How Jeroen Zomer sees IT

A method for storing private keys offline

May 21st, 2012 Posted in security, technology, work | 7 Comments »

One of the issues with Public Key Infrastructure (PKI) has always been a way to safely store and backup the private keys. Most of the time this is done by using a keydatabase for storing the keys or even an HSM in larger organizations. And the only backup solution I encountered so far was burning the key to a CD-R or storing it on an USB stick and putting them in a (physical) vault, controlled by the Security Office.

I have a smarter idea for offline backups!

Read the rest of this entry »

Crash Recovery of an OSX Lion FileVault2 disk

December 18th, 2011 Posted in security, technology | No Comments »

My Apple iMac started to behave weird, with some Kernel Panics, grey screens and general crashes. While I was going through this I was pretty sure it wouldn’t hurt me as I had a TimeMachine for continuous backups. How wrong could I be!

After my Mac really crashed and my TimeMachine proved to be rubbish, I still managed to open the encrypted harddisk and made some backups by hand. I consider this quite a neat trick, so let me explain and perhaps save your day as well.

(updated with extra info)

Read the rest of this entry »

Security is not about Technology, but Habits

October 19th, 2011 Posted in security, technology, work | No Comments »

At the IBM conference in Berlin I realized that I have been preaching some ideas about (internet) security for a while. The gist of this idea is that security in the ‘world of computers’ (also referenced as the internet, on-line or -nowadays- clouds) is not all about technical solutions. In fact the most important component are not the technical implementations. Besides, these are pretty easy, although most people try to hide that.

Let me be clear and frank: implementing a secure computer system is hard, requires quite some knowledge, but so is programming a reasonable application or a corporate website as well. I think that putting a house or car together is even much harder. It is just another set of skills and you probably need specialized personnel to handle the security stuff for you. It is still a skill set most intelligent people could acquire.
Read the rest of this entry »

Remembering unlimited passwords

June 8th, 2011 Posted in security, technology, work | No Comments »

You probably hate all your passwords, just like me. I have tons of them and I use tools like 1Password and KeePass to store them relatively safe with a masterpassword. I also have a few strong passwords I reuse a little too often; like anybody does. However, I also have some smart passwords which are unique and easy to remember. Especially for websites. Without telling my exact method, I can tell you my formula to easy to remember unique passwords.

Read the rest of this entry »

Decoding WebSphere passwords

May 17th, 2011 Posted in security, technology, websphere, work | 28 Comments »

Older versions of IBM WebSphere encodes its passwords with a simple algorithm. These passwords are not encrypted and it has been known for long that decoding them is fairly simple. So far the presented methods did not always suit my needs, so I created yet another decoder. It is created in JavaScript for reasons I will describe below.

Read the rest of this entry »