Blog‎ > ‎

Topic Dump 2016 continued

posted Oct 16, 2016, 7:49 AM by Sami Lehtinen   [ updated Dec 30, 2016, 6:00 AM ]
  • I wonder when lights which can fire photos at exactly designed target in multiple focus points become possibly. Aka light field projectors. Also it's awesome if these can be implemented as panels. Using walls with these panels and some light smoke in room, it should be possible to make pretty cool 3D projections. Sure, it still isn't perfect hologram, but it's pretty hear it. It's just like the radiation treatment where you can project small amount of radiation from all over into single point so that single point (yes, technically it's not single point, it's target point) will get a lot higher dosage than then surrounding areas. It would be pretty cool tech. Instead using just a few projectors, you would technically have millions of projectors to be used for the projection.
  • One guy sent me ton of very nice digital forensics links. But I like to pick my sources as well as one site contained way too many adds so I won't unfortunately post the links here. This is anyway topic which can be Googled trivially at least on basic level.
  • Read The Paradox of Choice - Reminds me about Subway. First time when I visited Subway, I were really hungry. It was super annoying when they were just asking so many question. No, I don't want your questions, I want food now. - Freedom of choice, perfectionism and feeling a need for analytics easily leads to analysis paralysis.
  • Once again endless discussions about system security. Some customers are asking for secure systems. Well well. Any system which can be used to access email or web with modern standard software isn't being even nearly secure. So we can pretty much rule discussion about 'secure systems' out. It's just more or less secure, but it won't be secure ever. Just deal with it. Hardening, auditing, access management, training people or even certified software won't fix this problem.
  • Checked out SAML federation for integrated authentication and authorization.
  • How do you define Potentially Unwated Program (PUP). Is filtering all programs which aren't widely used a right way. What would mean that widely used software wouldn't be PUP in your environment? Etc, all the endless basic questions. It's also quite hard to verify is something has been planted inside a program / source you're already trusting. Nobody actually want's to audit every version properly, because it's just too expensive and time consuming.
  • Reminded my self about: Root key ceremony and Key signing party.
  • When we talk about public keys, next step is that the signature should be verified. But that won't happen. In several cases the data is read and 'existence of signature' is being checked, but it's not being actually cryptrographically verified. Yes, there's on XKCD about this too. One of the example fails was lack of Machine-readable passport verification in many cases where it's being handled.
  • The Let's encrypt related discussions are a classic. First people complain that things aren't easy enough, and when they are then they complain that things aren't secure enough. Sigh. - Subject Alternative Name (SAN) is here slightly related - Also Let's Encrypt Overview is a very nice post.
  • Also a nice article about Border Gateway Protocol (BGP) basics. Yet in this case, this light version didn't contain anything new. But I'm pretty sure the actual certification guides I didn't read would.

There will be more stuff bit later, during 2016 being dumped from backlog.