Articles from Apotheonic Labs

Articles: TechRepublic IT Security Column

The following are articles Chad Perrin has written for the TechRepublic IT Security column, listed by title in roughly chronological order. You may notice some variance in article titles between this list and the articles at TechRepublic. Chad has little or no control over editorial changes made after the article has been submitted there.

  1. Five Steps To Becoming The Local Security Guru
  2. Check Out The Results Of CNET's Security Vendor Survey
  3. Myth: I'm Not Really At Risk
  4. Reduce Permissions To Increase DNS Security
  5. Unix/Linux Rootkits 101
  6. Rootkits 201
  7. There's More To Security Than Counting Vulnerabilities
  8. Security Specialists' Salaries Are Up . . . So What?
  9. The Three Elements Of Access Control
  10. 10 (+1) Reasons To Treat Network Security Like Home Security
  11. Implement Integrity Auditing With Basic Utilities
  12. Use Rsync For Filesystem Integrity Auditing
  13. Rootkit Redux: Sony Doesn't Learn From History
  14. Why There's No Such Thing As A Trusted Brand
  15. Use Mtree For Filesystem Integrity Auditing
  16. The Truth About Viruses
  17. Top 10 News Items, September 15: What's Interesting In IT Security This Week
  18. Work With End Users -- Not Against Them -- To Improve Security
  19. Use The Fire.Rb Library To Write Port Knocking Scripts In Ruby
  20. Privacy Is Security
  21. Happy Birthday, OpenSSH
  22. Linux Phishing Botnet Statistics Can Be Deceptive
  23. Why There's No Such Thing As A Zero-Day Vulnerability
  24. Network Monitoring For Fun And Profit
  25. Protect Your Computer And Your Data With A UPS
  26. 10 Security Tips For All General-Purpose OSes
  27. A Little More About Passwords
  28. Automating Shutdown When Your OS Doesn't Support Your UPS
  29. Protect SSH From Brute Force Password-Cracking Attacks
  30. 10 Services To Turn Off In MS Windows XP
  31. Why Encryption That Doesn't Trust The User Isn't Trustworthy
  32. Radiohead Knows More Than Microsoft About Security
  33. 10 Wi-Fi Security Tips
  34. The Politics Of Phishing
  35. Teach A Man To Fish
  36. What My Grandmother Taught Me About IT Security
  37. If You Want Something Done Right . . .
  38. Follow A University Course In Cryptography For Free
  39. Use MD5 Hashes To Verify Software Downloads
  40. Bolted-On Security Features Aren't Secure
  41. Use The Blowfish Cipher To Improve Password Security
  42. The Value Of Accidental Security Through Obscurity
  43. Security TV: "Tiger Teams" Showing This Christmas
  44. PGP Corps "The 12 Threats Of Christmas"
  45. The Best Security Article Of 2007 (Isn't About Security)
  46. SPAM And SPIT: What Are The Dangers?
  47. Deleting Files Isn't Always Enough
  48. Retrospective: 10 Security Blunders
  49. Interface Design Is Security Design
  50. Using Pf And ALTQ For QoS Management
  51. The Truth About Email Spam
  52. How To Spoof A MAC Address
  53. How To Avoid Being A Phishing Webserver Admin
  54. Security Is An Ecosystem, Not A Product
  55. Five Must-Have Security Resources
  56. Using OpenPGP On Unix/Linux Systems With GnuPG
  57. How Private Is Your Web-Based Service?
  58. Use OpenSSH As A Secure Web Proxy
  59. Basic Email Security Tips
  60. 10 Tips For Effective Use Of OpenPGP With GnuPG
  61. Using GnuPG With Mutt To Sign Or Encrypt Email
  62. Use PuTTY As An SSH Client On MS Windows
  63. Use PuTTY As A Secure Proxy On MS Windows
  64. Ensure Basic Web Security With This Checklist
  65. What Is Cross-Site Scripting?
  66. The Big Brother Awards
  67. Using GnuPG Encryption Tools With Gpg4win
  68. The Importance Of Being Encrypted
