recent

Meltdown Vulnerability in Intel and ARM processors. Reported January 3, 2018.  Website  Wikipedia  ZDNet  The Verge (Processor flaw exposes 20 years of devices to new attack)  The Verge (How to protect your PC against the major 'Meltdown' CPU security flaw) 

Charles Babbage An English polymath. A mathematician, philosopher, inventor and mechanical engineer, Babbage originated the concept of a digital programmable computer. December 26, 1791 – October 18, 1871.  Wikipedia  Computer History Museum       

Isaac Asimov American writer and professor of biochemistry at Boston University. He was known for his works of science fiction and popular science. Asimov was a prolific writer. January 2, 1920 - April 6, 1992.  Wikipedia         

\' Single-quote character.            

404 error Not Found   Wikipedia         

5 GHz (SHF) 802.11a/n/ac/ad            

5G 5th generation cellular network. Expected to become a standard in the early 2020s  Wikipedia         

* (asterisk) * Regular expression used to match zero or more characters.   Wikipedia         

$ (dollar sign) Regular expression that matches the end of a line. Example: foobar$ will find a line ending in the word foobar.   Wikipedia         

\%3B regular expression hex equivalent of ; (semicolon) character            

\%6F regular expression hex equivalent of "o" character.            

\%4F regular expression hex equivalent of "O" character.            

\%72 regular expression hex equivalent of "r" character.   Website  Wikipedia       

\%52 regular expression hex equivalent of "R" character.   Website  Wikipedia       

x regular expression to ignore white spaces in a pattern.             

\%3D regular expression hex equivalent of = (equal) character.            

\%23 regular expression hex equivalent of hash character.            

i regular expression case-insensitive            

\-\- regular expresion double-dash.            

# hash/pound symbol.            

(x+y)2 (x+y)(x+y)   Wolfram|Alpha         

802.1X (aka: EAP over IEEE 802, EAP over LAN) IEEE Standard for Port-based Network Access Control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.   Wikipedia         

403 error Forbidden   Wikipedia         

3DES-Encrypt-Decrypt-Encrypt (3DES-EDE) The way 3DES encrypts plaintext.            

3COM  Founded in 1979.  Wikipedia         

32-Bit (x86-32 or x86) Supports up to 4 GB of memory.   Wikipedia         

224.0.0.9 RIPv2 broadcast address            

224.0.0.10 EIGRP multicast address            

.mp3 File extension for an MP3 file. The name .mp3 was chosen by the Fraunhofer team on July 14, 1995.  Wikipedia         

| regular expression 'or'.            

\%27 Hex equivalent of single-quote character.            

attack Attack = Motive (Goal) + Method + Vulnerability.            

Mission Impossible - Fallout  Released July 27, 2018.  IMDB         

X-Men  Released July 14, 2000  IMDB  Nerdist       

WWDC 2020 Apple Worldwide Developers Conference June 22-26 all online.  Website  Wikipedia  Apple Newsroom     

sandbox Security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. Isolated space where untested code and experimentation can safely occur separate from the production environment.   Wikipedia         

Simple Object Access Protocol (SOAP) Messaging protocol specification for exchanging structured information in the implementation of web services in computer networks. Allows developers to invoke processes running on disparate operating systems (such as Windows, macOS, and Linux) to authenticate, authorize, and communicate using Extensible Markup Language (XML). Since Web protocols like HTTP are installed and running on all operating systems, SOAP allows clients to invoke web services and receive responses independent of language and platforms.   Wikipedia         

Static Application Security Testing (SAST) set of technologies designed to analyze application source code, byte code and binaries for coding and design conditions that are indicative of security vulnerabilities. SAST solutions analyze an application from the “inside out” in a nonrunning state, prior to going into production.   Gartner         

REpresentational State Transfer (REST) Lightweight and scalable software architectural style that defines a set of constraints to be used for creating Web services. Web services that conform to the REST architectural style, called RESTful Web services, provide interoperability between computer systems on the Internet. RESTful Web services allow the requesting systems to access and manipulate textual representations of Web resources by using a uniform and predefined set of stateless operations. Other kinds of Web services, such as SOAP Web services, expose their own arbitrary sets of operations.   Wikipedia         

Web Application Firewall (WAF)  Detects how applications interact with the environment.Optimal for detecting SQL injections and XSS.           

