New blog location

Ok, it's been over a year since I've posted here...hey, life happens.
This is my farewell post on this blog. I created a new personal blog today located at http://www.jeffknutson.net/blog. Come on over and check it out!

I will leave these posts here for posterity and good times!

Cheers
jk

Pig out picks

http://health.msn.com/dietfitness/slideshow.aspx?cp-documentid=100156601&imageindex=1

 

DON’T EAT THESE!!!!!!!!!!!!!!!!

 

J

jk

The NBA

This (http://sports.espn.go.com/espn/page2/story?page=simmons/070223) is probably one of the funniest page 2 articles I’ve *EVER* seen.  (Courtesy of Mr. Bill Simmons of ESPN).

 

I didn’t know that F-minus-minus-minus, F-infinity-minus and G were real grades J

 

Go Wolves; KG Rocks!

 

Cheers

jk

 

Moving an SVN repository between machines

I thought this was a pretty nice, straightforward howto on migrating a
repository from one machine to another machine. I naively thought one
could just copy and paste the directories, heh heh.

enjoy!

jk

Trust is *not* security

February 12, 2007 (Computerworld) -- In Lancaster, Pa., last week, the county coroner was brought to court in handcuffs. A grand jury indicted Dr. Gary Kirchner, charging him with giving out his account name and password for a county Web site that contained confidential police 911 information. What kind of information? Names of accident victims and police informants, medical conditions, witness accounts, autopsy reports and not-yet-substantiated accusations. The site was the access point for real-time data generated and used by firefighters, ambulance crews and other emergency responders.

And who did the coroner allegedly give his password to? Newspaper reporters. Now there’s a trusting user.”The entire article can be found here: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=282376&source=NLT_SEC&nlid=38

- Clearly this guy should not have been giving out his login credentials to anyone (much less a member of the media, jeez).

- Where were the auditing procedures and detection? "...an IT staffer checked Web site logs and discovered that the site was accessed more than 50 times in two weeks from computers at a newspaper office". OK, logging was working, but if no one reviews the logs regularly, or notifications are not sent out for suspicious activity, the logs provide less value (they provided good forensic value once people realized there was a problem though).

- Thankfully "a reporter from a competing newspaper called the county to find out why he didn’t have access". Just think if this reporter didn't call; the security breach would still be going on....

This article again proves that the human element is typically the weakest when it comes to computer security. I’m betting they are going to make an example of this guy…

jk