TKO - Built for disaster

Upgrading this computer to Ubuntu 10.04. Don't know how that will end. The last upgrade gave a whole new collection of grey hair and I learned a few new cursing words along the way. Didn't lose anything except patience during those days of agony and fear. This time the Ubuntu guys promised me nothing could go wrong... oh wait... didn't they do that the last time too? Reports to follow. Update: OK. Took its time alright... and scared the crap out of me upon reboot. The GDM came up OK, 25 sec boot time, but then it was all black, just a cursor. Console revealed a lot of GdkPixBuf errors... but nothing that should be causing X the hiccups. So I logged out. Logged in failsafe. All is fine. Nothing in the error log. Weird. So login again normally. And yes. All seems to be fine. Good thing. Only thing that was annoying: the minimize, maximize and close button were on the left hand side. Not working for me. So changed them back to where they "should" be: Alt-F2 gco...

Yeah... blame porn for the recession McAfee SuperDAT Remediation Tool Hackers and social networking: A love story Richard Clarke's Cyberwar at Wired

Android on your iPhone

There will always be budgets. And budgets will similarly always be targets for cuts. The first article gives you a couple of tools to manage those requirements. Strengthen security on a smaller budget Fireshark finds malicious code on web sites Marc Maiffret - the quick rise of a teen hacker 10 lessons to learn from Pwn2Own contest iPad is childs play but not quite magical

Sorry, just couldn't resist on commenting on this article . I don't know how this guy/researcher comes up with these numbers and conclusions. Maybe he can blame it on sleeping while taking statistics classes, or his mother dropping him head first on the kitchen floor in the early days? I will not fight him about the numbers presented, they are I'm sure as accurate as they can be. But I must strongly disagree with the conclusions. Of course you need to change your password frequently, or rather infrequently, but at least once every 90 days (my recommendation is every 30 days). Cormac Herley, the top Microsoft researcher who wrote the report, makes the comparison of losing your keys to your apartment for instance. Would you not notice that as soon as you try to get into your household, at the latest? Would you then change the locks? Probably if you had your name and address tag attached to your keys. Or it just might happen that your household was raided already. So when it ...

This story is good and I'll tell you why. Well, there's a downside to it too. The latter is that it is aimed at the social networking audience. The good news is that it is easily translatable to the Internet as a whole. Follow these guidelines given for anything you do with a computer that will be or is connected to any kind of network and you will have a good primer for keeping things at an everyday secure level.

I just thought I would share a picture taken at our Operations Center of the guys who are responsible of the daily PCI log parsing. Don't worry about the patches on their shirts, these guys are known for their Easter pranks!

Oracle and Microsoft has released new patches. Makes Jack a less dull dude. An interesting story on nuns practicing Kung Fu, news to me at least. And of course I'm thinking of Lucid Lynx, due to be released in 14 days. The last upgrade made me curse or a few days since one of my laptops refused to give back my files afterwards. After changing of underware I finally managed to get hold of the files again. Backup, you say? Yeah right... for whimps, I say! Microsoft Security Bulletin for April 2010 Oracle CPU Advisory April 2010 Nepal nuns go Kung Fu Spotify denies being cheap PCI logging HOWTO (Part I)

I'm sure everyone is very thrilled and eagerly awaiting every random post with my deep insights and comments on happenings and news around the IT global warmings. Sadly enough it seems I have a lot of time on my hands daydreaming and developing structured thoughts and solutions for the tiniest problems. Even more sadly enough my fingers does not do the walk at the same pace as my mind. So blogging apparently takes its toll. In order to bring some order to this I have to choose from two evil things: to completely stop posting these blogs, or to simply cut down on elaborating thoughts and only serve links to pages I have found interesting since the last post. And I opted for the latter... hopefully I can keep that promise at least. So here goes: Breach on apache.org - passwords lost And more on that from Apache blogs PCI database security primer Flat-file databases overlooked Did the right thing - got fired