David L. Farquhar, computer security professional, train hobbyist, and landlord
I do a lot of work with CSV files, sometimes very large CSV files, for a living. And sometimes it’s not practical, or possible, to do what I need to do entirely in Excel. Merging files is an example. So here’s how to merge CSV files on various platforms from a command line so you can get it done quickly and efficiently.
Dealing with false positives is a fact of life for a vulnerability analyst. So here are some tips for investigating and dealing with Nessus false positives from a system administrator turned vulnerability analyst. Read more
How secure is Chrome? While IT professionals may be divided on it, most security professionals I know prefer and recommend it. There are a number of good reasons for that.
When it comes to file types you should never trust, PIF belongs high on the list. PIF used to be an important file type, but it’s largely obsolete today. But if you’re curious, here’s the PIF file type meaning.
Get ready for a trip down computing history lane. But this once-important file format is risky today. In all honesty, it’s largely outlived its usefulness in most instances.
Are PDF files safe to open? It depends. Don’t you hate when security people say things like that?
There are risks involved with PDF files, but you probably also can’t avoid PDFs entirely. So here’s what you can do to work with PDF files safely.
Cryptography is one of the more difficult concepts to master when studying for a certification like CISSP. I know from my own experience it’s really easy to let the details overwhelm you. After seeing an acquaintance’s Linkedin post, I thought I’d write about cyber security and cryptography and what you really need to know.
Let me start with one thing. I have never, ever had to encode or decode anything by hand. I’m very confident I can stay employed another 20 years in the cyber security field and never have to do the math myself.
CISSP and CEH are two of the most common computer security certifications you’ll see in security program job descriptions. If you want to advance your career by becoming a certified professional, you might consider each of them. Here’s my experience of CISSP vs CEH.
You can expect any midlevel or higher security certification test to require you to compare and contrast a vulnerability assessment vs pentest. The difference is important. But since I still see people confusing the two, let me explain them.
I conduct vulnerability assessments for a living. I’ve done some light pentesting in the past, but I’m happier doing assessments. I don’t want to be a penetration tester. That seems strange to some people. Maybe that gives me a good perspective to compare and contrast the two, because both have their uses. But they aren’t interchangeable.
I’ve advocated using something other than your ISP’s DNS for years. There’s little if any downside to doing so, and tons of upside. My current favorite third-party DNS is Cleanbrowsing.org because it does so much to improve performance and security. Here’s my Cleanbrowsing.org review.
First things first: Don’t worry about how much Cleanbrowsing.org costs. It has useful tiers available as a free service, even though it’s tremendously valuable.
Should I buy a used Chromebook? I asked myself that question for years. And argued with myself about it. Finally I decided to take the plunge and bought one. Here are the pros and cons to buying a used Chromebook, and what you should look out for to protect yourself.
Overall I recommend them. For less than the price of a year of Lifelock, you can do something that really will make a difference in how secure your personal finance is.