recent

sandbox Security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. Isolated space where untested code and experimentation can safely occur separate from the production environment.   Wikipedia         

Simple Object Access Protocol (SOAP) Messaging protocol specification for exchanging structured information in the implementation of web services in computer networks. Allows developers to invoke processes running on disparate operating systems (such as Windows, macOS, and Linux) to authenticate, authorize, and communicate using Extensible Markup Language (XML). Since Web protocols like HTTP are installed and running on all operating systems, SOAP allows clients to invoke web services and receive responses independent of language and platforms.   Wikipedia         

Static Application Security Testing (SAST) set of technologies designed to analyze application source code, byte code and binaries for coding and design conditions that are indicative of security vulnerabilities. SAST solutions analyze an application from the “inside out” in a nonrunning state, prior to going into production.   Gartner         

REpresentational State Transfer (REST) Lightweight and scalable software architectural style that defines a set of constraints to be used for creating Web services. Web services that conform to the REST architectural style, called RESTful Web services, provide interoperability between computer systems on the Internet. RESTful Web services allow the requesting systems to access and manipulate textual representations of Web resources by using a uniform and predefined set of stateless operations. Other kinds of Web services, such as SOAP Web services, expose their own arbitrary sets of operations.   Wikipedia         

Web Application Firewall (WAF)  Detects how applications interact with the environment.Optimal for detecting SQL injections and XSS.           

GitHub Social network for programmers.   Website  Wikipedia  YouTube (GitHub Training & Guides)     

Gil Amelio  Named CEO of Apple Computer February 2, 1996  Wikipedia  This Day in Tech History       

GameCube Video game console made by Nintendo. First released in Japan September 14, 2001.  Wikipedia         

Google Pixel 2 Smartphone from Google. Announced October 4, 2017.  Website  Wikipedia       

Google I/O 2017  May 17 - May 19 at the Shoreline Amphitheatre in Mountain View, California.  Website         

blank page suppression Where the printer removes blank pages from a job.   HP         

DEF CON 28 SAFE MODE  August 6-9, 2020 online.  Website         

DEF CON China 2  On Hold - Dates TBD. 751D Park in Beijing, China.  Website         

DEF CON 30  Aug. 11-14, 2022  Website         

Blend GUI design tool developed by Microsoft.   Wikipedia         

blanks Artificial data added to fill blocks in a block cipher.             

Blue Gene Supercomputer from IBM. Announced December 1999.  Wikipedia         

Blaise de Vigenère Vigenère cipher. April 5, 1523 - February 19, 1596  Wikipedia         

Black Hat USA 2020 Now in its 23rd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest security research, development and trends. Black Hat USA 2020 will be entirely virtual this year, held over the same dates, August 1-6. August 1-6, 2020.  Website         

Black Hat Asia 2020 The information security community comes together for esteemed Trainings taught by industry experts, innovative research presentations at Briefings, the latest open-source tool demos in Arsenal, and the Business Hall featuring top-tier solutions and service providers. Black Hat returns to Marina Bay Sands in Singapore, September 29 - October 2, 2020.  Website         

Black Hat USA 2019  August 3-8, 2019.  Website         

Global AppSec San Francisco 2020  October 19-23, 2020  Website         

Microsoft Build 2020 First all-digital conference from Microsoft. May 19–21, 2020.  Website         

Solo: A Star Wars Story  Released May 25, 2018.  IMDB         

data integrity (checksum) Maintenance of, and the assurance of the accuracy and consistency of data over its entire life-cycle, and is a critical aspect to the design, implementation and usage of any system which stores, processes, or retrieves data. The term is broad in scope and may have widely different meanings depending on the specific context – even under the same general umbrella of computing.   Wikipedia         

entity integrity Concerned with ensuring that each row of a table has a unique and non-null primary key value; this is the same as saying that each row in a table represents a single instance of the entity type modelled by the table. A requirement of E. F. Codd in his seminal paper is that a primary key of an entity, or any part of it, can never take a null value.   Wikipedia         

Hash-Based Message Authentication Code (HMAC) (aka: Keyed-Hash Message Authentication Code [KHMAC]) Data integrity algorithm guaranteeing the integrity of a message. Adds a secret key to the hash function.   Wikipedia         

Unique Identifier (UID) Any identifier which is guaranteed to be unique among all identifiers used for those objects and for a specific purpose.   Wikipedia         

PCI Express 5.0  PCI-SIG officially announced the release of the final PCI-Express 5.0 specification May 29, 2019  Wikipedia         

