Q&A with Gen. Philip Breedlove
Julian E. Barnes, Wall Street Journal The Wall Street Journal sat down recently with Gen. Philip Breedlove, the top commander of U.S. and alliance forces in Europe, to discuss tensions with…
Author: CySecBot
Validating Satoshi (Or Not)
SUMMARY: Yes, this is a scam. Not maybe. Not possibly. Wright is pretending he has Satoshi’s signature on Sartre’s writing. That would mean he has the private key, and is likely to be Satoshi. What he actually has is Satoshi’s signature on parts of the public Blockchain, which of course means he doesn’t need the private key and he […]
McCain Delivers His Own Foreign Policy Speech
Evelyn Rupert, The Hill Sen. John McCain (R-Ariz.) delivered his own wide-ranging foreign policy speech as he took the floor for the weekly GOP address. McCain bashed President Obama’s…
FY17 National Defense Authorization Act
Rep. Mac Thornberry, HASC WASHINGTON – Today, Chairman Thornberry released his proposal for H.R. 4909, the National Defense Authorization Act for Fiscal Year 2017. To view the bill text…
How to Report Your Performance Test Results Like a Pro
Performance tests try to reduce the risks of downtime or outages on multi-user systems by conducting experiments that use load to reveal limitations and errors in the system. Testing usually involves assessing the performance and capacity of systems th…
“The Feds Have Let The Cyber World Burn. Let’s Put the Fires Out.”
I’ve made some comments regarding Apple vs. the FBI at Wired.
I Might Be Afraid Of This Ghost
CVE-2015-7547 is not actually the first bug found in glibc’s DNS implementation. A few people have privately asked me how this particular flaw compares to last year’s issue, dubbed “Ghost” by its finders at Qualys. Well, here’s a list of what that flaw could not exploit: apache, cups, dovecot, gnupg, isc-dhcp, lighttpd, mariadb/mysql, nfs-utils, nginx, nodejs, openldap, openssh, […]
A Skeleton Key of Unknown Strength
TL;DR: The glibc DNS bug (CVE-2015-7547) is unusually bad. Even Shellshock and Heartbleed tended to affect things we knew were on the network and knew we had to defend. This affects a universally used library (glibc) at a universally used protocol (DNS). Generic tools that we didn’t even know had network surface (sudo) are thus […]
Next Generation IDaaS: Moving From Tactical to Strategic
Today, I posted a blog entry to the Oracle Identity Management blog titled Next Generation IDaaS: Moving From Tactical to Strategic.
In the post, I examine the evolution of IDaaS and look toward the next generation of Enterprise Identity and Access Ma…