Keep it safe: Sharing with Surevine. Week 1 – Password Storage

Surevine don’t exist in a bubble, we need to do business with external companies and people. And to do business, we need to share information that we would quite like to keep between ourselves. While we have a carefully crafted IT policy (and some very clever security folk) to help prevent any leakage of information internally, … Continued

ShellShocked – A quick demo of how easy it is to exploit

I just knocked up a simple proof of concept for ShellShocked to prove to myself what a danger it is. Prerequisites “Standard” apache install apache user having /sbin/nologin as his shell (not required, but considered best practice and you would think it might help mitigate the problem…) CGI scripts enabled Simple bash CGI script that echoes … Continued

Surevine Q&A: Max Allan

Credentials Role Linux Systems Administrator Joined Surevine February 2012 The questions… What is your ‘alternative’ job title? root How would you sum up your role in one sentence? Managing everything that computes and the access to and from it. Who is your geek idol? J F Sebastian What are your OS and browser of choice? … Continued

Supply and Demand in “The Cloud”

Surevine work almost entirely in Amazon’s “Elastic Compute Cloud” (EC2). This means we don’t need to have our own building somewhere with a pile of servers and networking. It doesn’t mean that we don’t need to think about how we use that compute resource. Like everything else it suffers from supply and demand problems. Even … Continued

Who reads the instructions anyway?

Surevine make a point of using open source products and indeed try to support the open-source community by encouraging employees to commit fixes to bugs back into public repositories and generally be good open source citizens. So I don’t want this to be read as an attack on all the people who give up their … Continued

Email and the curse of the carbon copy

One of the great things about working for Surevine is the careful avoidance of email. I know some of you are going to find that hard to understand or even imagine. But really, we don’t use email unless we really have to. And that probably means an average of less than once a day. I … Continued

There’s no such thing as a free web app

I recently noticed that many of my friends’ Facebook posts were not appearing in my news feed. It became particularly apparent when I went to help out a friend and she posted a picture of me working and a “Thanks” message as separate posts. Then later in the day I met a friend who said … Continued