We've been discussing some of Jelly Bean's new security features, but this post will take a few steps back and focus on an older one that has been available since Honeycomb (3.0), announced in the beginning of the now distant 2011: disk encryption. We'll glance over the implementation, discuss how passwords are managed and introduce a simple tool that lets you change the password from the comfort of Android's UI.

TextBelt is an outgoing SMS API that uses carrier-specific gateways to deliver your text messages for free, and without ads. The service is fairly reliable and has sent over 100,000 texts.

During Jacob Applebaum's talk at DebConf15, he noted that Debian should TLS-enable all services, especially the mirrors.

His reasoning was that when a high-value target downloads a security update for package foo, an adversary knows that they are still using a vulnerable version of foo and try to attack before the security update has been installed.

In this specific case, TLS is not of much use though. If the target downloads 4.7 MiB right after a security update with 4.7 MiB has been released, or downloads from security.debian.org, it's still obvious what's happening. Even padding won't help much as the 5 MiB download will also be suspicious. The mere act of downloading anything from the mirrors after an update has been released is reason enough to try an attack.

The solution, is, of course, Tor.

Lantronix Spider provides secure KVM (keyboard, video, mouse) server management over an IP network. Unlike any other product on the market, Spider offers a flexible, scalable and affordable CAT5-based remote access KVM solution in a cable friendly, compact “zero-footprint” package.

The IP8000 is a PCI card implementation of a control unit that provides "over-IP" access and control of the server it is installed in. The IP8000 allows multi-platform access and control of the server from remote locations using a standard Internet browser or with stand-alone Windows and Java applications

How long for a professional to read your script? Performances vary, but this handy converter will get you in the ballpark. You can even adjust it for reading speed. So stop guessing! Give accurate estimates and invoices to your customers!

Google often gives its software away for free. It has long believed in open source software.

But last week, the company took this idea to the next level. It gave away all rights to Kubernetes, a cloud computing system originally designed by Google engineers, asking a non-profit to manage its development. It didn’t just share some software code with the world. It agreed to let an independent party oversee the development of the code.

I never thought I’d have to write this article in 2015. By now, I thought it would be self-evident how to derive revenue from open source software platforms. But alas, no. Despite the fact that the success of open source software is unparalleled and dominates the global software industry, there are still far too many startups repeating the same mistakes from a thousand startups past. And there are still far too many larger companies that simply don't understand what it means to participate in, much less lead, an open source community.

Some time ago I was asked to do a study of our most popular open source projects to assess 1) what governance models are out there and 2) if the governance model has any effect on the project's success (such as size of developer community) on the one hand and on the other hand on the business of the related vendor(s). Some of the results are quite remarkable and have general applicability, so I wanted to share them here.

One of the problems we needed to solve for our customer was how to package and distribute the appliance. We quickly determined that an OVF or “Open Virtualization Format”-based approach had the potential to give us the greatest portability, and I set to work figuring out how to implement it. Our build process made use of VeeWee, Vagrant, and Chef. We knew we could export some kind of appliance.box package compatible with VirtualBox from Vagrant, but how this related to OVF wasn’t clear.

I’d like to share a few of the things I learned. This is not by any means a comprehensive guide or list to the vast world of virtualization technology, but hopefully it can save someone else some time in making sense of this portion of the virtualization ecosystem.