I finally did it — I achieved one of my lifelong goals: something I wrote was published on nytimes.com! Not exactly in the way you might imagine though, as the file that was published was a brand new security.txt file. You can read all about the concept and how it helps improve the security of The Times over at the Open blog, where the article I wrote was just published.
Policies. In theory they should be the backbone of any good information security program, but in reality few if any people actually read them and even fewer can understand what they mean. For ages we’ve been trying to solve this problem through education efforts, but maybe it’s time to look at how we construct policies in the first place and take a microservices approach to writing them?
I maintain a couple of blogs, one of which is the whiskey review site Thirty One Whiskey. That blog actually gets a good amount of traffic, and generates enough revenue from Google ads to (partially) fund my whiskey and cigar habits.
One problem that I had been running into was that the default code for Google’s AMP ads was breaking the formatting of my website on mobile devices. When rendered, the ad element was wider than the width of the page on mobile screens, so when you started to scroll, quite often the page would move to the left a bit and the text would start to be cut off.
Featured images are sometimes an afterthought. For older bloggers, featured images weren’t really a critical part of the web layout and often weren’t added to posts. And for newer bloggers, it’s just one more step that doesn’t seem necessary. But then there comes a point where you want a new theme that requires featured images to work, and now you have hundreds of posts without that featured image.
I like being able to keep an eye on everything that’s going on with the stuff I run. To that end I run a LibreNMS deployment in my house that monitors all my equipment, and I’v got a dashboard that gives me the vital statistics for everything I care about in one glance. One thing that has been sorely missing was a widget where I could see the stats for my WordPress sites, and I think I finally figured that out this week.
This past week I was excited to present a talk on the work I’m doing at Indeed, specifically the implementation of a risk based information security management program and the benefits both to security engineers and the business.
This past week I presented my talk “Learning from Failure: Tales of Incident Response Gone Wrong” at the 2019 SpiceWorld Conference in Austin, Texas. If you’re looking for the slides then I’ve got good news! They’re posted right here.
I use a MiniX Neo headless mini PC as a jumpbox into my home network. For the last couple years I had been running LogMeIn as the remote access client to connect back into the device, but with the recent pricing increase and lack of support for the iPad application I decided it was time to switch to TeamViewer. I knew that having an agent running on the device at all times would cause a performance hit, but I didn’t realize just how bad that hit would be.