How to Get 1 Million Blog Comments in a Month - A.K.A. Cleaning My Spam Infestation


Lately I've been a bit lax on keeping up with my website. I've made sure to keep up-to-date with the latest security updates on Drupal, and posted a n article now and then, but generally speaking I've not been keeping a close eye on it. One thing I do know, is that the last time I posted to my site (mid-January), I did not have a truly staggering number of spam comments.

IPFire on the Dreamplug - Major Version Upgrade

IPFire ( is a Linux distribution targeted towards providing a security focused router/firewall that can provide a number of services beyond basic router capabilities. It has been ported to run on ARM, including GlobalScale's Dreamplug, allowing home users to setup a router with a similar level of capabilities to a corporate router with a power and space footprint roughly equivalent to typical consumer routers.

Making a "Linux Foundation" for Cryptography Libraries


One of the things that the recent Heartbleed bug really should alert us to is the fact that our crypto libraries need work. On the one hand, we know that trusting a crypto library developed by a single company is probably a bad idea - such a library gets fewer eyes on it performing code reviews, and also may not be motivated to immediately fix vulnerabilities they are aware. Of the other side of the coin, we have open source libraries, most notably at the moment being OpenSSL, which lack the resources available for a large company to drive development.

Why Engineers Should Care About Security Too

The cutest little kittens in a pair of cups
Your product. Cute little kittens in cups. Don't let the cute kittens get hurt, think about security!

Book Review: RESTful Web APIs by Leonard Richardson and Mike Amundsen


For the past few months, much of my time has been absorbed by my senior design project at UAH. Setting aside the specifics of what my group and I are working on, the design calls for a web service that has an open API to allow for the simple creation of new clients. Looking at the options, it was quickly obvious that we wanted to approach the API design with a RESTful architecture rather than using SOAP, owing to its flexibility and the comparative ease with which a new client can be implemented to use a new RESTful API.

Survey of Automated Malware Identification Systems

This summer I took a course on artificatial intelligence, and wrote a research paper on automated classification of malware.

The paper isn't the best written in the world, and has some interesting formatting thanks to the requirement it be formatted in the ACM style, but that being said it includes quite a bit of material on automated malware analysis, as well as references to more in-depth works. With that in mind, I've attached a copy of the PDF to this post.

Book Review: Hackers by Steven Levy


Hackers is Steven Ley's attempt to trace the roots of hacker culture to its beginnings. That is, hackers in the sense of people for whom learning about and building upon technology is a way of life, not hackers in the sense of criminals breaking into computer systems. This is one of those books that everybody seems to feel you ought to read if you are involved with technology. So what's it all about?

Book Review: Version Control with Git by Jon Loeliger and Matthew McCullough

Version Control with Git is pretty much what you would expect, a book all about using Git as a version control system.

Book Review: CODE by Charles Petzold


CODE takes a reader from humble beginnings of communications using flashing lights, to telegraphs and the invention of the relay, to a (relatively) modern computer by the end of the book, making many stops along the way to detail each stage of the evolution of a modern, digital computer. At first glance this may seem a bit useless - why learn about Morse code or Braille when ASCII or Unicode is far more relevant? Why talk about using old technology like relays when integrated circuits are far superior?

Book Review: Security Engineering by Ross Anderson

Security Engineering is all about designing and building secure systems. Unlike many security books, this one attempts to cover the entire range of security engineering, ranging from cryptography, access control and similar technologies, into security policy, and even into the macro scale of governmental policies. Of course, this is a massive set of subjects to try to cover in a single book, and indeed, Security Engineering weighs in at a little over one thousand pages (though nearly 100 of them go to the bibliography), spread out over 27 chapters.


Subscribe to Eugene Davis RSS