How HTTPS/SSL Works
Four Words: "Then Some Magic Happens"It has become very clear to me recently that admins that are in charge of web clients do not fully understand the HTTPS (SSL) protocol. I was involved in one such incident recently that ended very badly due to a misunderstanding of this protocol. So, ... Read More
Trust Subversion
Calvin Klein Models Subvert Trust!recently, a report went out stating that Public Key Infrastructure (PKI) is vulnerable to trust subversion. I'll spare the gory details, as they are all in the original report - but basically MD5 collisions are used to make a certificate appear as though it is signed ... Read More
Answering the Ws of Your Network
This post is brought to you by the letter W...Before getting started, I would like to mention that this argument uses some generalities. I still feel that it is a good starting point to figuring out what makes a Security Practitioner different than and Network or Systems Admin.Note that a ... Read More
Having a Virus is NO FUN
Especially the Flu...Recently my wife and I both came down with a bit of the flu (luckily our 12-month-old son didn't). I spent one day trying to tough it out at work and while I was there I got a call about someone who had just heard about the Microsoft ... Read More
Explaining Penetration Testing
Pen Testing...No, not making sure your Bic has ink.Penetration Testing is the art of compromising someone's system(s) at their request and showing them the results in hopes that something will be done about it. There is a lot of debate about what really happens before during and especially after this ... Read More
Failure of Investment
Recently, a lot of attention was given to an off the cuff comment by Jack Daniel in response to a Return On Investment (ROI) conversation via Twitter - "The only viable measurement in security is failure." The reason that this comment got so much traction is that it is a ... Read More
Use Your Resources
To start off the blog, I would like to present some resources for finding great information. If you are ever stumped, a lot of times you can find what you need to get going again.Humor...Find all your buddies laughing at a joke that you don't get? Laugh anyways to save ... Read More
