Cryptosmith

A recent Handler’s Log on the SANS Internet Storm Center spoke of the recent demise of an early blog site called “Journalspace.com.” Evidently their disaster recovery strategy consisted of maintaining a mirrored RAID system.

I’ve written quite a bit about how mirrored RAID is a fundamental part of my disaster recovery strategy. However, the Journalspace people apparently skipped an essential step: they relied solely on their on-line data and didn’t keep an off-line (preferably off-site) backup.

Continue Reading »

Posted under Household Tech & Information Security | No Comments »

Gunnar Peterson from here in St. Paul gave an interesting keynote at the “Quality of Protection” conference, called The Economics of Finding and Fixing Vulnerabilities in Distributed Systems. Gunnar also posted it on his blog.

His remarks talk very intelligently about information security investment and the challenge of iimproving security in exchange for money spent. He makes some terrific analogies based on “money investment” strategies of Warren Buffet. I’m still reading it, actually - there’s a lot of good thinking there.

Posted under Information Security | No Comments »

Two things about my computer use over the past decade: 1) I’ve been moving all of our family mementos (mementi?) to digital form, and 2) I’ve become a total klutz about mass storage. A disaster in the making? Almost, but not quite. I’ve spoken earlier about using RAID on my Mac Pro, and now I’m using RAID with my Time Machine storage. I use my drive swapping trick to create backups, and keep the backup off-site.

While performing the drive swap, I managed to smash my working OS X system partition. Thus, I got to experience first-hand the process of recovering my system from my Time Machine backup. Here’s the report.

[UPDATE: Since the original posting, I've found more brittleness in the restored Aperture directory and I've been negotiating a truce between Paragon's NTFS and my NTFS-formatted portable USB drive. Sides are still not quite on speaking terms.]

Continue Reading »

Posted under Information Security | No Comments »

I’ve been working on tutorial material to explain file permission settings in general. This seems to be a topic that most textbook authors avoid like the plague.

Today, I was googling about file permissions and I found this blog entry at Jaanus.com about the sad usability state of file permission setting functions in Windows and OS X. The author mentions some research at CMU on the usability of file permissions, and highlights several of the pitfalls in the Windows XP interface.

Continue Reading »

Posted under Information Security & Tech Teaching | No Comments »