Thoughts on security, privacy, and building software.
13 October 2019
There are a lot of complicated tutorials on how to get xRDP working on Kali Linux. I suspect the tutorials have become complicated as they address a variety of bugs that xRDP and connecting software has had over time, but there isn't much you actually need to do. Here are the steps to be able to RDP into your Kali box locally, and via an SSH tunnel over the internet.
03 February 2019
You may not be aware, but there is a new privacy law coming in the US, and though we don’t yet know the exact form it might take, it’s impact will be deeply felt. All around the world, new laws such as the GDPR are being enacted as governments struggle to catch up with technology. In Brazil the government has passed the LGPD, in Vietnam the government has passed similar legislation, under what is referred to as the ‘Cybersecurity Law’, and in California the state legislature has passed the CCPA. Many other governments are in the midst of a similar process, having their sights set on mandating digital rights, and enforcing data sovereignty, including the US government.
21 December 2018
I recently purchased a Pixelbook while over in the US, and I've slowly been exploring it's capabilities. I really like it as a travelling device, and I've naturally been curious about what you can set up. VSCode, Signal and other apps all seem to work in the Linux sandbox environment, and it turns out that Burp Suite does as well. Assuming you have the linux environment installed, adding Burp Suite is reasonably straight-forward.
24 June 2018
It’s been said that data is the new oil, and for good reason; insights from analysing data can save money and create competitive advantage, especially as we combine data sets and start data mining. But individuals don’t necessarily want to be data mined, and laws like GDPR, GLBA, PIPEDA, FERPA, etc are limiting what we can do without that individual’s consent. GDPR in particular has no grandfathering of data collected previously, meaning that if you want to hold onto the data you have, you need to anonymise it.
24 April 2018
The difficulty with quality is that like all knowledge work, it’s invisible. Each practice within the discipline guards against specific issues, and each can be skipped... until something breaks. Software testers devote an entire career to this topic, so it is difficult to cover it all with any kind of brevity, but here are the things I would look for.
18 March 2018
If you are starting a new project, what should you build? Perhaps a more important question is, how should you build it?