Yup! I said it. Being up to date is not the goal, for security. Being up to date is a side effect, a bonus if you will. What on earth am I on about today? Glad you asked. Every security team is at some point tasked with a “vulnerability management” project/goal/initiative/whatever. Either of their own volition, or from the looming threat of compliance. Compliance I’ll ignore, as you’re not paying me to write this, but for security what are you trying to get from vulnerability management? “Everything secure and up to date! Surely” Sure, what do mean by secure? “Secure!
read_more…Mistake I once made and wish to learn from
the modern tech industry is basically folks just endlessly remaking remakes of heroku — Mountaindews Baby (@monkchips) March 8, 2021 “Those who cannot remember the past are condemned to repeat it” - Jorge Santayana Those who remember the past repeat it too, though may not be condemned to. As containers are merely the same bad bash scripts that used to run the Internet in the ’90s and 2000s (who remembers cutting and pasting bash commands out of word docs?), complete with the same running things as root, and trying to work out exactly which library you need to manually include to make the chroot() work.
read_more…It's 2018. If you're still parsing your logs with regexes, your software is broken. (yes I am aware legacy exists, yes, this is reductive, but stop making software that pretends it's 1982 UNIX) — Bea Hughes (@beajammingh) April 28, 2018 In the 1970s UNIX was made, and thus everything was fine, and log files existed before that, but I’m not that old. Universities had a UNIX machine, or sometimes too, as did a number of research places, etc etc. Logfiles were wonderful for keeping track of what was happening, and seeing what your system had been up. You looked at them with more as less didn’t exist until the early 80s (okay fine… syslog, be like that).
read_more…Trigger warning: ELK As anyone who’s spent any time debugging ELK, or more accurately logstash will tell you, it’s a slow process. Everyone instantly leaps to share Grok Constructor or Grok Debugger, which are both super useful, but not always the point. There’s a lot more to debugging logstash than just getting regexs right (though that does take the other 90% of the time). Debugging actual logstash configs is a slow process, thanks to the JVM and the huuuuuuuuge cost of spinning one up every time. There’s Drip which claims to speed that up after the first run, but I didn’t find that to actually work.
read_more…Trigger warning: this post can be seen as pretty bleak, talks about depression and suicide, doesn’t mention kittens much. It’s also stupidly long. Seeing as computers aren’t a subject I can write about anymore, I’ll write about something near and dear to my heart, the so called black dog of depression. This post will be super personal, almost certainly TMI for many, possibly worrying for some of my friends (I’m not fine, but I’m okay, you know me). I will abuse commas too. In my teens, as many of us have probably experienced, things weren’t perfect. I was, somewhat obviously, bullied in my shitty local school.
read_more…