GitHub Social network for programmers.   Website  Wikipedia  YouTube (GitHub Training & Guides)     

Gil Amelio  Named CEO of Apple Computer February 2, 1996  Wikipedia  This Day in Tech History       

GameCube Video game console made by Nintendo. First released in Japan September 14, 2001.  Wikipedia         

Google Pixel 2 Smartphone from Google. Announced October 4, 2017.  Website  Wikipedia       

Google I/O 2017  May 17 - May 19 at the Shoreline Amphitheatre in Mountain View, California.  Website         

blank page suppression Where the printer removes blank pages from a job.   HP         

DEF CON 28 SAFE MODE  August 6-9, 2020 online.  Website         

DEF CON China 2  On Hold - Dates TBD. 751D Park in Beijing, China.  Website         

DEF CON 30  Aug. 11-14, 2022  Website         

Blend GUI design tool developed by Microsoft.   Wikipedia         

blanks Artificial data added to fill blocks in a block cipher.             

Blue Gene Supercomputer from IBM. Announced December 1999.  Wikipedia         

Blaise de Vigenère Vigenère cipher. April 5, 1523 - February 19, 1596  Wikipedia         

Black Hat USA 2020 Now in its 23rd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest security research, development and trends. Black Hat USA 2020 will be entirely virtual this year, held over the same dates, August 1-6. August 1-6, 2020.  Website         

Black Hat Asia 2020 The information security community comes together for esteemed Trainings taught by industry experts, innovative research presentations at Briefings, the latest open-source tool demos in Arsenal, and the Business Hall featuring top-tier solutions and service providers. Black Hat returns to Marina Bay Sands in Singapore, September 29 - October 2, 2020.  Website         

Black Hat USA 2019  August 3-8, 2019.  Website         

Global AppSec San Francisco 2020  October 19-23, 2020  Website         

Microsoft Build 2020 First all-digital conference from Microsoft. May 19–21, 2020.  Website         

Solo: A Star Wars Story  Released May 25, 2018.  IMDB         

data integrity (checksum) Maintenance of, and the assurance of the accuracy and consistency of data over its entire life-cycle, and is a critical aspect to the design, implementation and usage of any system which stores, processes, or retrieves data. The term is broad in scope and may have widely different meanings depending on the specific context – even under the same general umbrella of computing.   Wikipedia         

entity integrity Concerned with ensuring that each row of a table has a unique and non-null primary key value; this is the same as saying that each row in a table represents a single instance of the entity type modelled by the table. A requirement of E. F. Codd in his seminal paper is that a primary key of an entity, or any part of it, can never take a null value.   Wikipedia         

Hash-Based Message Authentication Code (HMAC) (aka: Keyed-Hash Message Authentication Code [KHMAC]) Data integrity algorithm guaranteeing the integrity of a message. Adds a secret key to the hash function.   Wikipedia         

Unique Identifier (UID) Any identifier which is guaranteed to be unique among all identifiers used for those objects and for a specific purpose.   Wikipedia         

PCI Express 5.0  PCI-SIG officially announced the release of the final PCI-Express 5.0 specification May 29, 2019  Wikipedia         

Digital Signature Algorithm (DSA) (authentication) Federal Information Processing Standard (FIPS) for digital signatures, based on the mathematical concept of modular exponentiation and the discrete logarithm problem. DSA is a variant of the Schnorr and ElGamal signature schemes. DSA signature generation is faster than DSA signature verification. Attributed to David W. Kravitz. Filed under U.S. Patent 5,231,668 July 26, 1991. Adopted by the U.S. government in 1993 with FIPS 186.  Wikipedia         

Bruce Schneier American cryptographer, computer security professional, privacy specialist and writer. Born January 15, 1963.  Website  Wikipedia       

Cyan, Magenta, Yellow, Key (black) (CMYK) color model    Wikipedia         

DC-to-DC converter Converts DC from one voltage level to another.   Wikipedia         

Deadlock waiting for a process that never finishes.   Wikipedia         

Dialed Number Identification Service (DNIS)    Wikipedia         

Digital Subscriber Line Access Multiplexer (DSLAM)    Wikipedia         

Digital Signal 3 (DS3) 44.736Mbps   Wikipedia         

Digital Signal 1 (DS1) (T1 line) 1.544Mbps bandwidth   Wikipedia  T1Rex       

Digital Signal 0 (DS0) Adapter    Cisco         

Digital Rights Management (DRM)             