  69. Security 101, Remedial Edition: Obscurity Is Not Security
  70. DRM And Unintended Consequences
  71. Meet Me At Penguicon
  72. Use Getmail To Get Email Simply And Securely
  73. Use SSMTP To Send Email Simply And Securely
  74. List Open Ports And Listening Services
  75. Close Unneeded Ports On Unix/Linux Systems
  76. Fighting Fire With Fire
  77. Fighting Fire With Water
  78. Five Security Tips From MediaWiki's Lead Developer
  79. There Is No Perimeter, Kinda
  80. Has Security Grown Beyond DIY?
  81. The "Insecure Memory" FAQ
  82. Detect And Replace Vulnerable SSH Keys On Debian
  83. Not Invented Here Has No Place In Open Source Development
  84. Making Encryption Popular
  85. Is PhoneFactor Really Better Security?
  86. Security Alarmism Helps The Bad Guys Win
  87. Why You Can't Get Management On Board
  88. How Should We Handle Security Notifications?
  89. What Do You Do If Management Won't Get On Board?
  90. Is Linux The Most Secure OS?
  91. Vulnerability Counting Revisited: A Hypothetical Example
  92. How FreeBSD Makes Vulnerability Auditing Easy: Portaudit
  93. Knowing The Superficial Side Of Security Is Important, Too
  94. The CIA Triad
  95. Google Opens Up RatProxy
  96. 5 Easy Ways To Compromise Your Own Security
  97. The Reason I Talk About Security
  98. Five Good Security Reads
  99. Who Is Really To Blame For The San Fran Network Lockout?
  100. Bignum Arithmetic And Premature Optimization
  101. Use Tcpdump For Traffic Analysis
  102. How Does Bad Password Policy Like This Even Happen?
  103. The Meaning Of "Good Enough"
  104. Perfect Vs. Good Enough
  105. Keyczar: Another Open Source Security Tool From Google
  106. 10 Common Security Mistakes That Should Never Be Made
  107. 10 Security Challenges Facing Closed Source Software
  108. How Do You Interview Security Experts?
  109. Use Complete Session Encryption With Gmail
  110. Functional Programming Techniques Can Improve Software Security
  111. Perspectives: Better Than CAs?
  112. What Are The Security Implications For Google Chrome?
  113. The Trouble With Test Versions
  114. Can You Mitigate Risk By Replacing Sensitive Resources?
  115. Prioritize Security Concerns With A Simple Risk Assessment
  116. Email Security Advice For Politicians
  117. The So-Called Group Called Anonymous
  118. Is Suggesting Improved Security The Same As Blaming The Victim?
  119. Choose The Right Licensing Model For Security Software
  120. What To Do About RFID Chips In Your Wallet
  121. How Closed Policies Hurt Security Development
  122. TSA Communication May Get Your Bag Searched
  123. 12 Security Suites Tested And 12 Security Suites Fail
  124. 5 Characteristics Of Security Policy I Can Trust
  125. Wim Van Eck's Legacy
  126. MS Windows 7 Pre-Beta Gets A Security Patch 13 Days Early
  127. 10 Security Tips For Microsoft Windows XP
  128. Security, Complexity, And The GUI Environment
  129. More Email Security Tips
  130. Microsoft Finally Catches The Eight Year Bug
  131. No Such Thing As Effective License Enforcement
  132. The Safest Way To Sanitize Input: Avoid Having To Do It At All
  133. 5 Tips To Improve Physical Access Security
  134. Use Cryptographic Hashes For Validation
  135. 5 Things Microsoft Should Do To Secure Windows 7
  136. Use Cryptographic Hashes With Ruby
  137. Will Google's Native Client Project Change The Game?
  138. Practical Paranoia: Trust, But Verify
  139. Distributed Security Cracking
  140. Understanding Layered Security And Defense In Depth
  141. 5 Precautions To Take For The Holiday Break
  142. Internal Defenses Are Part Of Layered Security Strategy
  143. The Smallest Threat To Open Source In 2009
