DOCSLIB.ORG

CVL Sep-Oct 2020-Web

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
CVL Sep-Oct 2020-Web September/October 2020 THROUGH THE FLOOD: ONE MAN’S JOURNEY FROM SURVIVOR TO BAKING HIGH SUCCESS (HIGH ALTITUDE, THAT IS) TWO UNIQUE CARBON VALLEY KIDS ALL-AGES COLORING CONTEST Contents From the Editor 4 BBQ Tip: How to Pick a Good Brisket 6 ALL IS FOR Baking High (High Altitude, That Is) 8 F Decisions for a Family Caregiver 10 FLAVOR Carbon Valley Coloring Contest 16 Estate Planning 32 BBQ TIPS features PAGE 6 Carbon Valley Kids 12 2 Minutes of Tech: Passwords 14 CARBON VALLEY RESOURCES 20 Community Spotlight: HOW TO Weld County Foster Care 34 WIN AT THE Cover Story: Through the Flood 24 YOGA 28 BAKING Oh The Things I Didn’t Know... 36 Values-Based Budgeting 37 GAME AT ALTITUDE New articles go up on PAGE 8 carbonvalley.life every week! Sign up for our weekly email to know when new articles post. Carbon Valley Life is produced and published by Genevieve Mellott Design. Every effort is made to ensure the accuracy of information. Want to share your thoughts? Have ideas? Are there errors or omissions? Email [email protected]. Carbon Valley Life ©2020 Genevieve Mellott Design. All rights reserved. Articles, photos, and artwork © individual authors or artists. 2 3 from the editor I would be lying if I said that most Theo Pangilinan, discovered a number years I don’t heave an exasperated sigh of years ago. when I see Halloween candy in stores When you delve into these pages, August first, or roll my eyes at all the you will discover informative articles, pumpkin-spiced nonsense littering inspiring stories, and a little bit of fun my path all Autumn long (leave it for mixed in for good measure. Most of the pies and lattes, people!) Still, this this issue is what I would call “shared year I don’t mind so much. There is knowledge,” and I am infinitely grateful something reassuring about prepping to the writers and professionals who for the change to the coming season, cared enough to make it available to even in silly little things that used to all of us. May it also serve as part of be an annoyance. Other signs are very our seasonal comfort, uniquely relying welcome indeed: the subtle chill that on one another as we enter into the returns to Colorado evenings or the call next unknown, and, as so many folks of birds instinctively flying to their next are saying, knowing that we are “in destination. These things trigger what this together.” Who knows? our minds long to know, that we’ve Maybe as you’re enjoying done this before and know what to a relaxing read, digging expect. into a bag of black This fall, I hope you will consider and orange M&Ms two things: first, in every generation, while lighting there have been unforeseen tumultuous a pumpkin events. Those hard times passed, and spice candle, so will ours. Second, while sometimes someone we may not like the change and across town pressure accompanying those events, is doing the they have the capacity to bring out the same thing. Or best in us, even if we think we are not at least they’ll strong enough. If you shift your focus be thinking to helping others, if you learn to lean on about it. those who offer a hand, if you let go of control and latch onto your faith – you may just find the peace you need, just as the protagonist of our cover story, Genevieve lives in Firestone with her husband, three kids, and two dogs. She enjoys thunderstorms, gardening, and long walks around the reservoir... when the kids aren’t fighting or whining. 4 BBQ Tip: How to Pick a Good Brisket by Dan the BBQ Man As a barbeque competitor and and tender results. But what about caterer, I often get asked how to make the quality of the brisket itself while a better brisket. When people learn just still in the Cryovac? Did you know that how hard we work to cook a “perfect” you can increase your chances of brisket for those judges, they want cooking a supremely tender brisket some tips that might step up their own just by knowing how to pick one? Like backyard game. Why brisket? Patience choosing a pineapple, not all of them and persistence are virtues challenged are the same. If you know how to pick by many a stubborn brisket. They take the sweet ones, they are totally worth it. a while to cook, and not everyone Not all of us can afford to buy high- figures them out right away. How can end Wagyu briskets at three times the a brisket be stubborn? I wondered price. So we find ourselves standing