Digital Signature Algorithm (DSA) (authentication) Federal Information Processing Standard (FIPS) for digital signatures, based on the mathematical concept of modular exponentiation and the discrete logarithm problem. DSA is a variant of the Schnorr and ElGamal signature schemes. DSA signature generation is faster than DSA signature verification. Attributed to David W. Kravitz. Filed under U.S. Patent 5,231,668 July 26, 1991. Adopted by the U.S. government in 1993 with FIPS 186.  Wikipedia         

Bruce Schneier American cryptographer, computer security professional, privacy specialist and writer. Born January 15, 1963.  Website  Wikipedia       

Cyan, Magenta, Yellow, Key (black) (CMYK) color model    Wikipedia         

DC-to-DC converter Converts DC from one voltage level to another.   Wikipedia         

Deadlock waiting for a process that never finishes.   Wikipedia         

Dialed Number Identification Service (DNIS)    Wikipedia         

Digital Subscriber Line Access Multiplexer (DSLAM)    Wikipedia         

Digital Signal 3 (DS3) 44.736Mbps   Wikipedia         

Digital Signal 1 (DS1) (T1 line) 1.544Mbps bandwidth   Wikipedia  T1Rex       

Digital Signal 0 (DS0) Adapter    Cisco         

Digital Rights Management (DRM)             

Digital Serial Interface (DSI) Protocol for controlling lighting in buildings.   Wikipedia         

Digital Signal 0 (DS0) Dedicated line (not shared) at 64Kbps. 24 bundled is a DS1 line or T1 line.   Wikipedia         

subquery Query linked to another query.   Wikipedia         

Network Operating System (NOS) Specialized operating system for a network device such as a router, switch or firewall. Designed to support many users and share resources between them in a client-server architecture. Early examples of client-server operating systems include Novell NetWare, Solaris, Windows NT/2000/XP/Server 2003, HP-UX, AIX and Linux. This description of operating systems is now largely historical, as common operating systems include a network stack to support a client–server model.  Wikipedia  Netacad       

Computer Emergency Response Team (CERT) [aka: Computer Emergency Readiness Team, Computer Security Incident Response Team (CSIRT)] Expert group that handles computer security incidents. USA CERT created by the Defense Advanced Research Projects Agency (DARPA) and run by the Software Engineering Institute (SEI) at the Carnegie Mellon University. CERT name first used in 1988 by the CERT Coordination Center (CERT-CC) at Carnegie Mellon University (CMU).  SEI Website  Wikipedia       

Internet Control Message Protocol version 6 (ICMPv6) ICMP for IPv6            

Internet Corporation for Assigned Names and Numbers (ICANN)    Wikipedia  Website       

Internet Engineering Steering Group (IESG)    Website  Wikipedia       

Internet Engineering Task Force (IETF)             

Internet Group Management Protocol (IGMP)             

Internet Header Length (IHL)             

Internet Information Server (IIS)    Wikipedia         

Internet Information Services (IIS)    Wikipedia         

Internet Key Exchange (IKE) (UDP port 500, RFC 2409) Used to set up a security association (SA) in the IPsec protocol suite to authenticate users and devices. Builds on the Oakley protocol and ISAKMP. Uses X.509 certificates for authentication. Several types of authentication: username, password, one-time password, biometrics, PSK, and digital certificates. Originally defined by the IETF in RFC 2407, RFC 2408 and RFC 2409 November 1998.  Wikipedia  RFC 2407  RFC 2408  RFC 2409   

Internet Key Exchange (IKE) Phase 1 Authentication. 3 keys exchanged. Main mode or aggressive mode.            

Internet Key Exchange (IKE) Phase 2 Key Exchange. IPsec transform sets. unidirectional IPsec SAs.            

Internet Message Access Protocol (IMAP) (IMAP: port 143, IMAPS: port 993) Protocol for email retrieval. IMAP Secure (IMAPS) operates over SSL or TLS. Designed by Mark Crispin in 1986.  Wikipedia         

Internet Printing Protocol (IPP)  Proposed by Novell in 1996.  Wikipedia         

Internet Protocol (IP) The network layer service implemented by the TCP/IP protocol suite. (Connectionless, Best Effort (unreliable), Media Independent.)   Wikipedia  YouTube       

Internet Protocol Flow Information Export (IPFIX)             