  144. REAL ID In A Nutshell
  145. 25 Most Dangerous Programming Errors
  146. Managers And Technologists Live In Different Worlds
  147. How Should You Handle Software Updates?
  148. Options For OpenPGP
  149. Don't Try To Control What You Don't Understand
  150. Filesystem Fragmentation: Security Threat
  151. Is This What They Call A Feature?
  152. 10 Important Categories Of Employment Transition Security
  153. 10 Tips For Personal Security When You Leave An Employer
  154. A Practical Example Of Why HTML Email Is A Bad Idea
  155. Lenovo Provides An Excellent Example Of How Not To Handle User Data
  156. Email Needs Safe Rendering
  157. 5 Tips For Choosing A Registrar For Sites You Care About
  158. 5 Interesting Security Links For February 2009
  159. More About What My Grandmother Taught Me
  160. Advice For Reading About Security
  161. Recession: A Chance To Deploy Open Source Security Solutions
  162. How Likely Is Your Software To Survive The Recession?
  163. Never Use Buzzwords To Justify Decisions Without Understanding Them
  164. Security 101, Remedial Edition: Use Strong Passwords
  165. 10 Tips For Secure Computer Disposal
  166. Airport Behavior Detection And Security Theater
  167. Sometimes, No Encryption Is Better
  168. 10 Questions To Ask Yourself Before Collecting Security Data
  169. How Secure Is Your Bank Card?
  170. Hacker Vs. Cracker
  171. Principles Vs. Magic
  172. Why Do People Write Viruses?
  173. There Is No Legal Solution To Malware
  174. Mydoom.FUD: A Lesson In Fear, Uncertainty, And Doubt
  175. 5 IT Security Pet Peeves
  176. The Real Solution To Malware
  177. Why REAL ID Is Not Secure ID
  178. 5 Ideas For Secure Invoicing
  179. Linux And Windows Compromised At Boot
  180. The Case For National Security
  181. China Chooses FreeBSD As Basis For Secure OS
  182. The Cyber Czar: Hope Or Fear?
  183. Microsoft May Be Firefox's Worst Vulnerability
  184. Pentagon Has Bold Plan For Digital Warfare
  185. The Broken Windows Fallacy
  186. Stainless Steel Wallet Review
  187. Six Principles Of Practical Ciphers
  188. Public Officials And Private Lives
  189. The Basics Of Secure Admin Privilege Use With Unix
  190. Stay Out Of Bozeman
  191. Understanding Risk, Threat, And Vulnerability
  192. Protect Webserver Directories From Unwanted Browsing
  193. How Anti-Sec Is Anti-Sec?
  194. Why Are Crime Rates Dropping?
  195. Open Source Crimebusting
  196. How To Deal With Adobe Flash And Reader Vulnerability
  197. Redundant Rules, Rushed Votes, And Bad Policy
  198. ZF05 Gives Us One More Reason To Use Unique Passwords
  199. Use The Firefox Password Manager
  200. Use RFC 2606 Example Domains For Example Emails
  201. Unmask Your Passwords
  202. The Microsoft OWC Two-Year Vulnerability Patch
  203. Interview Coding Tests Should Measure More
  204. The Pirate Bay Is Back With A Vengeance
  205. Provide More Than A Feeling Of Security
  206. Guns Can Keep Computers In Your Luggage Safe
  207. Paranoid Cookie Management
  208. Help Reddit Crack The Treasure Master Password
  209. Fine-Grained Cookie Management In Firefox
  210. The Bobby Tables Guide To SQL Injection
  211. The Chinese Domain Scam
  212. The Key Exchange Puzzle
  213. Create Great Employees
  214. Solving The Key Exchange Problem
  215. Never Get Complacent About Security, Even In Fiction
  216. Is Firefox + Perspectives The Most Secure Browser For TLS/SSL Encryption?
  217. Perspectives Provides Out Of Band Verification For SSH
  218. Microsoft Makes Firefox Vulnerable; Mozilla Responds
  219. Never Use Dynamic Variables
  220. The TLS/SSL Certifying Authority System Is A Scam
  221. Use The SSH Filesystem For Secure Network Filesystem Access