at the same thing until I learned a little the local grocery store or big-box outfit, more about them. For this article, I gazing into the sea of briskets looking will be discussing full packer briskets, for the perfect slab. What do you look which are the most common to use for for, and how do you know you got the smoking. This term means the point best one out of the bunch? and the flat muscles are still connected in one brisket pack. Most folks who cook with beef There are a few things to consider before you even get your brisket on the smoker. Yes, your choice of rub ingredients, injections, and sauces are very important for constructing the best flavor. And how long you smoke it, at what temp, when you wrap or if you wrap and how long you let it rest are all important in ensuring juicy 6 understand that marbling is a great flexible it is and how easy it bends over way to tell if your brisket has good your arm or edge of the shopping cart. fat content between the meat fibers, If it bends easily in the Cryovac, it will which renders down during the cooking likely be more tender when it is cooked. process and turns into delicious, Finally, look at the grain of the meat tenderizing juices. For this reason, and see what direction it is running. choosing a Prime grade brisket over a The grain is the “lines” or fibers in the Choice brisket may be a better option meat that are running parallel from end from the start. to end. If you are looking at the brisket When searching through the lengthwise, the more parallel the grain briskets, don’t be afraid to pick it up is to the cut of the brisket, the more and inspect it closely. The big solid tender it is likely to be. fat chunk on the point end, called Hopefully, these tips will help you the “deckle,” can sometimes be the next time you are shopping for a disproportionately large, and after good brisket and will take your smoking trimming it out can lead to a lot of game to the next level! weight loss that you’ve paid for by the pound. Also, the fat cap that runs along the underside of the brisket should be thinner than the meat, but sometimes Dan Milam is the pitmaster and co-owner it’s the other way around, and you of Chase’N’Smoke BBQ catering and end up with more fat than beef. While competition team with his wife Jacqueline, holding it up from its center, test how based in Firestone. 7 Baking High (High Altitude, That Is) by Angela Peterson One of the most important aspects which will change the texture of your of baking, in my mind, is being able to cake and can lead to more irregular adjust for altitude since most people pockets of air in your batter. So, it is are using recipes found online or in very important to understand how to a cookbook and not developing their adjust the recipe so that you can have own. “Why do I need to worry about the best outcome possible each time! the altitude I’m baking at?” you may If you are getting your recipe from ask. The altitude affects the amount a blog, and it isn’t apparent where of air pressure there is, which affects the writer lives, go to their About Me how quickly things rise, how much section or Introduction; they usually moisture is lost, and how the leaveners state where they live there. If not, feel react. High-altitude baking means free to reach out to them and see that there is less air pressure, causing where they are testing these recipes. baked goods to rise faster and lose If you are getting your recipe from a more moisture, and it causes the cookbook, you can generally rely on chemical reaction in your leaveners where the author is currently living, to occur more quickly. The change which usually is listed in their bio on in the chemical reaction taking place the back sleeve, or you can probably causes larger gas bubbles to form, 8 Google them and find out. I have found that unless it is specifically a high- altitude or regional cookbook, then it is ShortD’s /’SHôrdēz/ noun: safe to assume it is made for baking at fine purveyor of exquisite sea level. coffee beans, roasted to So, how do you know if you need perfection and surprisingly to adjust your recipe? Simple: if there is a chemical leavener present in the affordable. See also: yummy recipe, then you need to adjust. Your next question is probably, “What is a chemical leavener?” Baking soda Small-Batch RoaSted on demand PeRfect foR home and office and baking powder are the two fRee deliveRy Within caRBon valley types of chemical leaveners used in baking.
