problems with your GPG commits since your me@home email is not verified. You can ‘solve’ it by putting hooks in to check for, and reject, and then religiously remember to set ‘git config user.email’…
Scared? Or Bored? Terrorists and the power grid, a real page turner
This is not much of a book review. Head over to http://nap.edu/12050 if you want to read this yourself 🙂 If you don’t want to read it, tl;dr: IT insecurity exists in many devices, and some of them control the fate of countries. Earlier I wrote about some of the SCADA problems as found through everyone’s favourite…
The agony of NFS for 25+ years of my life! Then and now. ClearCase and Kubernetes
My first experiences with NFS (Network File System) started in 1989. My first term at university, a set of vax machines running BSD Unix, some vt220 terminals, and ‘rn’. My first understanding of NFS came a few years later. ClearCase. I was working at HP, the year was 1992. Most of us on the team…
