Profile cover photo
Profile photo
Daniël van Eeden
103 followers
103 followers
About
Posts

Post has attachment
How caching_sha2_password leaks passwords
Oracle recently announced a new authentication plugin: caching_sha2_password . This was added in 8.0.4 , the second release candidate for MySQL 8.0. The new plugin is also made the default (can be configured by changing default_authentication_plugin . Why? ...
Add a comment...

Post has attachment
GPD Pocker: Touchscreen rotation with wayland
The GPD pocket has a "Goodix Capacitive TouchScreen", which just like the display is rotated by default. The reddit thread suggests to fix this with xinput, which can be made permanent by adding a xorg config file. However this doesn't work if you are using...
Add a comment...

Post has attachment
Bluetooth on the GPD Pocked with Linux
I finally got bluetooth working on my GPD Pocket. This is with Fedora 26 and the rawhide kernel, but it probably works with many other kernels. /sys/kernel/debug/usb/devices tells me the bt chip is a Broadcom Corp BCM2045A0 I thought this would need special...
Add a comment...

Post has attachment
Follow-up on Fedora 26 on the GPD Pocket
To follow up on my previous post about the GPD Pocket: Turns out that there in fact is a bluetooth controller in the GPD pocket as pointed out to me on Facebook. But I didn't get it to work yet. It probably requires a proprietary firmware. The device shows ...
Add a comment...

Post has attachment
First days with Fedora 26 on the GPD Pocket
A few days ago I received the 'GPD Pocket' which I ordered from Indiegogo . It was delivered with Windows 10 and the Indiegogo page said that they will create a Ubuntu image for it. But Ubuntu is not my distro of choice these days. And the Ubuntu image is a...
Add a comment...

Post has attachment
MySQL and SSL/TLS Performance
In conversations about SSL/TLS people often say that they either don't need TLS because they trust their network or they say it is too slow to be used in production. With TLS the client and server has to do additional work, so some overhead is expected. But...
MySQL and SSL/TLS Performance
MySQL and SSL/TLS Performance
databaseblog.myname.nl
Add a comment...

Post has attachment
Network attacks on MySQL, Part 6: Loose ends
Backup traffic After securing application-to-database and replication traffic, you should also do the same for backup traffic. If you use Percona XtraBackup with streaming than you should use SSH to send your backup to a secure location. The same is true fo...
Add a comment...

Post has attachment
Network attacks on MySQL, Part 5: Attack on SHA256 based passwords
The mysql_sha256_password doesn't use the nonce system which is used for mysql_new_password , but instead forces the use of RSA or SSL. This is how that works: The client connects The server changes authentication to sha256 password (or default?) The server...
Add a comment...

Post has attachment
Network attacks on MySQL, Part 4: SSL hostnames
In my previous blogs I told you to enable SSL/TLS and configure it to check the CA. So I followed my advice and did all that. Great! So the --ssl-mode setting was used a few times as a solution. And it has a setting we didn't use yet: VERIFY_IDENTITY . In o...
Add a comment...

Post has attachment
Network attacks on MySQL, Part 3: What do you trust?
In my previous blogs I told you to enable SSL/TLS and force the connection to be secured. So I followed my advice and did forced SSL. Great! So now everything is 100% secure isn't it? No it isn't and I would never claim anything to be 100% secure. There are...
Add a comment...
Wait while more posts are being loaded