Digital Serial Interface (DSI) Protocol for controlling lighting in buildings.   Wikipedia         

Digital Signal 0 (DS0) Dedicated line (not shared) at 64Kbps. 24 bundled is a DS1 line or T1 line.   Wikipedia         

subquery Query linked to another query.   Wikipedia         

Network Operating System (NOS) Specialized operating system for a network device such as a router, switch or firewall. Designed to support many users and share resources between them in a client-server architecture. Early examples of client-server operating systems include Novell NetWare, Solaris, Windows NT/2000/XP/Server 2003, HP-UX, AIX and Linux. This description of operating systems is now largely historical, as common operating systems include a network stack to support a client–server model.  Wikipedia  Netacad       

Computer Emergency Response Team (CERT) [aka: Computer Emergency Readiness Team, Computer Security Incident Response Team (CSIRT)] Expert group that handles computer security incidents. USA CERT created by the Defense Advanced Research Projects Agency (DARPA) and run by the Software Engineering Institute (SEI) at the Carnegie Mellon University. CERT name first used in 1988 by the CERT Coordination Center (CERT-CC) at Carnegie Mellon University (CMU).  SEI Website  Wikipedia       

Internet Control Message Protocol version 6 (ICMPv6) ICMP for IPv6            

Internet Corporation for Assigned Names and Numbers (ICANN)    Wikipedia  Website       

Internet Engineering Steering Group (IESG)    Website  Wikipedia       

Internet Engineering Task Force (IETF)             

Internet Group Management Protocol (IGMP)             

Internet Header Length (IHL)             

Internet Information Server (IIS)    Wikipedia         

Internet Information Services (IIS)    Wikipedia         

Internet Key Exchange (IKE) (UDP port 500, RFC 2409) Used to set up a security association (SA) in the IPsec protocol suite to authenticate users and devices. Builds on the Oakley protocol and ISAKMP. Uses X.509 certificates for authentication. Several types of authentication: username, password, one-time password, biometrics, PSK, and digital certificates. Originally defined by the IETF in RFC 2407, RFC 2408 and RFC 2409 November 1998.  Wikipedia  RFC 2407  RFC 2408  RFC 2409   

Internet Key Exchange (IKE) Phase 1 Authentication. 3 keys exchanged. Main mode or aggressive mode.            

Internet Key Exchange (IKE) Phase 2 Key Exchange. IPsec transform sets. unidirectional IPsec SAs.            

Internet Message Access Protocol (IMAP) (IMAP: port 143, IMAPS: port 993) Protocol for email retrieval. IMAP Secure (IMAPS) operates over SSL or TLS. Designed by Mark Crispin in 1986.  Wikipedia         

Internet Printing Protocol (IPP)  Proposed by Novell in 1996.  Wikipedia         

Internet Protocol (IP) The network layer service implemented by the TCP/IP protocol suite. (Connectionless, Best Effort (unreliable), Media Independent.)   Wikipedia  YouTube       

Internet Protocol Flow Information Export (IPFIX)             

Internet Protocol Security (IPsec) Framework of open standards defining how a VPN can be configured and secured. Provides data integrity, peer authentication, data confidentiality (encryption). Not bound to any encryption, authentication, security algorithms, or keying technology. Uses Authentication Headers (AH), Encapsulating Security Payloads (ESP), and Security Associations (SA) as part of its security architecture. The Cisco IPsec implementation uses DES and 3DES in Cipher Block Chaining (CBC) mode. Works at the network layer (Layer 3) encapsulating IP packets. Uses a plaintext Layer 3 header to allow for routing compatibility. When configuring, a few basic parts must be provided: IPsec protocol, confidentiality, integrity, authentication, and secure key exchange.   Wikipedia         

Internet Protocol Security (IPsec) Authentication Guaranties message comes from the right person and was not forged. (PSK, RSA)            

Intel Core i7 7700K Kaby Lake CPU from Intel. 4 Cores, 8 Threads, 8M Cache, up to 4.50 GHz, 91W TDP Released January 3, 2017.  Intel ARK  Wikipedia       

Internet Protocol Security (IPsec) Confidentiality encrypts traffic so it can not be read. (encryption if ESP: DES, 3DES, AES, SEAL)            

Internet Protocol Security (IPsec) Configuration Steps: ACLs, ISAKMP (IKE) policy, IPsec transform set, crypto ACL, crypto map.

