Requiring Facebook login

No Facebook, No Service?

September 10, 2013 By 5 Comments

The Idaho Statesman, my sort-of-local newspaper, just announced that it will follow the lead of the Miami Herald and no longer allow readers to post anonymous comments to online stories. Starting September 15, readers who want to make comments will have to login through Facebook

Introduction to GNU Privacy Guard encryption software (GPG)

GPG Tutorial

This was once just a page that contained my public encryption key. It has now grown to become an introduction to how and why to use the GNU Privacy Guard encryption software (GPG) to protect your privacy. It is continually growing. If you have questions, corrections, suggestions, locations for tools or servers, or GPG-related interesting stuff, please contact Alan Eliasen. Thanks!

 

 

Someday I’ll setup my own Linux server…

My First 5 Minutes On A Server; Or, Essential Security for Linux Servers

Server security doesn’t need to be complicated. My security philosophy is simple: adopt principles that will protect you from the most frequent attack vectors, while keeping administration efficient enough that you won’t develop “security cruft”. If you use your first 5 minutes on a server wisely, I believe you can do that.

Any seasoned sysadmin can tell you that as you grow and add more servers & developers, user administration inevitably becomes a burden. Maintaining conventional access grants in the environment of a fast growing startup is an uphill battle – you’re bound to end up with stale passwords, abandoned intern accounts, and a myriad of “I have sudo access to Server A, but not Server B” issues. There are account sync tools to help mitigate this pain, but IMHO the incremental benefit isn’t worth the time nor the security downsides. Simplicity is the heart of good security.

and also:

First 5 Minutes Troubleshooting A Server

Back when our team was dealing with operations, optimization and scalability at our previous company, we had our fair share of troubleshooting poorly performing applications and infrastructures of various sizes, often large (think CNN or the World Bank). Tight deadlines, “exotic” technical stacks and lack of information usually made for memorable experiences.

The cause of the issues was rarely obvious: here are a few things we usually got started with.

Manually updating Java

There is a Java exploit out in the wild right now and Only 9 of 22 virus scanners block Java exploit.

Oracle released an emergency update (java version 7 update 7) yesterday evening (Aug 30, 2012).

This is how I manually updated my Java runtime on a windows 7 64 bit machine

  • run C:\Program Files\Java\jre7\bin\javacpl.exe (note: use the control panel for the latest version your have installed on your system — on my windows 7 32 bit system it’s in C:\Program Files\Java\jre7\bin\javacpl.exe)
  • click on the “Update” tab (second from the left)
  • click on the “Update Now” button (bottom right)
  • wait for the installer to load/ click on the obvious next buttons / make sure to uncheck whatever junk they want to install on your system (e.g. Ask toolbar, McAfee Security Scan Plus, etc.)
  • wait while it installs, click on the “Close” button and Bob’s your uncle.