Load more

Recommended publications
  • Technical Guides
    Technical Guides KeePass Password Manager Tutorial Wireguard Ubuntu Deployment SQM for 1 Gbps Lines With OpenWrt KeePass Password Manager Tutorial Introduction I don't trust online password managers because they are closed source and companies have been hacked in the past. If you look up "lastpass breached" in Google you can see my point. Keepass is open source and offline. Why put your trust in a company when you can create and access the database yourself? An honorable mention is bitwarden. They are also open-source and you have the option of hosting your own bitwarden server at home as an option. If you want to pay and are willing to trust a company and have your passwords encrypted on their cloud they would be your best bet. Downloading Keepass https://keepass.info/download.html Get the Installer for Windows (2.45) aka KeePass-2.45-Setup.exe. After you get it install Keepass. Recommended plugins (.plgx) to download: Keepass has a variety of useful plugins listed here: https://keepass.info/plugins.html I recommend the following below for now. Plugins always have a .plgx file extension. WebAutoType-v6.3.0.zip: https://sourceforge.net/projects/webautotype/files/ YetAnotherFaviconDownloader.plgx: https://github.com/navossoc/KeePass-Yet-Another- Favicon-Downloader/releases After you downloaded the necessary .plgx plugins. Copy or move them into the Plugins folder at C:\Program Files (x86)\KeePass Password Safe 2\Plugins. 1.1.1 Master Password To start off you will be creating a master password which is the masterkey to access all your other passwords.
    [Show full text]
  • © 2019 RSM US LLP. All Rights Reserved. UNDERSTANDING the CYBER THREAT LANDSCAPE
    © 2019 RSM US LLP. All Rights Reserved. UNDERSTANDING THE CYBER THREAT LANDSCAPE © 2019 RSM US LLP. All Rights Reserved. About your Speaker • 15+ years security and privacy experience • Originally from Brooklyn, New York; move to Florida 2018 Shan Grant • PCI QSA &PA-QSA, CISSP, CISA, Fair Credit Reporting Act (FCRA) Certification Supervisor • Worked and designed compliance programs Security, Privacy & for financial entities, fintechs, healthcare/heathtech, and non-profit Risk Services • Specializing in regulated environments: • Payment Card Industry (PCI) [email protected] • HIPAA https://www.linkedin.com/in/shan-grant/ • CRA (FCRA) • FDIC/FFIEC • Data Privacy • Career Highlight: Worked Cannes Film Festival 3 © 2019 RSM US LLP. All Rights Reserved. GIMME SOME MO’ PRIVACY © 2019 RSM US LLP. All Rights Reserved. History of privacy 5 © 2019 RSM US LLP. All Rights Reserved. Going down privacy lane 6 © 2019 RSM US LLP. All Rights Reserved. How is CCPA different than GDPR? Different consumer rights: Rights Covered GDPR CCPA Right to know and of access X X Right to deletion/erasure X X ≠ Right to restriction of X processing GDPR CCPA COMPLIANCE COMPLIANCE Right to data portability X X Right to object X In addition to compliance, it’s really all Right to opt of out sale X about the data—what type of data and Right to equal service and how it is used. X price Data governance and management Right to opt In (minors under programs should consider mapping for X 16) both. 7 © 2019 RSM US LLP. All Rights Reserved. Privacy Cliff Notes • Nevada Online Privacy Law • New York Privacy Act • Maine Act to Protect of Online Consumer Information • Massachusetts Data Privacy Law • Hawaii Consumer Privacy Protection Act • Maryland Online Consumer Protection Act 8 © 2019 RSM US LLP.
    [Show full text]
  • HACK Enpass Password Manager
    1 / 2 HACK Enpass Password Manager Mar 23, 2021 — So, is this password manager right for you or your business? In our Enpass review, we'll take a closer look at everything this software has to offer.. Results 1 - 100 of 338 — TOTP is an algorithm that computes a one-time password from a shared secret ... codes to protect your online accounts from hackers (bad guys). ... code in my password manager, especially for password managers that can ... Segregate data using Multiple vaults Enpass facilitates you with an option to .... Jan 9, 2019 — Password manager company OneLogin was actually hacked, and the ... EnPass: Here's something unusual—a password manager that goes .... Use Enpass audit tools to identify weak, identical, and old passwords. Your password manager is your digital security best friend. You are using a password .... The Synology Disk Station Manager (DSM) is the Operating System (OS) that runs on your Synology unit. ... a prerequisite while using Enpass it is not really neccessary to me to sync with CloudStation. ... For iOS 13/12 users: Open the Settings app > Passwords & Accounts > Add Account > Other ... Mikrotik hack github.. We will send a One-time password (OTP) to your registered email address and ... set of Enpass users by letting them store their time based one time passwords of ... Hackers use credit card skimmers to obtain the magnetic stripe information of a ... Open Google Chrome and click the GateKeeper Password Manager Chrome .... Jun 16, 2021 — Using an online password manager? … Are they safe from hackers?? Use Enpass to securely organize everything at one place.