  222. Use SCP For Quick, Secure File Transfers
  223. Update Your FreeBSD Software With Care
  224. How To Use Antivirus Software With MS Windows
  225. Understand Basic Unix File Permissions
  226. Managing Default Unix File Permissions With Adduser And Umask
  227. Five Security News Items For Late 2009
  228. Five Guidelines For Secure Customer Communication
  229. Use Google Wave Carefully During The Testing Period
  230. Basics Of Stack-Smashing Attacks And Defenses Against Them
  231. Should We Be Afraid Of Google Public DNS?
  232. Understand The Setuid And Setgid Permissions
  233. FreeBSD File Flags Enhance Unix Filesystem Security
  234. Principles Of Basic Filesystem Integrity Auditing
  235. Google: Being Evil
  236. Major Security Myths Of 2009
  237. Why Security Gets No Love
  238. Use The Find Utility To Scan For Writable Directories
  239. China Cracks Google Security; Google Defies Chinese Censors
  240. How China Exposed Google's Hypocrisy
  241. The Reverse Quine: Making Web Services Transparent
  242. Are TSA Policies A Bad Joke?
  243. The Enduring Cipher
  244. The Use And The Misuse Of The XOR Stream Cipher
  245. The Danger Of Complexity: SLOC
  246. Cryptography's Running Gag: ROT13
  247. American Express Password Policy Takes The Cake
  248. Coloring Outside The Lines
  249. Get The Security Buzz About Google Buzz
  250. Fight Back Against Bad Password Policy
  251. What Defaults Should Random Password Generators Use?
  252. Avoid Ambiguity When Referring To Account Names
  253. Five Features Of A Good Password Manager
  254. A User Name Is Not A Password
  255. Microsoft Warns: Don't Press F1
  256. The Microsoft Internet Driving License
  257. Use QuickProxy For A Simple Proxy Switch In Firefox
  258. Simplicity Is Security
  259. Organizations And Conflicts Of Interest
  260. Present Security Advice As Convenience Advice
  261. Google News Follow-Up
  262. Are Self-Signed Certificates Safer?
  263. The Future Of Security
  264. Five Characteristics Of Secure Online Services
  265. Mitigating The Privilege Escalation Threat
  266. Mitigating The Social Engineering Threat
  267. Does The Chrome OS LiveCD Threaten Your Installed OS?
  268. 10 Security Books For The Future
  269. A Simple Email Filter: Getlessmail
  270. The Classic Man-In-The-Middle Attack, In Fantasy TV
  271. Secure Mercurial And BitBucket Quickstart
  272. The NTIA Wants Cell Phone Jamming Solutions
  273. Google Book Search And Our Privacy
  274. Microsoft Windows Activation Work-Around
  275. Corporate Ethics Versus Security Ethics
  276. Google Offers Encrypted Sessions For Web Search
  277. What Are The Prospects For Smartphone Security Threats?
  278. Why You Really Should Care About Privacy
  279. Will Google's Move Spur Others To Drop Microsoft?
  280. Responsible Disclosure And Its Irresponsible Advocates
  281. HTTPS Everywhere Makes SSL/TLS Easier
  282. Stainless Steel Wallet Review: One Year Later
  283. Use Chroot To Restrict Services
  284. Use Rssh To Limit User Access
  285. Understanding The Market For Buggy Software
  286. Have You Heard The One About The 21st Century Russian Spy Ring?
  287. Security Hyenas And The Abuse Of The Word "Terrorist"
  288. Welcome To The Future: Cloud-Based WPA Cracking Is Here
  289. Knowledgeable Humans Are Still The Best Spam Filters
  290. Jailbreaking Smartphones Is Finally Legal, For Now
  291. Point Release Vs. Rolling Release
  292. Use Pwsafe As A Keyboard Shortcut Driven X Tool
  293. Bypass A $200 Biometric Lock With A Paperclip
  294. Hackers And Crackers: A Lesson In Etymology And Clear Communication
