Thoughts on System Design and the 'Organic' Emergence of Security Requirements

31st Dec 2022

I've been thinking about the classic 'InfoSec Triad' lately (Availability, Integrity, Confidentiality) and how challenging it is to convey the real-world value of these concepts during real-world discussions on how to 'secure' a system. The InfoSec industry could stand to improve by providing clear provenance for each 'Security Requirement' that gets proposed. Most security professionals struggle to convey information security theory to non-specialists.

In this post I explore a 'hypothetical system' and attempt to show where security concerns become surfaced during the lifecycle of a growing software system. Not all systems will have the opportunity to grow to a point where designers need to seriously consider the more complicated an 'fun' security angles.


Upgrade to NextCloud 23 prevents online document editing in Collabora online: Files download instead of edit

11th Dec 2021

After my recent effort in upgrading gitlab I decided to take a crack at updating NextCloud to version 23. On the surface it all went well - upgrading the dockerized version from 21 → 23 went smoothly and without any obvious errors.

Unfortunately, it appears that online document editing a-la Collabora Online [w/ Built-in CODE Server] has a problem when performing an upgrade installation. When attempting to edit a document in-browser I am prompted to download the file - no in-browser editor appears to load(?).


Ever Stale: A Tale of missed updates or how to upgrade GitLab from 12 to 14

8th Dec 2021

I spent an hour reviewing my home lab setup and found an old internal gitlab instance running that I hadn't touched in some time. It was running GitLab-CE 12.10.13-ce.0 and was ready for an update! The latest version of GitLab at the time of this writing is 14.5.2-ce.0 which was too far to take in one jump. A complicating factor is that I've run this server since version 8.x using their publicly available docker image and have not built it out in a way that lends for easy upgrades. Fortunately I was able to apply the updates, not without some drama.

Today's ‘modern’ approach to application deployment can leave you in a perpetually stale state if you aren't able or willing to keep up with the relentless onslaught of patches, updates and troubleshooting patch/update failures.


BSidesSLC 2021: Container Security From the Bottom Up

6th Dec 2021

Most companies have experimented with containerization in one form or another and there is a wealth of information at these higher abstraction levels for securing constructs like Dockerfiles, Container Images, and Container Orchestration tools like Kubernetes. What can be overlooked at times is that...


DEF CON 29: Why does my camera scream like a banshee? Signal Analysis & RE

7th Aug 2021

I'll be presenting at DEF CON 29 tomorrow on signal analysis and reverse engineering a strange audio encoding used to configure certain models of wireless security camera. Along with the presentation I've created a tool that lets you pair the camera to your wireless network without using the included vendor app. This streamlines the process to speed further reverse engineering work: https://github.com/7thzero/THAMYRIS

Pre-recorded video can be found here: Why does my security camera scream like a banshee?


LXQt - lubuntu 20.04 shows windows from all virtual desktops / workspaces

19th Apr 2021

After migrating a VM to Lubuntu 20.04 (with LXQt 0.14.1) I noticed that the launch bar / taskbar would show windows from all workspaces. My preference is to view only the ‘current' workspaces windows at any time to reduce accidental switches between desktops. There is an easy way to configure this.


golang sort.Slice - limits of 'int' in function signature

1st Dec 2020

I had an idle question earlier today: can golang support sorting a slice with more than 2,147,483,647 or 4,294,967,295 entries (signed 32bit and unsigned 32bit max values)? Looking at the documentation for sort.Slice it specifies a comparator function with this signature: func(i, j int) bool which got me thinking about what int can represent in golang. int is signed, so is there a way to sort through a slice with a hypothetically enormous number of entries?


Work-around: Terraform 0.11 wants to rebuild EC2 instances when they haven't changed

16th Oct 2020

Terraform claims that my EC2 instance needs to be rebuilt due to changes in the ebs_block_device even though we haven't made any changes to the block device definition. Note the ebs_block_device lines that claim 'forces new resource':

aws_instance.infosec-gatekeeper (new resource required)
      id:                                "i-01234567890123456" => <computed> (forces new resource)
      ami:                               "ami-0123456789abcdef0" => "ami-0123456789abcdef0"
      arn:                               "arn:aws:ec2:us-east-1:098765432109:instance/i-01234567890123456" => <computed>
      associate_public_ip_address:       "false" => <computed>
      availability_zone:                 "us-east-1e => <computed>
      cpu_core_count:                    "1" => <computed>
      cpu_threads_per_core:              "2" => <computed>
      ebs_block_device.#:                                "0" => "1"
      ebs_block_device.1357911171.delete_on_termination: "" => "true" (forces new resource)
      ebs_block_device.1357911171.device_name:           "" => "/dev/xvda" (forces new resource)
      ebs_block_device.1357911171.encrypted:             "" => <computed> (forces new resource)
      ebs_block_device.1357911171.iops:                  "" => ""
      ebs_block_device.1357911171.kms_key_id:            "" => <computed> (forces new resource)
      ebs_block_device.1357911171.snapshot_id:           "" => <computed> (forces new resource)
      ebs_block_device.1357911171.volume_id:             "" => <computed>
      ebs_block_device.1357911171.volume_size:           "" => "16" (forces new resource)
      ebs_block_device.1357911171.volume_type:           "" => "gp2" (forces new resource)

This was in an environment with:

  • terraform 0.11.14.7
  • aws provider 2.56.0

Switch Hybrid Graphics Mode - Nvidia & Intel

21st Sep 2020

My 'new' travel laptop had an issue with battery life and the issue was traced to power consumption of the Nvidia graphics card. Since I'm not gaming or doing graphics intensive work it makes more sense to stick to the 'integrated' Intel graphics to gain runtime. This is how to change the graphics mode in Ubuntu 20.04.


Disable Laptop Display Auto-Dim - NVidia Optimus Hybrid Graphics

14th Sep 2020

I have a Razer Blade Pro 17 inch laptop and found a behavior that bugged me with no clear way to turn it off: Display auto-dimming. The laptop screen would get dimmer when I switched between applications and darkened to an unacceptable degree when loading VMWare Workstation (full screen). Others have had similar issues with their Razer laptops and had mixed results in finding a resolution.