Internet Protocol Security (IPsec) Framework of open standards defining how a VPN can be configured and secured. Provides data integrity, peer authentication, data confidentiality (encryption). Not bound to any encryption, authentication, security algorithms, or keying technology. Uses Authentication Headers (AH), Encapsulating Security Payloads (ESP), and Security Associations (SA) as part of its security architecture. The Cisco IPsec implementation uses DES and 3DES in Cipher Block Chaining (CBC) mode. Works at the network layer (Layer 3) encapsulating IP packets. Uses a plaintext Layer 3 header to allow for routing compatibility. When configuring, a few basic parts must be provided: IPsec protocol, confidentiality, integrity, authentication, and secure key exchange.   Wikipedia         

Internet Protocol Security (IPsec) Authentication Guaranties message comes from the right person and was not forged. (PSK, RSA)            

Intel Core i7 7700K Kaby Lake CPU from Intel. 4 Cores, 8 Threads, 8M Cache, up to 4.50 GHz, 91W TDP Released January 3, 2017.  Intel ARK  Wikipedia       

Internet Protocol Security (IPsec) Confidentiality encrypts traffic so it can not be read. (encryption if ESP: DES, 3DES, AES, SEAL)            

Internet Protocol Security (IPsec) Configuration Steps: ACLs, ISAKMP (IKE) policy, IPsec transform set, crypto ACL, crypto map.

   Netacad (Configure Compatible ACLs)  Netacad (IKE Parameters for ISAKMP)  Neatcad (Pre-Shared Keys)  Netacad (Transform Sets)  Netacad (Crypto ACL)  Netacad (Crypto Map)

Intel Core i9-7980XE CPU from Intel. Announced at Computex 2017 May 30, 2017.  Website  Wikipedia       

Infrastructure as a Service (IaaS)    Wikipedia         

IN Equality operator. Can be used in place of INTERSECT if IN is not supported by the DBMS.            

International Data Encryption Algorithm (IDEA) [originally called Improved Proposed Encryption Standard (IPES)] Symmetric-key block cipher. Intended as a replacement for the Data Encryption Standard (DES). IDEA is a minor revision of an earlier cipher Proposed Encryption Standard (PES). Designed by James Massey of ETH Zurich and Xuejia Lai and was first described in 1991.  Wikipedia         

Jetico Encryption Software & Wiping Software   Website         

Lock It Down Locks your 'Content Sensitive' files and folders quickly and professionally using 128-bit Thayer encryption, which make it unable for others to view or use them without your consent, which results in a clean conscience and instant peace of mind.   Website         

kernel The core of an OS.   Wikipedia         

Virtual Private Network (VPN) IP tunnels that extend a private network across a public network, usually the internet. Enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Typically encrypted but does not need to be, such as in the case of GRE and Frame Relay. The encryption algorithm combines message text with a key to make the message unreadable by unauthorized receivers. Two kinds of VPNs: site-to-site and remote access. Can operate at OSI Layer 2 (Frame Relay, ATM, HDLC, PPP) or OSI Layer 3 (GRE, MPLS, IPsec).   Wikipedia         

chargeback Policy used by IT departments to allocate and/or bill the costs associated with each department's or division's usage. As of 2011, the chargeback mechanisms are often controversial in organizations.  Wikipedia         

AMD EPYC Family of server chips from AMD based on the Zen microarchitecture. Announced May 16, 2017. Released June 20, 2017.  Website  Wikipedia       

E3 2019  June 11-13 in Las Angeles.  Website  Wikipedia       

NT LAN Manager (NTLM) Suite of Microsoft security protocols intended to provide authentication, integrity, and confidentiality to users. The NTLM protocol suite is implemented in a Security Support Provider, which combines the LAN Manager authentication protocol, NTLMv1, NTLMv2 and NTLM2 Session protocols in a single package. Whether these protocols are used or can be used on a system is governed by Group Policy settings, for which different versions of Windows have different default settings. NTLM passwords are considered weak because they can be brute-forced very easily with modern hardware. Successor to the authentication protocol in Microsoft LAN Manager (LANMAN).  Wikipedia         

aggregate functions (COUNT, MIN, MAX, and AVG) special functions that perform arithmetic computations over a set of rows. Usually used in conjunction with a GROUP BY clause to group the output of aggregate computations by one or more attribute rows that match a given condition.            

WHERE SQL clause that narrows query results. Can be used with SELECT, UPDATE, and DELETE statements to restrict rows affected by the DDL command.    Wikipedia         

column list Represents one or more column names separated by commas. May also include computed columns, aliases, and aggregate functions.            

column Each database table column represents an attribute. Each column has a distinct name.            

SELECT SQL statement that returns a set of records from one or more tables. Main data retrieval command in SQL.   Wikipedia         

INSERT SQL command used in databases to add new rows to tables.            

