Will Tor have Extrusion Detection?

Posted by Synfinatic on February 26, 2006 at 11:25 am in Security, Tech.

Richard Bejtlich wonders in light of Tor being able to be used to anonymously attack other systems, will Tor add extrusion detection capabilities?

I seriously doubt it. First, there are technical reasons for this, namely each exit node would need to have their own policy since some operators would want very strict polices and others more open policies. Pushing knowledge of that policy to the rest of the network to make routing decisions would be very complex and incurr high overhead on a system which is by it’s nature not very efficent.

Secondly, adding additional monitoring to an anonymity system is just ass-backwards. The whole point of Tor is to allow people to be untraceable and …

Full Post | Add comment | Trackback

SSL on the cheap

Posted by Synfinatic on February 25, 2006 at 6:15 pm in Security, Tech.

Well I finally got a real SSL certificate, signed by a trusted CA for www.synfin.net. For less then $20/yr no more annoying popups in webbrowsers, mail clients or my Treo. Anyways, overall I’ve got to say that GoDaddy made the process pretty painless and quick. So far I’ve tested Firefox and Safari and both seem to be happy with the cert. Two thumbs up.

One thing to note, if you’re grabbing the tcpreplay source from SVN the SSL Certificate has changed. If anyone knows how to pass in a certificate chain file for svn let me know.

Full Post | Add comment | Trackback

Shame

Posted by Synfinatic on February 19, 2006 at 10:01 am in Geek Law, Politics.

Shame on Yahoo, Microsoft and Google. But part of me understands. For better or worse, companies are ultimately responsible to their shareholders, not morals or concepts of right and wrong. Even Google’s motto of “Do no evil” is convienently pushed aside when it becomes monetarilay inconvient.

Given the choice of helping the Chinese government put a dissident behind bars or pissing off the Chinese government which allows them access to the largest potential customer base, Yahoo decided to assist the communist dictatorship which resulted in Shi Tao getting 10 years in jail.

But perhaps the most scary thing is that Microsoft couldn’t say under oath wether or not IBM should be ashamed for helping the Nazi’s. I …

Full Post | Add comment | Trackback

Fair Use under attack (again)

Posted by Synfinatic on February 16, 2006 at 9:36 am in Geek Law, Tech.

Actually, there are a lot of reasons why I support the Electronic Frontier Foundation.  One such reason, is that they’re one of the few organizations fighting for our Fair Use rights.  Fair Use provides some basic rights allowing greater creativity and expression of ideas.  It also is the legal basis for technologies that we take for granted like the VCR, Tivo and iPod.

And like so many other freedoms, Fair Use is under attack.  What are you going to do about it?

Full Post | 1 comment | Trackback

Where does one begin?

Posted by Synfinatic on February 12, 2006 at 5:25 pm in News, Rant.

Your random quiz for the day:
Basically, a 12yr old boy has been charged with a felony for:

a) Bringing a gun to school

b) Selling drugs to his classmates

c) Joking that the powered sugar for his science experiment was cocaine

Meanwhile… Vice President Dick Cheney made a far more serious judgement error and shot someone in the head but apparently that’s ok.  (Yes, they’re calling it an “accident,” but any experianced hunter knows that they need to keep tabs on all members of their hunting party at all times and be aware of what they are shooting at, both of which Cheney failed to do in this case.)

Full Post | Add comment | Trackback

VP of Eng.

Posted by Synfinatic on February 5, 2006 at 9:47 am in /dev/random, Tech.

At Mu we’re looking to hire a VP of Engineering. Anyways, I figured I’d list some of my interview questions I plan to ask.

As a manger, what kind of environment makes you the most effective? The least?
Every manager seems to claim they have an “open door policy”. How do you get people to walk through the door?
What do you bring to the table that can help a fast growing startup continue to execute quickly and maintain quality?
What role do you intend to play with regards to our CTO and VP of Product Management?
What qualities do you look for in an engineer when interviewing? What are some red flags?
What do you expect from your engineering teams? …

Full Post | Add comment | Trackback

Well that was painless…

Posted by Synfinatic on February 1, 2006 at 10:29 pm in Life.

Just upgraded this site to WordPress 2.0.1.  It was almost too easy.  Cool.

Anyways, today was just like most any other day.  Meetings, coding, fixing bugs… all that good stuff.  Earlier in the week, our company offically “launched” and started sending out press releases and all that sorta thing.  We even made slashdot.  Of course, the response wasn’t that great, but oh well… they don’t really understand what we’re doing, but that’s pretty standard for slash.

Anyways, you can check us out in all (well some) of our glory at the Innovation Station at the RSA Security Conference in San Jose later this month.

Full Post | Add comment | Trackback