Category Archives: Security

Encrypting /home on Dell XPS 13 7390

November 28th, 2019
Posted in Security | No Comments

The following procedure adds encryption to pre-installed Ubuntu 18.04 on Dell XPS 13 7390: Within a console or terminal, sudo into root. $ sudo su – Create LUKS encrypted file container (20,000 Megabytes or 20GB, for example). # dd if=/dev/zero bs=1M count=20000 of=/.hostname-home.img # cryptsetup luksFormat /.hostname-home.img Open LUKS encrypted file container. # cryptsetup luksOpen […]

Personal Password Policies

September 28th, 2019
Posted in Security | No Comments

Need secure passwords that are not completely unintelligible? Devise a personal password policy: Select three or four words from a dictionary. Consider using adverbial forms, past and present tense of verbs. Consider using singular and plural forms of nouns. Avoid idioms. Pick a number. Consider inserting leading 0s. Pick a symbol: !@#$%^&*()-_=+ Assemble the above […]

Securing Dynamically Generated HTML

September 22nd, 2019
Posted in Security | No Comments

Implementing code that simply displays a user’s IP address as part of an HTML page may be considered easy. Without security considerations, it can be implemented in PHP simply with the following: echo “IP: ” . $_SERVER[‘REMOTE_ADDR’]; 2011 CWE/SANS Top 25: Monster Mitigations recommends establishing and maintaining “control over all your inputs” and “control over […]

Security Review 2019

September 13th, 2019
Posted in Security | No Comments

Recent assignments that focus my efforts on securing web applications have motivated me to review the security of my personal websites. PHP code that I implemented 15 years ago is still used by my websites today. With the experience I gained over the years, and my current effort to acquire deep familiarization with security practices, […]

Potential HP Remote Exploit

December 8th, 2011
Posted in Security | No Comments

I remember my first computer. It was a standalone system that booted directly to the Microsoft DOS prompt. There were no logins nor passwords. There were no real security measures to protect files on disk or processes in memory. Floppy disks were the primary means of transferring data between computers. Bulletin board systems were popular […]