Alextreme.org

IT security is getting out of the basement and starting to infiltrate everyday life. If the recent Wikileaks, Anonymous, Stuxnet and Sony PSN debacles weren't enough, now it's finally in the open that the trust everyone takes for granted when using encrypted connections is mostly based on wishful thinking and a bit of hand-waving.

DigiNotar, by thinking that running a certificate authority we all trust is best run by a total lack of security, has likely put Iranians at severe risk. What it has exposed is one of the internet's dirty little secrets: SSL encryption, what we all depend on for banking, email and e-commerce, is mostly worthless without a viable model of trust. And our model of trust is severely lacking at the moment.

DigiNotar was a terrible offender and that they promptly got revoked will be the least of their worries, but it wasn't the first offender. Comodo and StartCom both had break-ins recently and it is likely that more certificate authorities are as terrible as DigiNotar. The difference is that DigiNotar didn't act directly: it took 2 months before an Iranian user noticed something was wrong with his Gmail-certificate. Bad security is one thing, but not doing anything after such a break-in is malice.

Your browser currently trusts 600+ of these certificate authorities, from which DigiNotar has hopefully been removed. None of these companies will mean anything to your average user except maybe VeriSign, and your typical user will trust a site with a VeriSign-logo without even looking at a certificate. Yet all of these CAs are trusted to provide certificates with which our connections are encrypted: they are the only line of defense when it comes to man-in-the-middle attacks. And the likes of TDC, XRamp and TurkTrust are trusted to not make the same mistakes as DigiNotar...

Rather than repeat his words, Moxie Marlinspike's talk on SSL and authenticity says it all.

What can your company do? Take security seriously. DigiNotar wouldn't be in this situation if they had given a thought about security, but the situation wouldn't be as desperate if they had acted right away. I have contacted a few companies regarding security lapses on their side (one unknowingly disclosed 200k accounts a few months ago, no I'm not naming them) and thankfully they have all quickly taken appropriate measures. This is all we ask.

Is there a silver lining? Naturally. The whole charade with certificate authorities has given us Ubuntu...

With the previous blog post noting that I've moved to Alphen aan den Rijn, I'm sad to say that 10 months later our new town has suffered a terrible loss: Two days ago a madman killed 6 and wounded 17 by firing an automatic rifle in our local shopping-mall. He then committed suicide.

It's a surreal situation. Alphen is a small town, and probably was most remarkable because it was so unremarkable. The shopping mall was as common as they get and we went there nearly daily. Our thoughts go out to the victims of this attack, but at the same time the realization that either of us or any of our neighbors only by sheer chance weren't in the Ridderhof at the time of the shooting is terrifying. Something that only happens in the US of Arms or in the movies suddenly comes much too close.

Tomorrow the Ridderhof opens again. Faces that were on the TV again behind the register. The doors you walked through every day that were sprayed with bullets boarded up. Surreal. I think it will take everyone a lot of time to come to terms with what happened. Alphen will unfortunately never be unremarkable again.

Wohoo, finally got a connection to the internet at my new place!

Over the weekend we hauled all our stuff from Amstelveen to Alphen a/d Rijn (40km further south), where we bought a very nice 3-story house last month.

Lots of photos to come, this post was just to verify that they even migrated my old IP address for me. <3 Telfort! :)

I finally got around to putting a version of Django Bingo online:

Django Bingo at Github

For an example dashboard, see my network monitor.

Note that it is very rough, I hope to improve the code over the next few
weeks. But at least you have something to play with!

Give it a try and let me know what you think (both good and bad).

Held a presentation yesterday at the first ever Dutch Django meeting held at the ABC Treehouse in Amsterdam. The meeting grew out of the Python Usergroup Netherlands. The turnout was surprisingly large.

More on the meeting here, or grab my slides+notes directly.

The presentation was the first time I openly discussed this Aperte-project: Dashboards for Django (and "Bingo" was his name, o!). It features a web-based query builder and allows you to easily set up dashboards for your Django applications.

Screenshot:

I haven't released the project yet, hope to do so sometime next week. The interest in the project surprised me actually. It seems I'm not the only one who likes pretty graphs and tables, but hates all the work that surrounds building them...

EDIT: Photos of the meeting

The Django admin by default only has the add, change and delete permissions. These permissions allow you to section off your admin, allowing certain users to only modify certain objects (and with my sub-admin class you can limit permissions at an object-level!).

What the admin doesn't allow is giving read-only permissions. The reason for this, according to the Django developers, is that you must trust every user logging into the admin interface. Read-only or view permissions means you don't trust your users, thus they shouldn't have access anyway.

Of course, if we continue this reasoning, why would you have permissions at all? If you trust everyone who logs in you wouldn't need the ability to assign add, change and delete permissions. But the reason behind this is probably that the Django admin hasn't been thoroughly tested for security holes and that they'd rather not have anonymous viewing permissions, which makes sense.

I've written a quick add-view-permissions patch for Django 1.1. The results are unremarkable but effective, as the following screenshots show of a user with view-only permissions:

Feel free to use the patch, but be warned: if users logging in to your site really want to change something, they'll probably find a way through.

I've placed a couple of my Django patches together here.