    [Show full text]
  • The Case of Interaction Problems Between Password Managers and Websites
    They Would do Better if They Worked Together: The Case of Interaction Problems Between Password Managers and Websites Nicolas HuamanC ∗ Sabrina Amft∗ Marten OltroggeC Yasemin Acary ∗ Sascha FahlC ∗ CCISPA Helmholtz Center for Information Security ∗Leibniz University Hannover yMax Planck Institute for Security and Privacy Abstract—Password managers are tools to support users with previous research on PWMs mostly focuses on PWM security the secure generation and storage of credentials and logins issues and usability and adoption challenges. Multiple studies used in online accounts. Previous work illustrated that building researched the security of different PWM types, finding that password managers means facing various security and usability challenges. For strong security and good usability, the interaction both browser-based and locally installed PWMs are vulner- between password managers and websites needs to be smooth and able to problems such as key theft or secret recovery from effortless. However, user reviews for popular password managers temporary files, as well as weaknesses within typical features suggest interaction problems for some websites. Therefore, to the such as autofill [64]. Other research focused on the usability best of our knowledge, this work is the first to systematically iden- of PWMs and were able to show that user adoption of PWMs tify these interaction problems and investigate how 15 desktop password managers, including the ten most popular ones, are is motivated by convenience of usage and usability [59]. affected. We use a qualitative analysis approach to identify 39 While security benefits can also be a driving factor for PWM interaction problems from 2,947 user reviews and 372 GitHub adoption, in the majority of cases these where only mentioned issues for 30 password managers.
    [Show full text]
  • Automated Malware Analysis Report for Keepassxc-2.5.4-Win64.Msi
    ID: 228573 Sample Name: KeePassXC- 2.5.4-Win64.msi Cookbook: default.jbs Time: 13:23:43 Date: 08/05/2020 Version: 28.0.0 Lapis Lazuli Table of Contents Table of Contents 2 Analysis Report KeePassXC-2.5.4-Win64.msi 5 Overview 5 General Information 5 Detection 5 Confidence 6 Classification Spiderchart 6 Analysis Advice 6 Mitre Att&ck Matrix 7 Signature Overview 7 Spreading: 7 Networking: 7 System Summary: 8 Persistence and Installation Behavior: 8 Hooking and other Techniques for Hiding and Protection: 8 Malware Analysis System Evasion: 8 Anti Debugging: 8 HIPS / PFW / Operating System Protection Evasion: 8 Language, Device and Operating System Detection: 8 Malware Configuration 8 Behavior Graph 9 Simulations 9 Behavior and APIs 9 Antivirus, Machine Learning and Genetic Malware Detection 9 Initial Sample 9 Dropped Files 9 Unpacked PE Files 10 Domains 10 URLs 10 Yara Overview 10 Initial Sample 10 PCAP (Network Traffic) 10 Dropped Files 10 Memory Dumps 10 Unpacked PEs 10 Sigma Overview 10 Joe Sandbox View / Context 10 IPs 11 Domains 11 ASN 11 JA3 Fingerprints 11 Dropped Files 11 Screenshots 11 Thumbnails 11 Startup 12 Created / dropped Files 12 Domains and IPs 14 Contacted Domains 14 URLs from Memory and Binaries 14 Contacted IPs 16 Static File Info 16 General 16 File Icon 16 Static OLE Info 16 General 16 Authenticode Signature 16 OLE File "KeePassXC-2.5.4-Win64.msi" 17 Indicators 17 Summary 17 Copyright Joe Security LLC 2020 Page 2 of 32 Streams 17 Stream Path: \x5DigitalSignature, File Type: data, Stream Size: 8615 17 General 17 Stream Path:
    [Show full text]
  • Latest Version of Securedrop, and the Server Configuration Must Have Been Updated to Allow for HTTP DELETE Requests
    SecureDrop Workstation Documentation Release 0.0.1 SecureDrop Sep 22, 2021 Guide for Journalists 1 Introduction 3 1.1 What is Qubes OS?............................................3 1.2 What is SecureDrop Workstation?....................................3 2 Starting Qubes 5 3 Starting the SecureDrop Client7 3.1 Performing updates............................................8 3.2 Signing in.................................................9 3.3 Working offline.............................................. 11 4 Communicating with sources 13 4.1 Opening a conversation......................................... 14 4.2 Highlighting conversations........................................ 14 4.3 Sending a reply.............................................. 14 4.4 Deleting a conversation......................................... 15 5 Working with submissions 17 5.1 Downloading............................................... 18 5.2 Viewing.................................................. 19 5.3 Printing.................................................. 20 5.4 Exporting to an Export USB....................................... 20 6 Ending your session 23 7 FAQ 25 7.1 Frequently Asked Questions....................................... 25 8 Recommended hardware 29 8.1 Qubes OS hardware requirements.................................... 29 8.2 Lenovo T series Laptops......................................... 30 9 Installing and Configuring SecureDrop Workstation 33 9.1 Overview................................................. 33 9.2 Prerequisites..............................................
