Docker security issue?

Doing a lot of research on Cloud services.  Aside from services, features, and cost, my focus has been Federation (with on premise Active Directory specifically) and Security.  I haven’t duplicated the root access in this article, but this is exactly the thing that keeps me up at night.

Using the docker command to root the host (totally not a security issue) // reventlov’s silly hacks.

 

Posted in Uncategorized | Leave a comment

Software to securely erase hard drives

Did some R&D for my brother and wanted to document the best options for securely erasing hard drives for sale or donation.

Disc Wipe Utility – Windows executable and source (should compile on UNIX/Linux systems).
http://sourceforge.net/projects/disc-wipe/

Eraser – Windows scrub utility
http://sourceforge.net/projects/eraser/

diskscrub – UNIX source code
https://code.google.com/p/diskscrub/

Posted in hardware | Leave a comment

Microsoft Help file not displaying on Windows 7

I wanted to document this issue because if it happened to me, there’s probably someone else who is experiencing this issue. I downloaded the Exchange 2013 Help file and opened it locally. Nothing displayed. Nothing at all. The right display pane was blank.

I searched online a bit, and finally found the culprit – the file was flagged when I downloaded and I needed to Unblock the file before it could be opened locally.

clip_image002 => clip_image004

Click Unblock, and everything displays correctly. I was really scratching my ass over this one.

clip_image006=>  image

Posted in Microsoft | Tagged | Leave a comment

Big Changes Ahead

I’m just back from TechEd 2014.  I was drinking Microsoft Kool-Aid from the firehose for a week.  I can summarize it in one word – “Cloud” (capital “C”).  This is an oversimplification, but that was the theme.

I came home totally committed to testing the Microsoft Cloud.  My original intent was to consolidate all my cloud services to one.  I did a quick analysis, and focused on the ‘top tier’ providers – Dropbox, Box, OneDrive, and Google Drive.  Based on my current ‘investment’, it came down to OneDrive and Google Drive and Google won for one reason – it seems that OneDrive has decided that random files need to be deleted.  For no obvious reason I find files in the Recycle Bin on multiple computers.  Most recently this was the PowerPoint and other docs I downloaded from TechEd.

Right now, I’m paying $1.99/month for 100GB of Google Drive storage.  This will tide me over until at least the Fall.

Next project is migrating my web sites (including this blog) to a Virtual Private Server.

Posted in Google, Internet, Microsoft | Tagged , , | Leave a comment

Comcast speed upgrade

OK, people badmouth Comcast, but this is a pretty good deal.  I upgraded my cable modem in 2007 to DOCSIS 2.0 and IPv6 support.  It might be time to upgrade to DOCSIS 3.0.  I’ll do more testing over the weekend to determine if I really need the upgrade.  Note from Comcast and my speedtest.net results below (before resetting the cable modem).

Dear Valued Customer,
Great news! We’ve increased your Internet speed!
We increased the speed of your Performance Internet service by up to 25%! You now have download speeds up to 25 Mbps and upload speeds up to 5 Mbps.

http://www.speedtest.net/my-result/3101918667

Posted in Uncategorized | Leave a comment

Yahoo! Mail security issues.

I’m seeing a lot of issues with Yahoo Mail accounts being compromised, so I’m posting my notes here and will update as I understand the problem better.  An example is when you get e-mail from friends with a single, SPAM URL in the message and it’s sent to 10-15 people (in alpha order) from their Yahoo! Contacts.

I suggest that you NOT check the box ‘keep me signed in’ when you log into Yahoo Mail (highlighted in red rectangle on screen shot below).  From what I can tell, some web sites with malicious content take advantage of cached Yahoo credentials and send mail with these SPAM links to everyone in your Yahoo contact list.

I also recommend using “two factor authentication” wherever possible.  Two factor authentication uses something you know (your password) with something you have (phone number, cell phone).  When accessing a web site, you enter your password (something you know), and then are prompted to enter a code sent to your phone (voice), or your cell (text), which are things you possess.  This is used when resetting passwords on your bank or credit card web sites.

Another option is to consider moving to Google Mail which appears to be more secure, and I know from testing that Google’s two factor authentication is quite comprehensive and I use an Android app on my cell phone to generate a code.

image
Yahoo login – do not

Yahoo Two factor authentication reference links

http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two+factor-authentication-right-now

http://www.pcmag.com/article2/0,2817,2409477,00.asp

Posted in Internet, security | Tagged , , | Leave a comment

Walt Whitman grave

These are photos of Walt Whitman’s grave from Camden, NJ.  We visited his family mausauleaum after we attended the military honors for my cousin Ken Corcoran.