  295. Smartphone Jailbreaking, And What Vendors Are Doing About It
  296. U.S. Military Compromised By Removable Media Malware: Five Ways To Avoid The Same Fate
  297. How To Disable Vulnerability Checking For FreeBSD Ports
  298. Are Multiple Overwrites Really Necessary For Secure Deletion?
  299. Quantum Hacking Cracks Quantum Crypto
  300. Are Microkernels The Future Of Secure OS Design?
  301. Security Vs. Popularity
  302. Security Consciousness, And Its Opposite
  303. Should Intel Decide What Software We Can Run?
  304. Should BCC Be The Default Email Address Field?
  305. Turn Off Modeline Support In Vim
  306. Five Security Lessons To Learn From The Twitter Worm
  307. Lock Your Screen While Away From The Computer
  308. How To Escape SSH Sessions Without Ending Them
  309. Security Tools Should Be Designed For Security
  310. Recover FreeBSD Root Access When You Forgot The Password
  311. Unix Vs. Microsoft Windows: How System Designs Reflect Security Philosophy
  312. No Autorun Can Help Protect Microsoft Windows From Malware
  313. Why You Should Never Trust Facebook
  314. If Facebook Will Not Protect Your Privacy, Maybe Someone Else Will
  315. The Many Eyes That Matter For Security Are The Friendly Eyes
  316. Create A Simple, Simulated Network With The Honeyd Tool
  317. Are Bad Guys Using Honeypots To Catch Security Researchers?
  318. Don't Be Fooled By The Argument Against Unique Passwords
  319. New Developments In OpenPGP Encryption Tools
  320. Shadow DNS In The Works: Do We Need A Second Internet?
  321. Use Firewall Software Like PF To Protect Your Desktop Systems
  322. The Meaning Of Cryptographic Trust
  323. What Can The OpenBSD IPsec Backdoor Allegations Teach Us?
  324. Vim Offers Strong File Encryption With Blowfish
  325. How One-Time Passwords Fit In With Multifactor Authentication
  326. Key Open Source Security Benefits
  327. Design Simplicity Is An Important Element Of Open Source Security
  328. Set Up A Secure File Transfer Account With Rssh
  329. Use Sysctl Security Settings To Lock Down A FreeBSD System
  330. The Difference Between Secrecy And Privacy As Security Concepts
  331. Imagination Is More Important Than Knowledge
  332. The Book Of PF Is The Canonical Reference For The PF Firewall
  333. Filtering PF Firewall Logs
  334. Why Not Use OpenPGP For Web Authentication?
  335. Captured Images Of Your Physical Keys Can Be Used To Make Copies
  336. Protect Yourself From Closed Source SSH
  337. The Security Limitations Of Solid-State Drives
  338. Rulings In PS3 Jailbreaking Suit Should Worry You
  339. Electronic Voting Can Be Better Than Paper
  340. How To Use WinSCP With Public Key Authentication
  341. How To Use Password Safe On Microsoft Windows 7
  342. PuTTY Toolset Offers More Than Just An SSH Terminal
  343. IP Is For Intellectual Property (And Invading Privacy)
  344. Encrypt Calls On Your Android Device With RedPhone
  345. SSL/TLS Encryption And The Vacant Lot Scam: Too Big To Fail
  346. The Privacy Covenant Is An Illusion
  347. Maybe Your Random CAPTCHA String Generator Should Be Less Random
  348. There May Be A Better Way To Weed Out Spammers Than CAPTCHA
  349. Facebook Is Not The Real Privacy Threat
  350. How To Get People To Use Strong Passwords
  351. IPhone Tracking Only Part Of Apple's Security And Privacy Shortcomings
  352. What To Do About The PlayStation Network Breach
  353. Like Passwords For Chocolate, Coming Soon To A Security Theater Near You
  354. Sony's Scapegoat For The PSN Compromise Fights Back
  355. From A To Z: Whistleblowing Versus Social Networking
  356. Is The IP Address The New SSN?
  357. DRM Is Counterproductive
  358. Why Strict Copyright Enforcement Is Becoming Obsolete
