I was asked about today’s Crowdstrike issues on Windows.
Naturally I have some thoughts…
What went wrong? What I know. Crowdstrike is an EDR (Endpoint Detection and Response) tool. (Well, they claim “XDR”, but that’s marketing). It has an agent component and a set of rule sets (called “channel file”). The agent has both user space and kernel space components to better give visibility into what is happening on the machine, and to be able to block bad things.
WARNING: technical content ahead! There’s also a tonne of config files, which make this page look longer than it really is, but hopefully they’ll help other people who want to do similar work.
Back in 2017 I described how to build a home router based on CentOS 7.
C7 is now out of date, so I figured it was time to rebuild it, this time using Rocky Linux 9.
This isn’t my normal tech-ish posting; this is a more personal view at how Corporate America and tech startups and the like are abusing their workforce. I don’t mean the sort of abuse seen in the service industry (below minimum wages needing to be supplemented with tips; excessive overtime; all that stuff). I’m talking about white collar tech jobs. The sort of jobs I did; likely the sort of jobs you’re doing (if you’re reading this blog); office workers…
When it comes to talking about API Security there are many facets and paths the conversation can take.
We might want to talk about from an AppDev security perspective; after all, an API is just code, so your SAST/DAST type processes apply.
We might want to talk about it in terms of authentication; after all, you need credentials to access an API and there’s many different ways this can be done (Basic Auth, mutual TLS, Oauth, HMAC…); this would also include when anonymous APIs are OK!
We all know what imposter syndrome is. We may all have suffered from it at some point. I know I did.
We may even know, rationally, that this isn’t a sensible thing. One good representation of this was from David Whittaker
Yet despite this whenever I started a new job I was always worried that I wasn’t the right person for it; that I’d fail to deliver.
Recently I wrote about how I got here without knowing what it was I wanted to do.
That was a prelude to the other half of the equation; I may not know what I want, but I do know what I don’t want.
At this moment in my life, I don’t to work. At all. I want to have the luxury to be able to lie in, to read a book, to stay up late hacking on some code or whatever…
So I don’t do much “streaming”. I’m old school; if I like a show then I’ll buy it (or get it as a present) on physical media… BluRay or 4K these days.
This meant I hadn’t seen much of New Trek. A few years back I got Picard Season 1 on BluRay, then season 2. But this year I’ve received/bought a lot of the new stuff, and I thought I might write down my thoughts and opinions.
One of the most annoying interview questions is “where do you see yourself in five years time?“. I hate it. I have no vision of the future like this. Hell, I barely know what I want to do tomorrow.
I’m good at foreseeing the future, honest! So my first job, straight out of uni, was with a small Greek shipping company. I learned a lot there ‘cos I had to do it all.
A number of years ago I wrote a Hue Bridge Emulator that would let you emulate light bulbs in shell script in such a way that these devices could be controlled by Alexa (and so used in routines and the like). It worked well.
But recently Amazon appear to be changing how hue bridges are detected. The big challenge appears to be it wants the server to listen on port 80.
Else-net there was a discussion on how “security” is generally seen as a blocker; they’re seen as gate keepers and people who just say “no”, or who may be focused on regulatory compliance and not actual security.
Who needs Mordac, the Preventer Of Information Services when you have a security team?! The thing is, “security” isn’t a monolith, and it’s not a one way street.
Many teams I’ve only really seen security from a megacorp perspective, both from the companies I’ve worked for and the people from other companies I’ve spoken with over the years.