infosec is simple

Thu 29 September 2016

Information security (infosec) is very simple and very hard.

Infosec is simple: there are only three steps:

  1. Figure out how you are giving information to people.
  2. In each case, evaluate whether you want to do that.
  3. Stop giving information to people who you don't want to have it.

Actual implementation …

the commonweal

Mon 26 September 2016

There are, to date, three books in Graydon Saunders' Commonweal universe. They are not a trilogy, though they involve overlapping sets of characters in more or less linear timeflow -- so it's a series. The March North, A Succession of Bad Days, and Safely You Deliver are available on Google and …

secrets of mutt

Mon 26 September 2016

mutt is a mail user agent, like Thunderbird or GMail. Unlike GMail, it is not tied to a specific mail service, and unlike Thunderbird, mutt does not have a graphical point-and-click interface. mutt runs inside a terminal (like xterm, iterm or just about anything that you can use ssh in …

printer advice

Mon 19 September 2016

Fall must be the season of printer buying, as people start up printers that they haven't used all summer and discover that the $70 printer now needs $80 of ink. This is my advice for ordinary people, as of Fall 2016:

For black-and-white printing: Buy a Brother laser printer with …

ten x

Thu 01 September 2016

In Peopleware, DeMarco and Lister write:

  • Count on the best people outperforming the worst by about 10:1.
  • Count on the best performer being about 2.5 times better than the median performer.
  • Count on the half that are better-than-median performers outdoing the other half by more than 2:1 …

trusted, not necessarily trustworthy

Tue 30 August 2016

In security nomenclature, "trusted system" or "trusted device" does not mean the ordinary usage. It does not mean "we think this system is trustworthy".

It means "we have no choice but to trust this system".

The two are not even remotely synonymous, and the difference has probably been literally fatal …

enthusiasm and frustration

Fri 19 August 2016

Enthusiasm is having someone ask you for a favor and immediately knowing that you can do that even better than they are imagining.

Frustration is having someone ask you for a favor and immediately knowing that they don't know that what they want is somewhere between improbable and impossible.

Competence …

debian backports pinning

Wed 17 August 2016

Let us suppose that you are running Debian stable, but there are some packages that you would like from the backports archive. However, you don't want all backports replacements to be brought in.

In etc/apt/sources.list.d/backposts.list add the backports repo. As I write this, Jessie …

getting the last word in

Fri 12 August 2016

The value of getting the last word in is rarely positive.

I have engaged in a number of email threads which roughly follow this pattern:

POI (Person on the Internet): Technical thing, technical-political thing, wrong technical thing.

Me: Actually wrong technical thing is wrong; have you tried right technical thing …

optimizing for the wrong thing

Thu 11 August 2016

I just read about Seagate's forthcoming 60TB SSD and Toshiba's 100TB SSD.

Gee, that's a lot of storage. For now. (Review again in ten years, when you have a pair of 100TB solid-state disks in RAID1 on your desktop.)

Supposing that they have up-to-the-minute SAS 4 controllers they can be …

swiftly, he said

Sat 06 August 2016

"And that's... six close parentheses," Tom lisped.

"I'm not going to use Smalltalk," Tom objected.

"Damn it all and each component part!" Tom recursed.

"I put all 3 billion transistors on the chip myself," Tom fabricated.

"A loop is a loop is a loop..." Tom reiterated.

"Just look at this …

books: to be read

Fri 05 August 2016

It is an unusual day when I have more than two or three books lined up on the infamous (and, indeed, largely virtual) To Be Read Shelf.

This is such a day.

Waiting for me to read them:

Full of Briars, Seanan McGuire. A novelette about a side character in …

do they teach recruiters to be aggressive?

Fri 15 July 2016

"Lindsey" from W-- called me at the office. That's fine. She said that she saw our posting for a junior systems administrator and she thought she had the perfect candidate.

I stopped her and told her that, unfortunately for her, we had made an offer and it had been accepted …

the problem with broadwayhd

Tue 05 July 2016

Broadway, like Hollywood, has a problem. "They" -- there are about forty Broadway theaters, 31 of which are owned by three companies, 3 of which are run by non-profits -- produce an expensive entertainment service which draws tourists but utterly fails at clearing the potential market. That is, they could sell a …

recently read books

Sun 19 June 2016

  • Daniel O'Malley: Stiletto (Rook volume 2)
  • Matthew Phillion: The Indestructibles (and volumes 2, 3, 4)
  • Stephen King: On Writing
  • Derek Landy: Demon Road (and Desolation)
  • Jay Posey: Outriders
  • Ken MacLeod: Dissidence
  • Mishell Baker: Borderline

O'Malley follows up the tight-single-viewpoint The Rook with a multiple viewpoint political/espionage/action fantasy about …

© -dsr-. Send feedback or comments via email — by continuing to use this site you agree to certain terms and conditions.

Built using Pelican. Derived from the svbhack theme by Giulio Fidente on github. .