  359. 10 Highlights Of The FBI IT Security Record
  360. How Your Emails Can Become Public Record: The Enron Dataset
  361. Has The Mozilla Foundation Lost Its Collective Mind?
  362. How Do You Protect Yourself From Hacktivist Groups?
  363. Cryptographer And Computer Scientist Robert Morris Dies At 78
  364. Stainless Steel Wallet Review: Two Years Later

Articles: TechRepublic Linux and Open Source Column

The following are articles Chad Perrin has written for the TechRepublic Linux and Open Source column, listed by title in roughly chronological order. You may notice some variance in article titles between this list and the articles at TechRepublic. Chad has little or no control over editorial changes made after the article has been submitted there.

  1. Is Oracle Poised To Effectively End Open Source Software?
  2. Is This The End Of Buying Software?
  3. Why Your College Uses Microsoft Windows For Everything
  4. Use Msmtp With Mutt To Send Email
  5. GNU Is Not Unix
  6. Is Tmux The GNU Screen Killer?
  7. Chromium Browser On FreeBSD
  8. Contribute Your Expertise To An Open Source Textbook
  9. Try The Uzbl Browser If You're Tired Of Feature Bloat
  10. Apache Vs. Oracle: A New Front In The Java War
  11. A Simple User Primer For Init
  12. Oracle Wins The 2010 Open Source Enemies Prize
  13. Linux And FreeBSD Hardware Info Command Guide
  14. A Simple Rsync Script To Back Up Your Home Directory
  15. What Is Open Source Software?
  16. Preparing Installation Media At The FreeBSD Command Line
  17. Don't Fear The Fork
  18. Use Logwatch To Make Log Watching A Little Easier
  19. Promote Openness: Custom Applications And Standardized Formats
  20. What Is Android Missing?
  21. Three Features You May Not Know XTerm Has
  22. Use Xsel To Copy Text Between CLI And GUI
  23. Review: The Best Linux Book Available
  24. NetworkManager, The Fifth Horseman Of The Apocalinux
  25. Save Your Money: Three Bad Linux Books
  26. Five Benefits Of Command Line Tools
  27. Open Source Software Users Voluntarily Pay More
  28. Use i3 For Tiling Window Manager N00bs
  29. If You Thought Uzbl Was A Minimal WebKit Browser, You Should See Surf
  30. Pentadactyl: Firefox For Vim Junkies
  31. The Scrapbook Extension: Better Bookmarks For Firefox
  32. Why We Should Allow DRM On Open Source Platforms

Articles: TechRepublic Programming and Development Column

The following are articles Chad Perrin has written for the TechRepublic Programming and Development column, listed by title in roughly chronological order. You may notice some variance in article titles between this list and the articles at TechRepublic. Chad has little or no control over editorial changes after the article has been submitted there.

  1. Five Ruby Greetings
  2. A Development Workflow For Mercurial
  3. Learn By Doing: Seven Ideas For Learning How To Program
  4. A Skeptics History Of C++
  5. Simple Filters In Perl, Ruby, And Bourne Shell
  6. Introducing Io, A Prototype-Based Language
  7. Memoize Recursive Functions To Conserve Resources
  8. Let Isaac Help You Build IRC Bots
  9. 10 Great Books And Other Resources For Learning Ruby
  10. Try The SL4A Scripting Environment For Your Android Device
  11. TortoiseHg Integrates Mercurial With Windows Explorer
  12. Contribute To Bitbucket Projects Using Forks And Pull Requests
  13. Variable Names Should Usually Be Descriptive
  14. Use interactive_editor With irb For An Inside-Out Ruby IDE
  15. Steven Levy's Hackers Is A Classic Of The Information Age
  16. Simple Data Storage With Ruby
  17. Why Clean Code Is More Important Than Efficient Code
  18. Understanding Ruby Blocks