NSA Archives

Home » NSA » Page 3

What to do about PRISM is unclear as of yet

Dave Farquhar security June 24, 2013June 23, 2013AT&T, JPG, Kansas City, kansas city royals, NSA

I haven’t written a lot yet about Mr. Edward Snowden and the NSA PRISM program. I will in time, but want to be careful not to be spreading misinformation, and not to merely be repeating what everyone else says.

There’s been no shortage of advice on encrypting your own data, but there is one pitfall to that. Read more

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.

dfarq.homeip.net

Windows vs. Linux kernel performance

Dave Farquhar Linux, Windows May 13, 2013December 3, 20181990s, acer, amd, apple, dell, hp, intel, lenovo, NSA, oracle, sp3, unix, vista, windows 8, windows nt, Windows XP

An anonymous Microsoft developer spilled some juicy opinions about why Windows kernel performance isn’t all it could be and answered some longstanding questions about Windows vs. Linux kernel performance in the process. Although he has recanted much of what he said, some of his insights make a ton of sense.

Dave Farquhar

dfarq.homeip.net

The NSA’s guide to finding things on the Internet is available now

Dave Farquhar security May 10, 2013May 9, 2013NSA, public internet

A wonderful NSA document called Untangling the Web, thanks to a FOIA request, is now available and free for all to download and use. Although dated, the book will prove highly useful. If you company or client is exposing data that it shouldn’t to the public Internet, this book will help you find it, so you can correct it.

The copy isn’t perfect. It’s a bit dated, and it’s a straight scan to PDF, so it isn’t searchable, and it’s not the clearest, cleanest copy. I’m cleaning up a copy for my own use right now. I expect to use it, and often. It isn’t a document I’ve been privileged to see before, so I’m excited to have a chance now to study it and learn its techniques. Read more

Dave Farquhar

dfarq.homeip.net

How to secure a computer like a spook

Dave Farquhar security May 20, 2011April 15, 2017computer security, NSA, Orange Book, STIG, windows 7, windows nt

A link to the National Security Agency’s (NSA) guidance on hardening operating systems has been floating around various blogs today. But the NSA’s guidance on configuring Windows 7 and other recent operating systems is, to put it mildly, a bit incomplete.

What one government agency doesn’t do, another probably does. That’s usually a safe assumption at least. Enter the Defense Information Systems Agency (DISA). If you want to harden recent Windows operating systems, visit http://iase.disa.mil/stigs/index.html for guidance.
Read more

Dave Farquhar

dfarq.homeip.net