Thursday, December 18, 2008

encrypt command will suddenly no longer be annoying!

Thanks to a fix from Dina Nimeh's latest push of changeset 27f403fbf8ca, the next OpenSolaris release will now prompt you twice for the passphrase it uses to generate the key to encrypt your data with. This is a long overdue change, one that I can't believe we didn't do sooner. The way we implemented it before, it was too easy to lose your data if you made a mistake the first time you put in your passphrase. Yay!

Friday, December 12, 2008

Rough Cut of Solaris Security book published!

I'm about to become a published author! Okay, currently I'm just credited as "Sun Microsystems Security Engineers", but it is a step in the right direction.  Our organization found that a lot of papers and books out there on Solaris security were out of date, just plain wrong or missing coverage of cool features, so we thought what better way of setting the record straight then writing our own book?


Management got behind this, and many of the members from our organization set to writing an outline for the book and for each chapter and found an interested publisher.  Next came the hard part - writing the actual chapters! Okay, it wasn't that hard, because we all wrote about the technology areas we know and love, but we had to make tough calls on what to leave out and make sure we didn't miss any critical information.  Once we got all of our drafts together, Sharon Veach edited our work and wrote the introduction for the book, Solaris Security Essentials. The book is on Safari right now for review before we publish - please leave comments on the Safari site so nothing gets lost. The external link only shows excerpts, so if you are internal to Sun, please create a login using your Sun email address and look at the Sun Internal link.


I worked with Jan Pechanec and Darren Moffat on the Solaris Cryptographic Framework chapter, which is all based on Solaris 10 Update 4.  We leveraged work from my previous white paper and an updated paper by Wolfgang Ley. Some chapters appear to be missing still, but I'm sure they'll appear on the site over the next few days.


During this process I was told I use too many exclamation points in my writing, which (apparently) makes readers tired. How strange is that?




Thursday, December 11, 2008

Here we come a caroling...

Okay, actually there we went.  Today was the annual Sun Caroling day.  We went from building to building in Menlo Park spreading holiday cheer, including a few lesser known Hanuka songs. Carol of the Bells, Psallite and 12 Bugs of Christmas seemed to be the favorites this year. I know I've been so busy rehearsing for Babes in Hollywood that I had a hard time keeping some of the harmonies for the classic holiday songs in my head. Too used to singing melody on those, I suppose.

Wednesday, December 10, 2008

OpenSolaris 2008.11 officially released!

Seems like ages ago when I was testing the first release candidate on my laptop, but I guess it was really less than a month ago. I'm pleasantly surprised at how quickly we are turning around these releases and getting them out the door.  I am pleased that NWAM works so much better on 2008.11 than on 2008.05, it's good to know the team took all of the feedback they got from the previous release and incorporated a lot of good changes. For example, I now have the ability to bring up the NWAM GUI and request to change networks when the one I'm on is no longer desirable (or I've found that I chose poorly when given the initial selection).  I can't wait to try this out in a conference environment, where access points change every time you go into a different room.


I'm still running Nevada development bits on my desktop, though, as it's SPARC based and we don't have OpenSolaris for SPARC yet.  It's still the same base kernel & most of the same utilities and applications, so I am still doing valuable testing on the latest & greatest... but, let's face it, not nearly as cool. :-)