   Netacad (Configure Compatible ACLs)  Netacad (IKE Parameters for ISAKMP)  Neatcad (Pre-Shared Keys)  Netacad (Transform Sets)  Netacad (Crypto ACL)  Netacad (Crypto Map)

Intel Core i9-7980XE CPU from Intel. Announced at Computex 2017 May 30, 2017.  Website  Wikipedia       

Infrastructure as a Service (IaaS)    Wikipedia         

IN Equality operator. Can be used in place of INTERSECT if IN is not supported by the DBMS.            

International Data Encryption Algorithm (IDEA) [originally called Improved Proposed Encryption Standard (IPES)] Symmetric-key block cipher. Intended as a replacement for the Data Encryption Standard (DES). IDEA is a minor revision of an earlier cipher Proposed Encryption Standard (PES). Designed by James Massey of ETH Zurich and Xuejia Lai and was first described in 1991.  Wikipedia         

Jetico Encryption Software & Wiping Software   Website         

Lock It Down Locks your 'Content Sensitive' files and folders quickly and professionally using 128-bit Thayer encryption, which make it unable for others to view or use them without your consent, which results in a clean conscience and instant peace of mind.   Website         

kernel The core of an OS.   Wikipedia         

Virtual Private Network (VPN) IP tunnels that extend a private network across a public network, usually the internet. Enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Typically encrypted but does not need to be, such as in the case of GRE and Frame Relay. The encryption algorithm combines message text with a key to make the message unreadable by unauthorized receivers. Two kinds of VPNs: site-to-site and remote access. Can operate at OSI Layer 2 (Frame Relay, ATM, HDLC, PPP) or OSI Layer 3 (GRE, MPLS, IPsec).   Wikipedia         

chargeback Policy used by IT departments to allocate and/or bill the costs associated with each department's or division's usage. As of 2011, the chargeback mechanisms are often controversial in organizations.  Wikipedia         

AMD EPYC Family of server chips from AMD based on the Zen microarchitecture. Announced May 16, 2017. Released June 20, 2017.  Website  Wikipedia       

E3 2019  June 11-13 in Las Angeles.  Website  Wikipedia       

NT LAN Manager (NTLM) Suite of Microsoft security protocols intended to provide authentication, integrity, and confidentiality to users. The NTLM protocol suite is implemented in a Security Support Provider, which combines the LAN Manager authentication protocol, NTLMv1, NTLMv2 and NTLM2 Session protocols in a single package. Whether these protocols are used or can be used on a system is governed by Group Policy settings, for which different versions of Windows have different default settings. NTLM passwords are considered weak because they can be brute-forced very easily with modern hardware. Successor to the authentication protocol in Microsoft LAN Manager (LANMAN).  Wikipedia         

aggregate functions (COUNT, MIN, MAX, and AVG) special functions that perform arithmetic computations over a set of rows. Usually used in conjunction with a GROUP BY clause to group the output of aggregate computations by one or more attribute rows that match a given condition.            

WHERE SQL clause that narrows query results. Can be used with SELECT, UPDATE, and DELETE statements to restrict rows affected by the DDL command.    Wikipedia         

column list Represents one or more column names separated by commas. May also include computed columns, aliases, and aggregate functions.            

column Each database table column represents an attribute. Each column has a distinct name.            

SELECT SQL statement that returns a set of records from one or more tables. Main data retrieval command in SQL.   Wikipedia         

INSERT SQL command used in databases to add new rows to tables.            

Data Manipulation Commands (DML) Allow you to add, modify, and delete rows from tables. Basic commands are; SELECT, INSERT, UPDATE, DELETE, COMMIT, and, ROLLBACK.             

data definition commands Allows you to create tables and indexes. Commands are; CREATE TABLE, CREATE INDEX, ALTER TABLE, DROP TABLE, DROP INDEX. Many SQL constraints can be used with columns.            

ANSI SQL data types Basic types include; NUMBER, NUMERIC, INTEGER, CHAR, VARCHAR, and DATE. Support is different in each RDBMS.   Microsoft Access Equivalent ANSI SQL Data Types         

SQL commands Can be divided into two overall categories: data definition language (DDL) and data manipulation language (DML) commands.            

F8 2019  April 30 - May 1  Website         

TO_NUMBER Oracle function used to convert a character string into a number. Digits are represented by “9”.            

Microsoft Build 2018  May 7-9.  Website