Last year I wrote a retrospective and was interesting to read it at the end of this year so I've decided to do it again. What can I say about 2017?
From a work perspective, this was a crazy year. The vulnerabilities we had to deal with this year were pretty significant, things like Blueborne and KRACKS and others that created a lot of work for the team. To say it was ...
Read More
I've read a few articles lately about working from home and some best practices for working remotely, and other topical guidance around the subject of working from home. I always find these articles fascinating because I want to see if there's something I am missing or doing wrong. Maybe there's a way I can boost my own productivity. Some insight. Something.
Inevitably I finish the article, sigh, and carry on. The ...
Read More
Today is the first day of Red Hat Summit 2017, this year in Boston. I'm not there, but am thoroughly enjoying watching the keynotes and other interviews via TheCube on Summit. One of the big things that we've been working on for a while that was announced today is the Container Health Index within our Red Hat Container Catalog. I'm not going to go into detail here as I've already ...
Read More
During the day I'm a manager of one of the greatest security teams on the planet (in my biased estimation), but at night (and random times throughout the day), I'm a sysadmin tinkerer. There's just something about goofing off with operating systems that appeals to me; this is likely what caused me to devote five years of my life to working on Annvix back in the day.
I've been running a local IPA install ...
Read More
Quick note to indicate that I've revoked my old GPG key (key id 0x94BE833CE8B86CAB) and replaced it with my new one (key id 0xBD51CB9670DF9DE7). My new key's fingerprint is:
1810 81E8 178E 4692 03F6 BFD0 BD51 CB96 70DF 9DE7and it is signed with the old (revoked) key. You can download the key directly from me or from pgp.mit.edu which is where you can also see the old key is revoked.
Read More
You know your wife is a keeper when she gets you a YubiKey 4 for your birthday! I was really excited about this YubiKey because of its support for storing your GPG private keys and also for an SSH private key, in addition to the U2F (Universal 2nd Factor) support. I've been using earlier versions of the YubiKey for OTP (one-time password) and U2F, but the new version was especially interesting to me because of ...
Read More
I've been spending a lot of time thinking about this past year and all of its challenges and accomplishments, the moments of growth and clarity, the opportunities taken and the opportunities missed. I'm not one to get deeply personal in public, and won't get into a lot of the nitty gritty as I write this, but the end of a year is an opportunity to look back and do some self-reflection. I'm a ...
Read More
I've been using GitLab for a while now and I really like it. I can't objectively say whether it's better than GitHub or not (I have a few projects on GitHub but I rarely make any changes to them and even more rarely use the web UI), but one of the things I appreciate about GitLab is the fact that I can run my own copy of it and store my own stuff in ...
Read More
So it's been noted in a few places that 2017 is the year that SHA1 for HTTPS is doomed. Microsoft has deprecated SHA1 in Edge and Internet Explorer browsers and in February 2017 will be blocking them entirely. Google is doing the same thing with Chrome starting January 2017, as is Firefox.
Most sites today don't use SHA1-based SSL certificates (which is good) and there are sites you can go ...
Read More
This year we celebrated 15 years of Red Hat Product Security. I've not been with Red Hat that long, but I've been doing product security work for longer (slightly over a year longer). I was asked to write a little something to stroll down memory lane with the inter-webs. That post is not this post. =) You can read the details on the Red Hat Security Blog:
From There ...
Read More