TLS/SSL for applications : Right and Wrong ways to fix it.

Many applications use TLS/SSL to connect their components together. During development, unless you have lots of time and/or money you won’t have a signed certificate. Even if you have a free CA server, the chances are, your development instance was thrown up from Vagrant or a fresh AWS instance that doesn’t trust your CA. (Unless you … Continued

Amazon AWS and making use of dynamic IP addresses

If you ask AWS to give your instance a public address but don’t allocate an “Elastic IP address” then you get a dynamic address from a pool. That causes problems only when you stop/start (eg NOT when you reboot). So it will only bite you much, much, later. EIPs are in slightly short supply and … Continued

Accumulo® on AWS’s Elastic MapReduce

One of the great things about working for a small company is that you never know which technology you might need to work on. We don’t have a database team or a network team or a hardware team (we don’t have any hardware!), there are just a few of us doing everything. The latest thing to … Continued

Keep it safe: Sharing with Surevine. Week 7 Conclusion

And so we reach the last (our seventh) in our series of weekly blogs, all under the title “Keep it safe: Sharing with Surevine”. To recap… In our first post we introduced the series, with our theme of Passwords, and focussed on Password Storage. In week 2 we took it one step further, and talked … Continued

Keep it safe: Sharing with Surevine. Week 6 Encryption

Welcome our sixth instalment in a series of blogs we are publishing each week, all under the title “Keep it safe: Sharing with Surevine”. In our first post we introduced the series, with our theme of Passwords, and focussed on Password Storage. In week 2 we took it one step further, and talked about Password … Continued

Keep it safe: Sharing with Surevine. Week 5 Anti-Malware

Welcome our fifth instalment in a series of blogs we are publishing each week, all under the title “Keep it safe: Sharing with Surevine”. In our first post we introduced the series, with our theme of Passwords, and focussed on Password Storage. In week 2 we took it one step further, and talked about Password … Continued

Keep it safe: Sharing with Surevine. Week 4 – Pins

Welcome to our fourth instalment in a series of blogs we are publishing each week, all under the title “Keep it safe: Sharing with Surevine”. In our first post we introduced the series, with our theme of Passwords, and focussed on Password Storage. In week 2 we took it one step further, and talked about … Continued

Keep it safe: Sharing with Surevine. Week 3 – Beyond passwords

This is our third instalment in a series of blogs we are publishing each week, all under the title “Keep it safe: Sharing with Surevine”. In our first post we introduced the series, with our theme of Passwords, and focussed on Password Storage. Last week we took one step further, and talked about Password Complexity. … Continued

Keep it safe: Sharing with Surevine. Week 1 – Password Storage

Surevine don’t exist in a bubble, we need to do business with external companies and people. And to do business, we need to share information that we would quite like to keep between ourselves. While we have a carefully crafted IT policy (and some very clever security folk) to help prevent any leakage of information internally, … Continued