Kurt McKee

lessons learned in production

Articles tagged with security

Demonstrable ineffectiveness | 25 May 2007

Northwestern University's firedoor lockdown policy has now been demonstrated to be completely ineffective.

SSH over FTP and HTTP | 15 March 2007

Warning : Very techie stuff ahead!

One of my friends was recently lamenting that he hasn't been able to figure out how to punch a hole through his company's firewall and connect to his computer at home using SSH. He mentioned that the firewall is almost too effective, in that he …

Reporting vulnerabilities to Northwestern | 23 January 2007

I reported a vulnerability to Northwestern once, and I did not feel it was received very well. There were a few interesting emails back, but most of the emails could be condensed to just "You didn't handle this correctly" and vague emails that felt as if the person was talking …

Why can't I see it? | 12 January 2007

You know whose blog you need to be reading? Bruce Schneier's. The guy thinks through hard security problems and sees the things we (as the public) don't see. And it kills me that I don't see these things as easily as him. For instance, he was asked about installing metal …

Firefox! Stop locking things down! | 9 January 2007

A while back, Aaron noted that my Webmail Enhancer script wasn't working anymore. Tonight I finally looked into the situation, and the results have not been pleasing.

I got it working again, but there are some pretty serious Firefox changes that appear to have crippled the Northwestern Directory / Webmail integration …