Dan Morrill
Configuring an Amazon Web Services Security Group
Configuring an Amazon Web Services Security Group Security Groups are just like firewalls, you can set what you want to allow into your system or not on both public and private interfaces. Building out an Amazon Security Group is much like building out a firewall for your systems. You can have as many security groups [...]
Massive Java Update available you should apply it
And you should do this update; Oracle has finally gotten around to pushing a massive 50 vulnerability fixing update to Java. The bad part is that most of us have decoupled Java from our browsers, and I am wondering if this is too little too late. With Mozilla (Firefox) dropping Java support from its browser [...]
New HP Printer Google Hack via Port3000
New HP Printer Google Hack via Port3000 Blogger Adam Howard over at Port3000 has found a very cool new Google Hack for finding unsecured HP Printers. A lot of these time out, but for those that work, the day gets interesting. You do need Java to make the admin screen work, and these seem to [...]
Kim Dot Com’s new Mega site has XSS Security Holes
Any new site, not just Mega is going to have security holes, and reports have surfaced in Twitter, Reddit, and over on ZDNet that Mega has a couple of persistent XSS security holes that are going to make users days a little bit harder. Beyond the crypto issues that you can read on ZDNet, persistent [...]
Divorce Facebook Style
Who gets the data after a couple gets divorced? You might be surprised at just how much Facebook data plays in a divorce scenario, and if Take this Lollypop didn’t scare you, this should make you stop and think for a minute about data, and who it belongs to. Any good divorce lawyer is going [...]
Facebook gets freakier with Take This Lollypop
Facebook gets freakier with Take This Lollypop If you ever wondered who was looking at your public information, and you were silly enough to post real information rather than plausible dummy information, then “Take This Lollypop” will totally make your day. Facebook indeed presents a danger for oversharing information that can allow a person to [...]
Understanding Shodan HQ for hacking and cyber warfare
Understanding Shodan HQ for hacking and cyber warfare Shodan HQ is probably one of the more interesting web sites that few people know about. Shodan scans the internet looking for devices that people have left unsecured or with default if any login information. Sometimes a web site just makes you happy, and Shodan has shown [...]
How are people using Cloud Computing?
With all the power and possibilities of using cloud computing, how are people actually using the technology? You might just be surprised by this late 2012 data gathered and presented in this latest survey data. From the latest survey in how people are using Cloud Computing, 41% of the people taking the survey say that [...]
CloudPassage Cloud Security Survey
CloudPassage was kind enough to share with me the raw data from their latest cloud computing security survey. In many ways this is what you would expect to see in a survey of companies that are still working out exactly what they want to do in the cloud and the approaches they want to take [...]
Amazon Web Services Programming Tool Kits
Amazon Web Services provides a number of Software Development Toolkits (SDK’s) that will help the programmer make the most of Amazons exposed APIs for the various services that they provide in the cloud. While the AWS (Amazon Web Services) console is good for day to day administration and control over the services you have set [...]
Using Amazon Web Services IAM
Using Amazon Web Services IAM IAM (Identity and Access Management) from Amazon Web Services is a tool to create users, groups, roles and permissions. This is a 10 minute video on how to use IAM (Identity and Access Management) services to provision users and groups within the Amazon Web Services infrastructure. IAM is a blunt [...]
Using Route 53 Amazon’s DNS Service for the Cloud
Using Route 53 Amazon’s DNS Service for the Cloud Route 53 is Amazon’s answer to a high availability and scalable DNS (Domain Name System) web based service. While there is no DaaS (Domains as a Service) in the formal cloud nomenclature it makes sense to have a globally distributed Domain Name Service that can work [...]
Why you should not use a photographer’s work for Bullying
Over the weekend I had a wonderful time doing coverage of Seattle’s own Slut Walk to help highlight the issues with sexual abuse, abuse, violence towards women, rape, and a host of other societal ills that I actually think are very uncool. This is one of those issues I have an opinion about. What was [...]
Why I am leaving Smugmug. Hint: it is not just about the money
About seven years ago, a friend of mine who was helping me get into photography recommended that I check out Smugmug, and a wonderful relationship was born. I love, have loved, and will appreciate Smugmug even as I am walking away from the web site. Over the last three years I have shoved some 853,000 [...]
How to Synch S3 Buckets in AWS and design for failover
News of Friday’s problems with the Virginia Data Centers power system taking down sites like Netflix and Pinterestshows that sometimes not programming for fail over or data center failure is a pretty foolish thing to do. Especially with costs somewhat reasonable per gigabyte in Amazon’s S3 system. Anyone who does not program for fail over [...]
