gregelin

Post DYN DDoS: Is Government Regulation of the Internet of Things on the Horizon?

Suits and Spooks, Jan 2017

Optional readings. Feel free to attach other suggestions.

Most Noteworthy

Texas Law Review - Regulating the Internet of Things: First Steps Toward Managing Discrimination, Privacy, Security, and Consent

• Page 117 starts to discuss IoT's 4 problems (paraphrased): (1) unexpected inferences leading to discrimination; (2) difficulty of de-identifying IoT generated data; (3) hacking and security breaches; and (4) privacy policy, notice and choice in small screenless devices generating data.
• p 148 Peppet does not think much federal regulation or a new agency is currently possible but suggests "four messy and imperfect first steps toward regulating the Internet of Things: (1) broadening

gregelin

Postgres Snippets

Backup a django Postgres database

cd /codedata/code/django-study/mysite
# Stop the django surver so database will not be updated
# DBNAME=django_link
DBNAME=databasename
dumpfile=$DBNAME.pg_dump.$(date +%Y-%m-%d-%H:%M:%S).sql
pg_dump $DBNAME > ../databak/$dumpfile

gregelin

Internet Scale Services Checklist

A checklist for designing and developing internet scale services, inspired by James Hamilton's 2007 paper "On Desgining and Deploying Internet-Scale Services."

• http://mvdirona.com/jrh/talksandpapers/jamesrh_lisa.pdf

Basic tenets

• Does the design expect failures to happen regularly and handle them gracefully?
• Have we kept things as simple as possible?

gregelin

BEGIN:VCALENDAR
VERSION:2.0
CALSCALE:GREGORIAN
BEGIN:VEVENT
TRANSP:TRANSPARENT
DTEND;VALUE=DATE:20161021
UID:1D6F8E2E-F907-4185-BEBD-F0C36434FA87
DTSTAMP:20160922T192555Z
LOCATION:2011 Wilson Blvd\nArlington VA 22201\nUnited States
DESCRIPTION:HOLD FOR OPENCONTROL EVENT.\n\nSocial Gathering/Symposium on

gregelin

OpenControl Webinars

We are group of technologists, government staff, contractors and others in regulated fields committed to Compliance-as-Code. We are developing a community and tools at http://open-control.org necessary to align security assessments and authorizations with modern, continuous software development and delivery.

Below are upcoming webinars introducing our current work: OpenControl and Compliance-Masonry.

Introduction to OpenControl & Compliance-Masonry

This webinar will introduce you to OpenControl as a community, data schema and tools to support Compliance-as-Code.

gregelin

# SCAP Security Guide DoD STIG  profile kickstart for Red Hat Enterprise Linux 6 Server
# Version: 0.0.1
# Date: 2015-04-08
# Url: http://people.redhat.com/swells/ssg-rhel6-stig-ks.cfg
#
# Based on:
# http://fedoraproject.org/wiki/Anaconda/Kickstart
# https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Installation_Guide/s1-kickstart2-options.html
# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
#

gregelin

This note explains the common issue of "notapplicable" results when running openSCAP and SCAP-Security-Guide on CentOS.

SCAP seems like it should be easy because it is "just XML". Then you dig into looking for a test and it gets confusing fast. So it is good to have some background.

SCAP (Security Content Automation Protocol) is actually a set of multiple standards and specifications that are used together to enable automatically testing hundreds of nerd settings. Let me emphasize that: SCAP is not a single XML specification -- SCAP is multiple standards and specs. Whenever you give "SCAP Content" to a scanner to check a system configurations you are giving the scanner multiple XML files representing multiple standards.

gregelin

def getstatusoutput(cmd): 
    """Return (status, output) of executing cmd in a shell."""
    """This new implementation should work on all platforms."""
    import subprocess
    pipe = subprocess.Popen(cmd, shell=True, universal_newlines=True,
            stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
    output = str.join("", pipe.stdout.readlines()) 
    sts = pipe.wait()
    if sts is None:
        sts = 0

gregelin

{"contentType":"application/gliffy+json",
"version":"1.3",
"stage":{"background":"#FFFFFF",
"width":1518,
"height":975,
"nodeIndex":193,
"autoFit":true,
"exportBorder":false,
"gridOn":true,
"snapToGrid":true,

gregelin

{"contentType":"application/gliffy+json",
"version":"1.3",
"stage":{"background":"#FFFFFF",
"width":1518,"height":975,"nodeIndex":186,"autoFit":true,"exportBorder":false,"gridOn":true,"snapToGrid":true,"drawingGuidesOn":true,"pageBreaksOn":false,"printGridOn":false,"printPaper":"LETTER",
"printShrinkToFit":false,"printPortrait":true,"maxWidth":5000,"maxHeight":5000,"themeData":{"uid":"com.gliffy.theme.blue_sweater",
"name":"Blue Sweater",
"shape":{"primary":{"strokeWidth":2,"strokeColor":"#003068",
"fillColor":"#CCD5E1",
"gradient":false,"dropShadow":false,"opacity":1,"text":{"color":"#010B14"}},"secondary":{"strokeWidth":2,"strokeColor":"#006800",
"fillColor":"#CCE0CC",