Category Archives: Uncategorized

Wash Away

howareyou There is a stark contrast between empty platitudes and genuine human connection.

Lifeline Despite the presence of others, loneliness can consume us, and as strong as we can be, life often leaves us in places where we have to rely on others for emotional stability. Lifeline describes a point in my life where I could only find solace and strength in my partner, who was my lifelineContinue reading “Song-a-Week 5”

Sanctuary

Sinner Far too many people claim adherence to a faith, but act in such a way that betrays its core principles, using it as a facade to mask their cruelty and selfishness.

All biometric identification forms broadly contain four qualities: everyone has it, everyone’s is unique, the characteristic remains stable over time, and it should be easy to collect. Fingerprints, unlike some other forms, like facial scans, generally require the cooperation of the individual being enrolled in biometric authentication; when the characteristics of their fingerprint will beContinue reading “What sort of magic is fingerprint authentication?”

There are different types of BIOS out there, though mostly in computing we encounter 16-bit conventional BIOS, or BIOS firmware based on UEFI specifications. Despite their differences, in many cases the two terms are both referred to as BIOS, though there is an important distinction when it comes to security settings like Secure Boot, orContinue reading “BIOS Malware? Scary, but preventable.”

So you’re curious about the backend processes for tokens that generate one-time-passwords (OTPs) such as the RSA token, or something like an authenticator app? First, it’s important to note, that there’s a distinction between something like a Duo challenge and response and a code generator, like Microsoft authenticator and similar apps. An app like Duo, whenContinue reading “How do MFA Tokens work, anyway?”

There are a few good ways to reduce the attack surface of SQL injection attacks, both in MySQL and more broadly in database security.  First, input validation. Ensuring that an input matches an expected type or range of values, which can be done in code or with built-in filters, can help prevent the execution ofContinue reading “SQL Injection? Reduce your attack surface!”

Privileges in databases, like other permissions, should be managed according to least privilege principles, including database administrators and security administrators.  On that first point, it’s important to keep security and database administration roles separate whenever possible. The security admin should be the only user or group of users able to perform security-related tasks. To avoidContinue reading “Database Permissions – A quick overview”