 

IMG_0226 IMG_0222 IMG_0229

Posted in Uncategorized | Leave a comment

Samsung Galaxy S3 – quick review

My original Motorola Droid was approaching four years old and over the holidays the 3G crapped out.  It was a serviceable phone, but some apps started to weigh down the phone, and if I used Navigation, I had to have it on a charger.  I was also debating the cost/benefit of keep my “unlimited data” plan versus Verizon Share Everything Plan.

After doing some online R&D and talking with friends, I upgraded to the Samsung Galaxy S3.  First impressions were the same as most people – it’s pretty big (4.8” screen), it’s fast (dual core, 1.5GHz and 2GB RAM).  Further observations – the display is very good, the Samsung add-on apps appear to be very useful.

First day impressions

  • Much larger than the Droid, which requires I hold it in a less secure fashion, which means I’m looking for a case with ‘grip’.  I never had a protective case for the Droid, and never needed one – I kept it in a case with a belt clip.
  • Much, much, much faster than the Droid.  Apps like Waze, Google Maps (with Navigation) that stressed the Droid, drained the battery, and made it too hot to hold run smoothly on the S3.  S3 is the honeybadger of smartphones.  S3 don’t care, it just runs apps and sips the battery.
  • First day battery life very good, but not mindboggling.  I ordered a 4200 mAh battery and case combo as well as a ‘honeycomb’ cover.
  • Bluetooth pairing, WiFi all faster.  The S3 reports 64Mbps connect speeds with my 802.11n home router (Buffalo).
  • Software
    • Less crapware loaded by Verizon than other phones I have seen. 
    • Samsung software interesting, also installed GALAXY SIII User’s Digest – online, interactive manual for phone
    • Switched to Minimalist theme and Nova Launcher

Second and third day impressions

  • Installed MobileIron (corporate ActiveSync proxy for Exchange).  Client install was simple, and Samsung supports full device encryption (but not the USB card).  Synching 30 days of mail, and I’m using the built in ‘Corporate Email’ application.  I have the option to merge mail and calendars, but I’m keeping them separate now.
  • Battery life still good, but I will need to charge it each night.  This isn’t a problem, because I’ve been doing this for years.
  • Used Waze while commuting, and it really helped on two occasions – 295 North one morning someone self-reported a major, multi-vehicle accident in the fast lane.  Police weren’t on the scene yet, but we were able to get in the slow lane and got around it pretty quickly.  Second time was coming home, 295 South was  backed up for about 100 miles, and Waze directed me to use the NJ Turnpike. 

First week impressions

  • Installed the extended battery.  It’s *huge*, but the battery fits in fine, as well as the humpback whale “Pebble Blue Back Cover”. 
  • Installed the “HoneyComb Case” is a very tight fit, but it goes on fine.

Notes

I really like the extended battery.  Battery was 90% at noon on the first day, 66% at the end of the day (18 hours).  Day two was a Saturday, less mail volume, but used GPS, Google Maps, etc extensively.  Battery at 41% after 36 hours and holding.

The case is nice.  It fits well, and I have a much more secure feel when using and handling the phone.  The down side is the HoneyComb case covers the power and volume buttons, and the cut out on the bottom of the case fouls the micro USB connector when charging the phone.  I’m using an X-Acto knife to clean things up tomorrow.  I took test photos, and even with the deeper case for the extended battery and the case cover, there is no interference when taking photos.  Also, all other ports (front sensor, speaker, microphone) are not blocked from the case.  Overall, I’m very, very pleased with the combination of the extended battery and HoneyComb case.

Reference Links

Hyperion Samsung Galaxy SIII 4200mAh Extended Battery + Pebble Blue Back Cover
http://www.amazon.com/gp/product/B008GWIVTQ/ref=oh_details_o00_s00_i01

Hyperion Samsung Galaxy S III Extended Battery HoneyComb TPU Case -Black
http://www.amazon.com/gp/product/B008MMZUZS/ref=oh_details_o00_s00_i00

Posted in Android | Tagged | 1 Comment

Helped nearby drivers by repor…

Helped nearby drivers by reporting a heavy traffic jam on County Line Rd, Warminster on @waze – Drive Social.

Posted in Uncategorized | Tagged | Leave a comment

@k8tlevy – great to meet you a…

@k8tlevy – great to meet you and your crew on the MS-150. Achilles pain may be position of cleat or bike fit. Do You know @MatthewBotos?

Posted in Uncategorized | Tagged | Leave a comment