was out in cali visiting my folks, and got into an infosec discussion w/ dad (who sat patiently while i ranted for a *while*).
on the topic of best practices i was talking about password rotation and pushed an idea i've been kickin around (but which has roots w/ @shawnmoyer)... i've been thinking of doing a livecd experiment (really, someday soon), and for a less extreme suggestion i brought up treating your OS install as a replaceable session. do quarterly rotations, or whatever.
doing this limits the lifetime of a lot of compromises, ensures that recent (restorable) backups exist, and pushes you towards a core set of applications which are being kept up to date.
he asked if i was doing this myself, and i owed up and said no. so now i am. bleh, me and my big mouth... ;)
anywho, i'll be linking up interesting docs and stuff here when i find em...
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment