The Security Token Wikipedia page doesn’t seem to clearly describe the types of token.
Categories of Security Token
It seems to me that the following categories encompass all security tokens:
Biometric tokens – which seems rather pointless to me. Having a device I control verify my biometric data doesn’t seem to provide a benefit. The [...]
Bruce Schneier’s blog post about the Mariposa Botnet has an interesting discussion in the comments about how to make a secure system . Note that the threat is considered to be remote attackers, that means viruses and trojan horses – which includes infected files run from USB devices (IE you aren’t safe just [...]
The Opera-Mini Dispute
I have just read an interesting article about the Opera browser . The article is very critical of Opera-Mini on the iPhone for many reasons – most of which don’t interest me greatly. There are lots of technical trade-offs that you can make when designing an application for a constrained environment (EG [...]
I have returned from the US and my SE Linux Play Machine  is online again.
It was unfortunate that I forgot to pack one of my Play machine shirts, I ended up attending a meeting of the SDForum  on the topic of Cloud Security (it was a joint meeting of the Cloud Services [...]
I’m about to leave for San Francisco, so my SE Linux Play Machine is turned off and will remain off until after I return.
I have just filed Debian bug report #556644 against the version of openssh-server in Debian/Unstable (Squeeze). It has a patch that moves the code to set the SE Linux context for the child process before calling chroot. Without this a chroot environment on a SE Linux system can only work correctly if /proc and /selinux [...]
Update: Thanks to Sven Joachim and Andrew Pollock for informing me about /etc/init.d/mountoverflowtmp which exists to mount a tmpfs named overflow if /tmp is full at boot time. It appears that the system was not compromised. But regular reinstalls are always a good thing.
On the 24th of August this year I noticed the following [...]
Jetstar has announced some new changes to the way they manage their IT infrastructure . Some parts of it are obvious things that people have been doing (or wanting to do) for a long time – such as using thin clients with no moving parts (not even cooling fans).
But the really interesting part is [...]
The CK12 project is developing free (CC by SA) textbooks for the K-12 market (with a current focus on the early years of high school) . Their primary aim seems to be flex-books – text books that can be localised and modified to better suit the needs of the students. But of course there are [...]
I predict that over the course of the next 10 years there will be more security problems discovered in Sendmail than in Postfix and Qmail combined. I predict that the Sendmail problems will be greater in number and severity.
I also predict that today’s versions of Postfix and Qmail will still be usable in 10 [...]