Diogo Monica's Picture Home

I lead Security @Docker,
advise a handful of Startups
and do Security Research.
Follow @diogomonica on twitter
or learn a little bit more about me.

Password Security: Why the horse battery staple is not correct

I’ve intentionally kept myself from commenting on Password Security in the wake of the last month’s mass iCloud account compromise. My feeling was that this topic had already been discussed to exhaustion, and there really was nothing new about the problem that was worth discussing.

However, as I read through the dozens of articles on how to choose a strong password, I realized that the majority of them are focused on trying to solve the wrong problem.

We should not be incentivizing people to choose passwords in the first place.

MPTCP: The path to multipath

I first heard about MultiPath TCP (MPTCP) in 2007 when I met Olivier Bonaventure in Louvain-la-Neuve, Belgium.

In the meantime MPTCP has been gaining a ton of traction, from having Apple using it for Siri on iOS to large loadbalancer vendors like F5 supporting it and even large-scale media covering it's advantages.

If you want a primer on MPTCP you should check out the suprisingly readable RFC, or even this article by Olivier Bonaventure. There is also a ton of information on the Linux Kernel MultiPath TCP project multipath-tcp.org.

Skynet (beta): The rise of the Beam robot

At work we bought a few telepresence robots from SuitableTech called Beam. The Beam robots allow anyone from a remote location to have face-to-face interaction with the people at our HQ.

Each Beam robot boasts two wide-angle HD cameras, a 6-microphone array that cancels echo and reduces background noise, a 17" screen, and a built-in speaker. It has a top speed of 3mph, and the battery lasts for 8 hours of active use.

Bot wars - The arms race of restaurant reservations in SF

I love food. This means that I'm bound to compete for reservations at good restaurants with the hipsters that are native to San Francisco. This is a peek into the arms race going on in restaurant reservations right now.

TL;DR: Get the code to make automatic reservations at any Urbanspoon restaurant here.

State Bird Provisions

Weird packet of the day

Once in a while I open wireshark and just look at my baseline traffic. It's useful for when I actually want to find something weird to quickly distinguish between what's normal and what looks fishy.

Weird traffic

One of the quickest ways of discarding normal traffic is by looking at the destination hosts and ports. This is one of those cases where both the destination reverse lookup and the port looked weird to me.