Found another good comic inspired by the Debian OpenSSL issue (no, it will never get too old for me). Forget where I came across this one though... just saw it in my downloads folder as I was doing some cleaning up. It's quite funny though, because it also pokes at …

Last week's TechMail is about one of my favourite programs, sudo: Delegate privileges to users with sudo. It's just a short primer on how to use sudo so for those that do know how to use it and manage /etc/sudoers, it's nothing special, but for those who don't, it's …

The last TechMail is Realize the flexibility of OpenSSH which talks about some of the basics of using OpenSSH, from setting up keys to modifying sshd_config for user/group access controls and different features per group/user. OpenSSH is another of my favourite tools. Of course, there's also the linsec …

As much fun as I had in France, I'm sure glad to be back in Canada. Six more hours until I get to see my girls! Can't wait.

France was fun, so thank you again, Anne, for pushing to get me to go. Very much appreciated. Despite leaving my iPod …

The announcement just went out for the newly formed oss-security group (which is a similar concept to the private vendor-sec group, but open to anyone interested in helping promote and work with security in open source projects). I've mentioned oss-security before, but the "official" PR just came out (thanks to …

We got a really really nice review of Mandriva 2008.1 over on Linux.com. Good stuff. It's nice to see the kind words for all the hard work the developers and community have put into this release.

This comic amuses me. It's originally at http://www.lessaid.net/fun/apt-get-wife.png

The Register has just put up an article entitled After Debian releases SSL patch, a world of hurt for security pros. On page 2, I'm quoted which is cool, but what isn't cool is that the two typos in the article happen in my "quotes". Strange thing is that it …

Last week's Techmail is Log Linux services with runit (although I'm pretty sure that's not the original title I submitted). Anyways, it discusses logging various services running under runit using svlogd, so you can completely separate services from each other. Syslog is cool, but too much stuff gets crammed in …

In light of the recent Debian debacle and to get the word out to more people, this week's Techmail is Find and fix weak OpenSSL/OpenSSH keys: Debian-based Linux vulnerability which more or less reiterates what happened with the Debian OpenSSL... fun... and points to the dowkd.pl script that …