    [Show full text]
  • Bezpečnostní Analýza Programu Keepassxc Student: Michal Kavan Vedoucí: Ing
    ZADÁNÍ BAKALÁŘSKÉ PRÁCE Název: Bezpečnostní analýza programu KeePassXC Student: Michal Kavan Vedoucí: Ing. Josef Kokeš Studijní program: Informatika Studijní obor: Informační technologie Katedra: Katedra počítačových systémů Platnost zadání: Do konce zimního semestru 2019/20 Pokyny pro vypracování 1) Seznamte se s problematikou bezpečné práce s hesly. 2) Proveďte rešerši známých programů pro správu hesel. 3) Zaměřte se na program KeePassXC (https://keepassxc.org). Vyhodnoťte jeho uživatelské prostředí ve vztahu k bezpečnosti práce s hesly. Navrhněte potenciální vektory útoku. 4) Prostudujte zdrojový kód aplikace zadané vedoucím práce vzhledem k zvoleným útočným vektorům. Bude-li to vhodné, otestujte je pomocí vhodných testovacích nástrojů. 5) Nalezené zranitelnosti zdokumentujte, vyhodnoťte jejich závažnost a navrhněte opatření k nápravě. 6) Diskutujte svoje zjištění. Seznam odborné literatury Dodá vedoucí práce. prof. Ing. Róbert Lórencz, CSc. doc. RNDr. Ing. Marcel Jiřina, Ph.D. vedoucí katedry děkan V Praze dne 19. února 2018 Bakalářská práce Bezpečnostní analýza programu KeePassXC Michal Kavan Katedra počítačových systémů Vedoucí práce: Ing. Josef Kokeš 13. května 2018 Poděkování Rád bych poděkoval vedoucímu práce Ing. Josefu Kokešovi za pozitivní přístup a cenné rady při kompletaci textu. Prohlášení Prohlašuji, že jsem předloženou práci vypracoval(a) samostatně a že jsem uvedl(a) veškeré použité informační zdroje v souladu s Metodickým pokynem o etické přípravě vysokoškolských závěrečných prací. Beru na vědomí, že se na moji práci vztahují práva a povinnosti vyplývající ze zákona č. 121/2000 Sb., autorského zákona, ve znění pozdějších předpisů. V souladu s ust. § 46 odst. 6 tohoto zákona tímto uděluji nevýhradní oprávnění (licenci) k užití této mojí práce, a to včetně všech počítačových programů, jež jsou její součástí či přílohou, a veškeré jejich dokumentace (dále souhrnně jen „Dílo“), a to všem osobám, které si přejí Dílo užít.
