Category Archives: Uncategorized

Security Patterns & Anti-Patterns

Overview In this post we will be exploring a very useful analysis concept in security engineering, Security Patterns and more importantly; Anti-Patterns. As we have discussed in earlier posts, a use case or use model is a generalized process or … Continue reading

Posted in Uncategorized | Leave a comment

Introduction to Systems Security Engineering

There are many books, articles and websites on System Engineering in general, but relatively few on Systems Security Engineering. In the not so distant past, I spent more than a decade implementing IT security, developing policy and procedure for IT … Continue reading

Posted in Uncategorized | Leave a comment

PSA – Update on TrueCrypt

Overview There are many users who have continued to user TrueCrypt 7.1a for a number of reasons; specifically: TrueCrypt is not actively being developed or supported, but there are no indications of security vulnerabilities with TrueCrypt, and There are no … Continue reading

Posted in Uncategorized | Leave a comment

Embedded Device Security – Some Thoughts

Overview Devices are becoming increasingly computerized and networked. That is mildly newsworthy. Most of these devices have a long history of not being computerized or networked. Once again, only mildly newsworthy. Some of the companies have limited background in designing computerized … Continue reading

Posted in Uncategorized | Leave a comment

CryptoCoding for Fun – Part 2 [Terminology and Concepts]

Introduction (Yak Shaving) As you can see from the title, we are still the “CyberCoding for Fun” path, and although I would like to jump in and start how you make that happen, we need to step back a bit … Continue reading

Posted in Uncategorized | Leave a comment

CryptoCoding for Fun

Introduction Inevitably when somebody with more than a passing interest in programming develops an interest in crypto, there is an overwhelming urge to write cryptocode. Sometimes it is just the desire to implement something documented in a textbook or website. … Continue reading

Posted in Uncategorized | Leave a comment

System Security Testing and Python

Overview A significant part of systems security can be testing, and this presents a real challenge for most systems security engineers. Whether it is pen testing, forensic analysis, fuzz testing, or network testing, there can be infinite variations of System … Continue reading

Posted in Uncategorized | Leave a comment