Chris Gerling

I’ve been VERY busy, between stuff with Hak5, work, personal life, and playing some games here and there.

First and foremost, I will be getting rid of this blog as it is right now, and putting a new site design online, to better represent myself in a professional manner.

Along with things I do with the Hak5 crew, I am undertaking a new project based upon some work I did this past week. Essentially I want to build my own CentOS 5 kernel to include EFI support for Apple Xserves.

Beyond that, I’m out for now.

The party last night was pretty insane, although without incidents as geeks are generally pretty decent drunks. I was the victim of a concoction that will probably become widely known as the “Evil Server” which had enough alcohol to put me down early enough to miss the IHOP adventure.

I am without a hangover, however, so I spent the last little while testing out a new gallery I hope to use with this blog so that I can embed pictures, or at least manage some of the photos I want online without having to use an external service, or the clunky interface that Coppermine has. Hopefully Gallery2 has a more streamlined interface. The URL is http://chrisgerling.com/pics/.

Hak5 Live starts up this month, which will have a little different angle than the regular show. I am going to be doing something for the next one most likely, gotta get to work on that.

I’ve also started looking into Second Life again after an interesting conversation/demo last night.

My referral link is http://www.secondlife.com/?u=f35129373e05bb0717abf5bb66873ff2 so if you feel like joining, I get something out of the deal I think.

Okay so I didn’t quite make it on the once per week promise.

Over the last 9 days I managed to (with the help of friends) troubleshoot and send parts to my Mom so she could have a guy at work fix her computer without me having to fly up there, which just wasn’t going to happen right now given how busy I am.  Somehow she shorted the motherboard out.

Linux+ is looming ahead, next week, and I haven’t done a lot of studying.  The certification itself is meaningless to me, but it was a command voucher I used in order to take it so I have to keep my end of the deal up.  It’s going to have to basically be a weekend cram session in order to prepare for it, because I have my CISSP study group on both Tuesday and Thursday this week.

On the technology front, I am exploring a few options to organize some of the experience and knowledge I and some friends of mine have into something possibly presentable to the general public.  Whether this will be some sort of podcast, or new blog, or just a forum has yet to be determined.  The key factor is how quickly we can bundle everything together into something a layman can understand, and push it out.  I’m really into the whole podcast idea right now, but that might just be because I have only owned an iPod for 6 weeks.

Ironically, I found myself reccomending AOL’s antivirus software yesterday, because it is free and based on Kaspersky’s engine.  The only real issue is that of anonymous data collection and privacy, so wear your tinfoil hat if you choose to install it like I did.

In the computer world, credentials have always been a little bit different from most other industries. Lawyers, Engineers, Teachers, Doctors, and similar professions have some sort of structured peer-reviewed and enforced system for distributing and maintaining credentials for the work that they do. It is a way of protecting people from illegitimate practice and giving them an avenue of redress should they experience any problems with a particular individual or entity.

Many professions within the computer industry umbrella do not have such credentialing bodies, especially within computer engineering and computer security. There are degrees, vendor and vendor-neutral certifications, however there is no such thing as the equivalent of a bar exam, or a license to practice. I believe that while this should not be necessary for most situations, however, if one is going to testify in a courtroom as an expert, they should have some sort of credentials to prove what they claim to know that aren’t possible to obtain with a credit card and a couple of hours taking a test online.

Continue reading

The Security Fix blog reports, along with the latest round of Microsoft exploits, that an anonymous hacker has won the iDefense Vulnerability Challenge.

What a payday eh? Ethical Hacking does have its uses!
Exerpt:

“Speaking of iDefense (scoop alert!) … remember back in February when I wrote about iDefense offering their “quarterly vulnerability challenge,” a $10,000 purse to anyone who could come to them with a previously unknown “critical” flaw in Windows? Well, iDefense paid that prize to the anonymous hacker who reported the .ART flaw.”