It’s weakness. Well at least un-enjoyed luxury that has become an everyday event is. This has nothing to do with morals. Luxury costs money. Making money makes you dependant and consumes your free time, it reduces your financial freedom. So if you’re spending your life on luxury make sure that it counts and you’re enjoying it every moment.
Yeah, let’s make some new year’s resolutions so that I can feel bad breaking them. The big ones are: Stop smoking. And nail-biting. Both might be the same outlet of my nervousness, let’s see if I can get them under control. Start doing Yoga and/or Meditation again. To be honest, this will be needed to get resolution #1 to work. Continue climbing. Alas my left wrist joint seems to have suffered sometime last year – I’ll gonna go to the doctor, but might have to reduce my bouldering for a bit. I might try to soak up my free time with Yoga. Sarcastic, as doing yoga was replaced by bouldering in 2013. cooking vs. delivery-service: this will be a tough one. Currently I’m ordering way to much through the delivery service. In addition lots of the food eaten at home is just convinience food. I do not like the fact that delivery food is either way to expensive or unhealthy (or both). Then there are some “more of the same” resolutions: ...
With the year’s end comes the time for reviews and cleanups. Reducing cruft allows your mind to be free, with it comes a sense of closure and empowerement. Otherwise all my possessions would drag me down. Stuff I really like to do at this time is: review existing bank accounts and service contracts (like phone/internet/power plans). Reduce them to maintain some sense of control. Books: I hoard them even if most of them are not exactly Pulitzer-price materiel. I’ve read each of them but won’t read most of them again – so they’re mostly dead weight. There are places like public libraries or book sharing (i.e. Wortschatz in Vienna, Austria) places that love (and need) new books – sharing is caring. Add your books to the BookCrossing Index before sharing them and see where they have traveled and what people reading them think. Clothing drives. I try to make my garderobe work: so far I’m having far too many tshirts and am lacking other stuff (there’s not too much sense in having tshirts for four weeks when I’ll have to do my laundry every two weeks due to my trousers count). So I’ve imposed a new rule: when buying new clothes I have to donate at least on old cloth. old paper work: depending upon the jurisdiction you’re living under you might have to keep old (business) paper work. Here in Austria you’re allowed to discard paperwork after seven years – so each time at the end of the year I’m going through the archives and find stuff that is not needed anymore but still wastes space. There’s another problem: I hoard stuff. For example I own some rare bottles of whisky that are (by now) too expensive to drink. This is stuff that won’t go away easily. My solution is to give them as presents upon special occations. To prevent this situation from happening again I’m imposing some new rules: I won’t buy new Whisky when my existing collection is worth more than 600 Euro.
I’m contributing to a secure cloud project (well, it’s not that secure yet, but getting there..). It’s backend storage options include S3 so I want to test the S3-functionality against a locally installed S3 server. I first tried to utilize OpenStack Object Storage (Swift) or Riak, but both solutions were rather heavy-weight and cumbersome to setup. Bear in mind, that I just wanted some fake S3 storage server which would be deployed within a local network (without any internet connection). So security, authentication, performance was mostly moot. ...
We’re living in a world of indulgence and seem not to cherish the small (or larger) daily treats anymore. As a cousin of mine once noted: we are able to go out for coffee and food daily without thinking to much of it’s costs. We’re the lucky few but somehow forgot about that. We’re privileged but we’ve got accustomed to it. Living in Austria our grand-parents and parents started with almost nothing after the second world war. Then came a long line of firsts: cars, television sets, an united Europe, mobile phones, the possibility of traveling abroads, higher-education. Things that my generation takes for granted. ...
I’ve changed my approach and am now using a simple docker setup to achieve the same result Somehow I have to use VPN services throughout the day: when pen-testing from abroads I really need to login to my company’s network first. Otherwise my provider is kinda grumpy when I’m doing fast non-cloaked scans against large companies. also when pen-testing I like to use some cloaking VPNs to test the client’s detection capabilities if I would ever use bit-torrent I’d really like to make sure that the torrent program can only communicate through a private proxy (as pia). The easy solution would be to connect the openvpn tunnels on startup and just route all the traffic through the tunnels. Alas this is way to slow for daily use – and somehow error prone: if a tunnel dies and some pen-test is currently under progress traffic might escape into ‘unsecured’ public networks. The same would be true for torrents. ...
This is part three of a series about encrypted file storage/archive systems. My plan is to try out duplicity, git using transparent encryption, s3-based storage systems, git-annex and encfs+sshfs as alternatives to Dropbox/Wuala/Spideroak. The conclusion will be a blog post containing a comparison a.k.a. “executive summary” of my findings. Stay tuned. git was originally written by Linus Torvalds as SCM tool for the Linux Kernel. It’s decentralized approach fits well into online OSS projects, it slowly got the decentralized OSS of choice for many. Various dedicated hosted storage services as github or bitbucket arose. In this post I’ll look into using git as replacement for Dropbox for data sharing. As Dropbox has a devastating security history (link needed) I’ll look into ways of transparently encrypting remote git repositories. ...
This is part two of a series about encrypted file storage/archive systems. My plan is to try out duplicity, git using transparent encryption, s3-based storage systems, git-annex and encfs+sshfs as alternatives to Dropbox/Wuala/Spideroak. The conclusion will be a blog post containing a comparison a.k.a. “executive summary” of my findings. Stay tuned. This post tries some filesystems that directly access S3. I’ll focus on Amazon’s S3 offering, but there should be many alternatives, i.e. OpenStack. Amazon S3 has the advantage of unlimited storage (even if infinite storage would come with infinite costs..). S3 itself has become a de-facto standard for providing object-based file storage. ...
This is part two of a series about encrypted file storage/archive systems. My plan is to try out duplicity, git using transparent encryption, s3-based storage systems, git-annex and encfs+sshfs as alternatives to Dropbox/Wuala/Spideroak. The conclusion will be a blog post containing a comparison a.k.a. “executive summary” of my findings. Stay tuned. Duplicity is a command-line tool similar to rsync: you give it two locations and it synchronizes the first location to the second. Duplicity adds additional features over rsync, especially interesting for me are incremental encrypted backups to remote locations. This form of storage would prevent any hoster of gaining any information about my stored data or its metadata (like filenames, etc.). ...
I am a RoR-developer gone pen-testing for the last couple of months. Clients range from smallish web portals to large multi-national financial institutions. So far I’ve a success rate well above 85%. This post reflects upon my modus operandi. It contains a high-level view of how I work: while specific techniques change the overall frame-of-mind stays the same, so I consider the latter more important than the former. Also I hope for feedback regarding techniques and tools. ...