    [Show full text]
  • An Analysis of Modern Password Manager Security and Usage on Desktop and Mobile Devices
    University of Tennessee, Knoxville TRACE: Tennessee Research and Creative Exchange Doctoral Dissertations Graduate School 5-2021 An Analysis of Modern Password Manager Security and Usage on Desktop and Mobile Devices Timothy Oesch [email protected] Follow this and additional works at: https://trace.tennessee.edu/utk_graddiss Part of the Information Security Commons, Other Computer Engineering Commons, and the Other Computer Sciences Commons Recommended Citation Oesch, Timothy, "An Analysis of Modern Password Manager Security and Usage on Desktop and Mobile Devices. " PhD diss., University of Tennessee, 2021. https://trace.tennessee.edu/utk_graddiss/6670 This Dissertation is brought to you for free and open access by the Graduate School at TRACE: Tennessee Research and Creative Exchange. It has been accepted for inclusion in Doctoral Dissertations by an authorized administrator of TRACE: Tennessee Research and Creative Exchange. For more information, please contact [email protected]. To the Graduate Council: I am submitting herewith a dissertation written by Timothy Oesch entitled "An Analysis of Modern Password Manager Security and Usage on Desktop and Mobile Devices." I have examined the final electronic copy of this dissertation for form and content and recommend that it be accepted in partial fulfillment of the equirr ements for the degree of Doctor of Philosophy, with a major in Computer Engineering. Scott I. Ruoti, Major Professor We have read this dissertation and recommend its acceptance: Kent Seamons, Jinyuan Sun, Doowon Kim, Scott I. Ruoti Accepted for the Council: Dixie L. Thompson Vice Provost and Dean of the Graduate School (Original signatures are on file with official studentecor r ds.) An Analysis of Password Manager Security and Usage on Desktop and Mobile Devices A Dissertation Presented for the Doctor of Philosophy Degree The University of Tennessee, Knoxville Timothy Sean Oesch May 2021 © by Timothy Sean Oesch, 2021 All Rights Reserved.
    [Show full text]
  • Keepass for Mac
    Keepass For Mac 1 / 5 Keepass For Mac 2 / 5 3 / 5 Unfortunately this passphrase must also be memorable You obviously cant keep your KeePassX master passphrase inside KeePassX but writing it down might defeat the purpose of using an encrypted database in the first place.. If you change an account or register for passphrase you must make changes to both the account and the KeePassX list.. MacPass for MacOS MacPass is the best password Manager for MacOS and a KeePass database client. 1. keepass 2. keepass download 3. keepass android 5 Use the entries in your KeePassX database One of the best features of KeePassX is that it safely stores long strong passphrases so you do not have to memorize them or reuse them which is extremely risky.. Unfortunately this passphrase must also be unforgettable You cant keep the KeePassX Master plassphrase in KeePassX of course but if you write it down the purpose of using an encrypted database can be Scupper at all. keepass keepass, keepassxc, keepass download, keepassx, keepass for mac, keepass ios, keepass2android, keepass vs lastpass, keepass vs keepassxc, keepassxc android, keepass android, keepass chrome, keepass ubuntu, keepass for iphone Mac App To Backup Up Files To Cloud For companies that has a lot of tools which also means a lot of passwords its safe for employees to just access the tool and not have a physically unsecured copy of the list of passwords that someone can easily receive.. I just synch the file that contains the passwords with an external Sync application it can be Dropbox S3 a local rsync whatever and it works without any problems.
    [Show full text]
  • Firefox Addon Web Requests Permission Usernames Passwords
    Firefox Addon Web Requests Permission Usernames Passwords Psychometric Lloyd snubbed no internes profit soonest after Waine fig nobbily, quite bimestrial. Is Butch performing or olden after unturning Rodolph titles so grandiosely? Immedicable Gregor committing triangulately while Nikita always guard his dreadnought etiolating unequally, he oxidates so amply. The clipboard after a virtual backgrounds for example, direct their web requests permission before you use Cleanup: Time taken and release resources used in servicing the huddle and return control themselves to the hosting web server. New web page on sms passcode message keys will be excluded from. Removed support for password, request handlers can also be locked down, building your requested. Firefox password entry in firefox process responsible for permission request that would make. Check the passwords i remove them back your firefox addon web requests permission usernames passwords managers generate new tab in create a session information on? Ck are request permission requests behind a web server does not work will? Apart became the Firefox browser extension the space available extensions are. Log option to Zoho vault manage your browser. It might support team to avoid to be prepared for more accurate and provides interceptors which enables easy. These firefox addon to extend or equivalent leaves some. Out requests permission request logins stored password credentials it can make firefox addon creator is requested web applications at which provides. This feature that phishing attack is embedded english version, logins to work with configured admin performs many more benefits, web requests permission for your criteria. Uncheck the Ask so save logins and passwords for websites box.
