I took a quick look at using SSL with MySQL, and it turns out to be reasonably simple to enable SSL for transport level encryption, while still using username and password for authentication. Read on for some links to useful articles for MySQL, Java, Perl, Ruby on Rails and some sad news about PHP.
Read more »

June is “Backup Awareness Month”, according to Seagate / Maxtor. They’ve got a site with some tips for users. Options for Stanford users include those listed on backup.stanford.edu.

There’s one important principal to remember: you should not keep your data and your backups in the same place. If you use a laptop and an external backup drive, leave the drive in your office: your laptop is more likely to be damaged outside your office. If you burn CDs or use USB memory sticks, don’t keep them in your laptop bag; if you use a desktop computer, don’t keep the CDs or memory sticks in your office.

External hard drives often come with backup software for Windows 2000/XP and Mac OS X. As an example, Seagate has drives from a 5GB pocket drive up to a 750GB drive that can sit on your desk. Other disk vendors include Maxtor, which is now part of Seagate, Western Digital; many smaller companies sell external drives based on drives from those vendors.

This is the third of these meetings I’ve been to at NIST in Maryland. It’s well attended this year and the debates seem even livelier this year. Here is the agenda, and the conference site.

I see a clear attempt for a bunch of security, infrastructure and cryptography geeks to make their message more pedestrian…er, I mean publicly accessible.

The keynote was from a professor from the UK who’s Has Johnny Learnt To Encrypt By Now? Examining the troubled relationship between a sand its users and what was interesting was how the tone was set around ease fo use instead of the architecture and technology centric nature of the talks the last time I was here (two years ago).

Things got pretty heated around the subject of DNSSEC…some hold over from an IETF veto. This discussion and the one on DKIM were extremely interesting. What was interesting was the different angles to the discussion around domain keys.