documentation

[This is an article I wrote for Linux Journal]

Internet and cloud companies do not have perfect security. We're all familiar with large scale data theft from big corporations. While most do a great job considering the attacks against them, you can do your part by protecting your own accounts.

It's common wisdom to use a different password for each account. Better yet is using a unique email address as well. That quickly becomes unwieldy, so we need an external brain.

Tübix has kindly accepted two of my proposals for the beginning of June conference in Tübingen, Germany.

In the morning I will be showing uMatrix, a privacy and security webextension browser add on. Via a simple interface uMatrix allows personal rules for website cookies, JavaScript, CSS, pictures and video.

In the afternoon I will be speaking on privacy and security via better control o
f account credentials and private data.

Both talks will be in German. The conference is in German and Schwäbisch.

My "Personal Online Security, Privacy, and Password Management" for Ubucon at SCaLE is tomorrow.

I'm looking forward to giving the presentation in conjunction with SCaLE. It was popular when I gave it at Linuxfest Northwest a couple years ago and the many times I've given it for local groups.

Last year Linux Journal used my article as the cover story. The article was based on the presentation I will be giving at Ubucon.

Linux Journal chose my article about online privacy and security using a password manager as the cover story for this month's edition. You have to be a subscriber to read it right now.

The cover graphic to go with my article could be depicting chop sticks pulling a password out of a data stream, so it's also an article that can be accompanied by Sriracha.

SCaLE accepted my etckeeper talk for SCaLE 15x.

As a system administrator I find it important to track changes in configuration files. Revision control systems have some fatal flaws for tracking /etc/. Luckily Joey Hess' excellent etckeeper wraps several revision control systems and adds the features we need to track our configuration files.

Linux Journal will be publishing my article about Online Privacy and Security Using a Password Manager in the January edition ( pre-emptive URL ). I adapted my talk ( given at LinuxFest Northwest last year ) for print and concentrated more on the password manager aspect.

Thanks to Linux Journal for accepting my article and publishing it.

Verifying signatures

Debian's CD verification page doesn't explain how to find and use the keyring from the package.

This page will explain how to get the keyring package and use it to verify the gpg signatures for the checksum files if you are running debian. The directions will likely work for any debian-based distribution.

Install debian-keyring ( sudo apt install debian-keyring ). Also install gnupg if it isn't already installed ( see GnuPG sidebar for details ).

After my resume writing presentation at PLUG last week a few people spoke to me about looking for jobs. Some were new, so I don't yet know them by name. Hopefully they show up for Resume Review Night on Tuesday.

Heartbleed is a recently discovered security flaw that affects millions of web servers.

Heartbleed affects enough servers that you should just change all your web site passwords. It allows theft of the server's security key, your credentials, your session with the web site and cookies that can be used to impersonate you.

Because the security certificates could be stolen, there are some extra steps.