strelitzia – the way I see IT

Crash Recovery of an OSX Lion FileVault disk

My Apple iMac started to behave weird, with some Kernel Panics, grey screens and general crashes. While I was going through this I was pretty sure it wouldn’t hurt me as I had a TimeMachine for continuous backups. How wrong could I be!

After all crashed hard on me, I still managed to open the encrypted harddisk and made some backups by hand. I consider this quite a neat trick, so let me explain and perhaps save your day as well.

(updated with extra info)

Read the rest of this entry »

Security is not about Technology, but Habits

At the IBM conference in Berlin I realized that I have been preaching some ideas about (internet) security for a while. The gist of this idea is that security in the ‘world of computers’ (also referenced as the internet, on-line or -nowadays- clouds) is not all about technical solutions. In fact the most important component are not the technical implementations. Besides, these are pretty easy, although most people try to hide that.

Let me be clear and frank: implementing a secure computer system is hard, requires quite some knowledge, but so is programming a reasonable application or a corporate website as well. I think that putting a house or car together is even much harder. It is just another set of skills and you probably need specialized personnel to handle the security stuff for you. It is still a skill set most intelligent people could acquire.
Read the rest of this entry »

Remembering unlimited passwords

You probably hate all your passwords, just like me. I have tons of them and I use tools like 1Password and KeePass to store them relatively safe with a masterpassword. I also have a few strong passwords I reuse a little too often; like anybody does. However, I also have some smart passwords which are unique and easy to remember. Especially for websites. Without telling my exact method, I can tell you my formula to easy to remember unique passwords.

Read the rest of this entry »

Decoding WebSphere passwords

Older versions of IBM WebSphere encodes its passwords with a simple algorithm. These passwords are not encrypted and it has been known for long that decoding them is fairly simple. So far the presented methods did not always suit my needs, so I created yet another decoder. It is created in JavaScript for reasons I will describe below.

Read the rest of this entry »

SSH login with a certificate (Windows)

One of the most convenient ways to login to a server with SSH, is with certificates. Although the principle is pretty well documented all over the internet, I still found some issues setting it up myself from my Windows laptop, hence this walk through.

I have tried to make a simple, condensed walk through. It does require that you know what SSH is and how to use PuTTY.

(I also created a Mac OSX walk through)
Read the rest of this entry »

SSH login with a certificate (OSX)

One of the most convenient ways to login to a server with SSH, is with certificates. Although the principle is pretty well documented all over the internet, I still found some issues setting it up myself from my Mac, hence this walk through.

I have tried to make a simple, condensed walk through. It does require that you know what SSH is and how to use it.

(I also created Windows/PuTTY walk through)

Read the rest of this entry »

No root, please!

When you are dealing with system security, you need to create a secure system from the ground up. This is why you should never need root access to perform your job, even installing software.

The principle of security lies in separation of duty and protecting the core system, even if a component fails.

If you expect a component to fail, and it will, then you are better prepared to deal with it than if it catches you by surprise. There are so many exploits out there that denying a failure or security breach is only for the stupid and naive.
Read the rest of this entry »

How to handle a security incident

Or: Coping with the Human Bug

If you work in IT, just like me, every now and then you stumble into something, you shouldn’t have. Most of the times this happens because someone has given you temporary access with too many privileges. 9 out of 10 times this is for convenience. And it is wrong.

Read the rest of this entry »

In Memoriam: Gato

Today Gato, my cat which is prominently on my homepage, died after 17 years of companionship.

Gato was raised by me and she trusted me completely. When she was young she was able to return small pieces of paper – a trick she learnt from our dog. She could also play endlessly with rubber bands, because she miraculously learnt to ‘shoot’ them away herself, by stretching it between her teeth and a nail.

I cannot remember her ever scratching or biting me and I was comfortable leaving all kids cuddle her. I trained her not to sit on anybodies lap unless there was a cushion. But if you got a cushion, she would definitely come and sit with you. Kids loved this.

She has had a bit of a health problem the last couple of years and got really ill this week. And today we found her dead.

Today our bond is broken forever. I’ll remember her at her best: lazy in the sun on the couch. Like in the picture.

It is a sad day.

tactile keyboard for iPad?!

I bought an iPad and like it a lot, apart from the smudges. However there is (at least) one thing I noticed which is weird: The on-screen keyboard has some decoration on the letter f and j. On a normal ‘real’ keyboard these little bumps are there to position your fingers, especially when typing blindly.

But the iPad keyboard is completely flat. So why did they put in these little stripes? I totally don’t get it. Is it overcompensating usability? Or just some form of eye-candy?

Just look at this picture, to see for yourself!