    [Show full text]
  • Devops Secrets Management
    DevOps Secrets Management 2020 Murriel Perez-McCabe | @xmurriel apiVersion: scale/v18 kind: Bio metadata: name: murriel labels: job: devops job: cloud spec: containers: - name: orion image: russianblue command: ["cat"] spec: replicas: 3 hobbies: - name: making - name: gardening - name: community 2020 Murriel Perez-McCabe | @xmurriel tell me…. can you r systems keep a secret? share a secret? 2020 Murriel Perez-McCabe | @xmurriel what are secrets? 2020 Murriel Perez-McCabe | @xmurriel personal and team secrets ● Passwords / Passphrases ● Cloud Provider Logins ● Service Provider (SaaS) Logins ● SSH Keys ● Certificates ● Kubeconfigs ● DB Credentials ● App Dashboards and Logins not focusing on email passwords, computer logins, etc managed by IT 2020 Murriel Perez-McCabe | @xmurriel Systems like... system* secrets Servers Microservices ● API Keys Serverless functions Web application ● Certificates Mobile App On Premise App ● DB Credentials IoT Device Firmware Other machines ● Encryption Keys ● Tokens ● SSH Keys ● System-to-System Authentication Secrets 2020 Murriel Perez-McCabe | @xmurriel why is this important? 2020 Murriel Perez-McCabe | @xmurriel cost of breaches https://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ 2020 Murriel Perez-McCabe | @xmurriel ● Credentials in Git ● Inadvertently published secrets ○ Artifacts ○ Machine or Container Images ○ Compiled binaries ● Exposed S3 buckets ● Ex-Employees vectors for ● Internal unauthorized access ● Unauthorized password use ○ Weak passwords cracked compromise
    [Show full text]
  • El Cómputo En Los Cursos De La Facultad De Ciencias, UNAM
    El Cómputo en los Cursos de la Facultad de Ciencias, UNAM Antonio Carrillo Ledesma y Karla Ivonne González Rosas Facultad de Ciencias, UNAM http://academicos.fciencias.unam.mx/antoniocarrillo Una copia de este trabajo se puede descargar de la página: https://sites.google.com/ciencias.unam.mx/acl/en-desarrollo Con…namiento 2020-2021, Versión 1.0 1 1El presente trabajo está licenciado bajo un esquema Creative Commons Atribución CompartirIgual (CC-BY-SA) 4.0 Internacional. Los textos que compo- nen el presente trabajo se publican bajo formas de licenciamiento que permiten la copia, la redistribución y la realización de obras derivadas siempre y cuando éstas se distribuyan bajo las mismas licencias libres y se cite la fuente. ¡Copiaeste libro! ... Compartir no es delito. El Cómputo en los Cursos de la Facultad de Ciencias, UNAM Índice 1 Introducción 7 1.1 Software Propietario y Libre ................... 7 1.1.1 Software Propietario ................... 8 1.1.2 Software Libre ....................... 9 1.2 El Cómputo en las Carreras de Ciencias ............ 11 1.2.1 Algunos Cursos que Usan Cómputo ........... 14 1.3 Paquetes de Cómputo de Uso Común .............. 17 1.3.1 Sistemas Operativos ................... 21 1.3.2 Paquetes de Cálculo Numérico .............. 21 1.3.3 Paquetes de Cálculo Simbólico .............. 22 1.3.4 Paquetes Estadísticos ................... 23 1.3.5 Paquetes O…máticos ................... 24 1.3.6 Lenguajes de Programación y Entornos de Desarrollo . 24 1.3.7 Otros Programas de Cómputo .............. 24 1.4 Sobre los Ejemplos de este Trabajo ............... 25 1.5 Agradecimientos .......................... 25 2 Sistemas Operativos 26 2.1 Windows .............................
    [Show full text]