Miscellaneous Papers

[Return to front page]

This section contains a variety of (mostly technical) papers, either completed or in progress. Please select one below to view/download. If you are interested in monitoring this page for changes, please use the site-wide RSS feed.

Serious Stuff

HOWTO: chroot SFTP (only) Finally, I've found a way to configure SSH/SFTP for Web hosting users exactly the way I want it, with minimum maintenance and maximum restriction. Here's how I did it. [Note that this functionality is now built in to OpenSSH from version 4.9 onwards - I have included instructions on how to use this as well].
HOWTO: Sharp Zaurus SL-5500 + Kismet I was recently asked to build a handheld wireless scanning device - this is a full breakdown of what I did.
Spam - A 21st Century Plague
Part A - All Readers [PDF, 354KB]
Part B - System Administrators [PDF, 233KB]
An article on spam. What it is, who's sending it and why, and what can we do to protect ourselves from it. Written in two parts - the first part is for general consumption, whilst the second is for anyone running a mail server or generally managing mail systems or services.
Whom do you Trust?
[PDF, 161KB]
An article (White Paper if you like, although not if you print it on pink or yellow paper!) on SSL. Intended to raise general awareness of how SSL (the little padlock) works, and the fact that it may not always provide the level of protection you think. In draft form at the moment , but I will update and release a final version at some point.
ENUM in the UK
[PDF, 166KB]
The DTI has released a consultation document regarding the UK implementation of the 'ENUM' concept. The idea is to allow DNS to support telephone number lookups, returning e-mail addresses and other electronic information. Would you be happy for online information to be available to anyone that has your telephone number? Or, conversely, to be able to obtain your telephone number from your e-mail address? This is a discussion paper I put together on the topic.
Comment on Cookies
[Plain text version]
A quick article written to educate some concerned netizens about cookies.
ISSG Linux Day As promised to those present, my presentation to the attendees at the BCS ISSG Linux Day on 25 September 2003.
ISSG Grid Computing / Open Source Seminar My presentation on Open Source Security to the attendees at the BCS ISSG Grid Computing / Open Source Seminar on 04 October 2006. Unfortunately, the presentation makes a lot more sense with my commentary alongside, so I may write it up at some point in the future.
PC Security A series of semi-technical articles for the layman, dealing with security issues for the average Internet user. Many of these articles were generated from my responses to questions on online discussion groups; others were written from scratch.
Book Reviews (Fiction) Once upon a time, I used to have time to read non-technical books - I'm sure I will again one day, but in the meantime you can find here some reviews I wrote a long time ago...
EC Directive 1999/93/EC A section dedicated to my response to the DTI Consultation Document regarding the EC Directive on Electronic Signatures. Includes the response itself along with supporting and related paperwork. [Response submitted on 14th June 2001]

Not-so-serious Stuff

secure-your-web-server.txt A proposal document written after a particularly frustrating meeting with a client - not 100% serious, as I'm sure you will realise!
Friday Funny Archives See also this archive of weekly humorous articles - there is a link to subscribe on the same page.
Coming Soon A humorous rewrite of RFC 2504, Users' Security Handbook. I have already obtained permission from as many of the original RFC authors as I could contact.
Coming Soon(ish) A humorous rewrite of RFC 1244, Site Security Manual
[Don't hold your breath, though - this is a big document!]
Coming Soon(ish) A humorous rewrite of The Highway Code
[This one could take a while as well!]

PGP/GPG Public Key [4096/4096 RSA]
Contact The Minstrel
Web The Minstrel's Showcase