Data Manipulation Commands (DML) Allow you to add, modify, and delete rows from tables. Basic commands are; SELECT, INSERT, UPDATE, DELETE, COMMIT, and, ROLLBACK.             

data definition commands Allows you to create tables and indexes. Commands are; CREATE TABLE, CREATE INDEX, ALTER TABLE, DROP TABLE, DROP INDEX. Many SQL constraints can be used with columns.            

ANSI SQL data types Basic types include; NUMBER, NUMERIC, INTEGER, CHAR, VARCHAR, and DATE. Support is different in each RDBMS.   Microsoft Access Equivalent ANSI SQL Data Types         

SQL commands Can be divided into two overall categories: data definition language (DDL) and data manipulation language (DML) commands.            

F8 2019  April 30 - May 1  Website         

TO_NUMBER Oracle function used to convert a character string into a number. Digits are represented by “9”.            

Microsoft Build 2018  May 7-9.  Website         

Microsoft Build 2019  May 6-8 in Seattle, WA at the Washington State Convention Center.  Website         

composite key Multiple-attribute key.            

Avengers: Infinity War  Released April 27, 2018.  IMDB         

Avengers: Endgame  Released April 26, 2019.  IMDB         

VMworld 2019  August 25-29 in San Francisco.  Website         

VMworld 2018  August 26-30 in Las Vegas.  Website         

Data-Over-Cable Service Interface Specification (DOCSIS)    Wikipedia         

datagram Basic transfer unit in a packet-switched network.

OSI Layer datagam
Layer 4 segment
Layer 3 packet
Layer 2 frame
Layer 1 Chip (CDMA)
   Wikipedia         

Database Handle (DBH) ($dbh)            

Database Description (DBD) One of the OSPF protocol messages.            

database A collection of data.   Wikipedia         

data type A classification identifying the type of data. (i.e.    Wikipedia         

WWDC 2019 Apple Worldwide Developers Conference June 3-7 in San Jose, CA.  Website  Wikipedia       

query (aka: Information retrieval) A request for information. A question.   Wikipedia (Query)  Wikipedia (Information Retrieval)       

simple attribute Attribute that cannot be subdivided.            

HAVING clause The HAVING clause is used to restrict the output of a GROUP BY query by applying a conditional criteria to the grouped rows.            

Updatable View Can be used to update attributes in the base tables that are used in the view.            

MINUS Relational set operator. SQL command that combines rows from two queries and returns only the rows that appear in the first set but not in the second.            

correlated subquery Subquery that executes once for each row in the outer query.            

John Sculley  Third CEO of Apple from 1983-1993. Born April 6, 1939.  Wikipedia  Cult of Mac       

Apple Special Event "It's show time." Held at the Steve Jobs Theater in the Apple Park campus March 25, 2019.  Wikipedia         

Google I/O 2019  May 7 - May 9 at the Shoreline Amphitheatre in Mountain View, CA.  Website  Wikipedia       

World Wide Web (WWW) (aka: the Web, port 80) HTTP/web services. Information space where documents and other web resources are identified by Uniform Resource Locators (URLs, such as https://www.example.com/), which may be interlinked by hypertext, and are accessible via the Internet. The resources of the WWW may be accessed by users via a software application called a web browser. Invented by English scientist Tim Berners-Lee while working for CERN by submitting Information Management: A Proposal on March 12, 1989.  Wikipedia         

Firefox 60  Released alongside Firefox 60 ESR May 9, 2018.  Wikipedia         

Firefox 59  Released March 13, 2018.  Wikipedia         

Firefox 61  Released January 23, 2018.  Wikipedia         

Homebrew Computer Club Early computer hobbyist group in Menlo Park, California. Met from March 1975 to December 1986. First meeting held on March 5, 1975.  Wikipedia         

foreign key Values are required to match the primary key of another table. Proper use of foreign keys is crucial to controlling data redundancy.   Wikipedia         

table (aka: relation) Collection of related data held in columns and rows within a database. Persistent representation of a logical relation in a database. Table and relation are used interchangeably because the relational model's creator, E. F. Codd, used the two terms as synonyms.   Wikipedia         

AREA Named section of permanent storage space that is reserved to store the database. Used in DB2.            

Relational Database Management System (RDBMS) Type of database management system (DBMS) based on the relational model of data. Most databases in widespread use today are based on this model.   Wikipedia         

Database management systems (DBMS) Software that interacts with end users, applications, and the database itself to capture and analyze data. The order of rows and columns is not important.   Wikipedia         

while loop Loop that runs while it is true.   Wikipedia         

web threat Any threat that uses the World Wide Web to facilitate cybercrime.   Wikipedia