JDPFu.com 2025

A friend found this link.
Security Conferences
Seems to have all the security conferences in the USA covered.

Nice 1-stop location to find more videos than anyone will be able to watch. There is a slight downside. The few videos I’ve watched were encoded a h.265/HEVC. HW support for this codec is non-existent and my Kodi Raspberry Pi v2 can’t play those without massive stuttering. Had to re-encode the videos before watching.

Selling security vs doing security. The first one is a hell of a lot easier.

Link

With so many different vendors pushing thousands of different products, we all need a little help to find the right product to fit our needs.

Product reviews were helpful, but those have been taken over by commercial interests gaming the system. Read somewhere that 80% of product reviews on sites like Amazon are fake, put up by review management companies in violation of the ToS for Amazon, but still it is next to impossible to stop these.

So a few websites started making reviews which seemed to be based on facts and real trials. Sorta like Consumer Reports, but free. There is a difference between how Consumer Reports does their reviews and how these websites, like TheWirecutter.com do theirs. I´ll explain below.

It has been reported that Mark Zuckerberg’s Twitter and Pinterest accounts used the trivial password, dadada .

• Using the same password on two online accounts is poor security practice. Mr. Zuckerberg should know better.
• Using only 2 characters, no mixed case, no numbers and no special characters is poor security practice. Mr. Zuckerberg should know better.
• Using only 6 characters total is just stupid these days. Anything less than 12 characters takes under 24 hrs to break with home computing power from 5 yrs ago. Mr. Zuckerberg should know better.

Security practices start at the top. I suppose if your company is primarily about hookups and cat photos, then security might not be on the forefront of your mind.

Links

• The Register
• Business Insider
• there are hundreds of others.

What Hope Do We Have?

People are saying if Mr. Zuckerberg fails at this, what hope do they have? CEOs tend to ignore security, IME. I was told by a CEO that if I made the minimum password 15 characters (plus a sufficient complexity), he would switch to using his hotmail account. Reminds me of Ms. Clinton.

At my job, In the 1990s, a group of co-developers stole my work password because they were too lazy to setup their own Windows account to perform InstallShield packaging. I reported the infraction to my boss, the VP of Development and a founder of the company. When he refused to do anything about it, I started looking for another job. 2 months later I was gone.
The next company wasn´t much better about security, but the following one was excellent and I worked there for about 8 yrs. I left over contractual differences, not the people nor the work.

A Fine Line

I suppose for some people, having all the security enforced that I believe is require could also be a reason for many more workers to leave, so management needs to walk a careful line if the work is not interesting enough for people to stay even with good network and computer security.

Below are some statistics from a few running VMs for your consideration.

ID S RDRQ WRRQ RXBY TXBY %CPU %MEM    TIME   NAME                            
 4 R    0    0  287    0 26.0  9.0 454:26.51 win7ult
 2 R    0    3 551K  16K  3.3 19.0 258:56.21 desktop
 5 R    0    3  287    0  0.7 15.0 217:59.98 email
 6 R    0    0  287    0  0.1  3.0  10:24.97 email-front
 3 R    0    2  287    0  0.1  7.0  43:37.56 blog

Breakdown of the Stats

I watched the virt-top output for about 2 minutes and grabbed those numbers above during a representative 2 sec period. The Windows VM never dropped below 25% use. The other VMs each would bounce up as something required it, then would drop back down to nearly nothing when done.

More details below.

The firejail project is new to me. It takes all those security efforts added to the Linux kernel over the years and makes them available for end-user programs. These are specifically designed for GUI programs. How cool is that?

Logitech C920 Works on ChromeOS, but not on Linux? Huh?

Be certain to read the last paragraph. It started working and has been solid.

For the last 4 months, I´ve had a chromebook running ChromeOS because I hadn´t figured out how to get it to boot Linux with an encrypted SSD off the internal drive. Solved that last week (completely removed the write-protect screw) and was surprised that the Logitech C920 which has been working under ChromeOS perfectly for all these months doesn´t work at all under Ubuntu-Mate 16.04.

• List of C920 Supported OSes
• Logitech Support about Linux and C920

• https://tox.chat/ – Secured connections using 50+ character IDs which are manually shared. Thick clients exist for all the popular platforms. Beta level today. I´ve never used it.
• https://talky.io/ – Javascript dependent on WebRTC (Firefox, Chromium and Chome) that runs in a browser. No real security except using an odd room name so others don’t accidentally join. To join, both a webcam and microphone seem to be mandatory, but can be disabled (mute buttons for each) after joining, before anyone notices. Just make up an odd room name, share it, that´s it. https://talky.io/JDPFU4562dgr – for example. Have everyone go there to meet (limit 15).

When sharing images or publishing them to a website, reducing the file size, especially when a human cannot tell the difference, is smart for many reasons.

Convert is part of the ImageMagick package which has been around for decades.

$ more img-opt
#!/bin/bash
QUAL=40   # 40 is safe. 20 often works too for even smaller files

for img in "$@"; do
  NEW=${img/%.???/-opt.jpg}
  echo " Working on $img ..."
   /usr/bin/convert -quality $QUAL  "$img"  "$NEW"
done
# Rename ... perhaps.
echo "rename 's/-opt.jpg/.jpg/g' "

Don’t forget to chmod +x img-opt after creating the file. I’d place it in either /usr/local/bin or ~/bin/ .

Rename is part of perl and amazing, but I prefer to wait until I’ve manually reviewed the results most of the time.
Input files and globbing by the shell dictate that filenames cannot have spaces. I’m lazy and it is really easy for me to prevent spaces in filenames, so this and all other scripts I create make that assumption.

Typical use is:
$ img-opt D*g

This will glob all the files beginning and ending with D/g and run the convert/optimization on each in turn. New files ending in -opt.jpg will be the result – even if files already have that name, those characters will be replaced. Safety.

Other image file types can be input, but only jpg output is possible.

I’ll work in a temporary directory, with copies of the original image files. Then I use an image viewer to quickly look through all the files and delete the originals. If everything looks good, I’ll rename all the files en-mas, before pushing them to a web site or adding to an email attachment.

This script shows some simple techniques to run the same process over a bunch of files using input file globbing. That is extremely powerful. The input list of files can come from anywhere:

1. the shell, using globbing
2. a file with a list of files
3. another command like ‘find’
4. pipes …

Very powerful.

• Bash Globbing
• Linux Journal Globbing

Be aware that globbing on Unix systems is VERY different from globbing on Windows. The *.* stuff on Windows is never needed on Unix. Extensions don’t matter on Unix.

I’d like to apologize to people using Amazon EC2 to visit this blog. Sadly, a few hundred of your peers decided to be abusive, so I was forced to block most of EC2 subnets from access.

Having hundreds of IPs in the EC2 IP range crawling this site constantly just cannot be allowed. It isn’t like we post articles more than once a day – sometimes not even once a month.

I apologize if you have been blocked due to this. Not much can be done, I’m afraid.