Valgrind and OpenSSLValgrind and OpenSSL
I’ve just filed Debian bug report #534534 about Valgrind/Helgrind reporting “Possible data race during write” [1]. I included a patch that seems to fix that problem (by checking whether a[...]
Category: Security
The Millennium Seed BankThe Millennium Seed Bank
Jonathan Drori gave an interesting TED talk about the Millenium Seed Bank [1]. The potential for discovering new uses of plants for food, medicine, and construction is obvious, so it[...]
The Main Security ProblemThe Main Security Problem
All security problems are to some degree people problems. Code may be buggy, but it was written by people who could have been better trained, had more time to spend[...]
Email PasswordsEmail Passwords
I was doing some routine sysadmin work for a client when I had to read mail in the system administration mailbox. This mailbox is used for cron job email, communication[...]
Amusing Thanks.txt EntryAmusing Thanks.txt Entry
My SE Linux Play Machine [1] has a file named thanks.txt for users to send messages to me [2]. On a number of occasions people have offered to give me[...]
Question about a “Secure Filesystem”Question about a “Secure Filesystem”
I have just been asked for advice about “secure filesystem” and decided to blog my answers. The first issue is what is meant by “secure filesystem, that could either mean[...]
Case Sensitivity and Published PasswordsCase Sensitivity and Published Passwords
When I first started running a SE Linux Play Machine [1] I used passwords such as “123456“. Then for a while I had “selinux” but when I created a T-shirt[...]
SE Linux Lenny Status UpdateSE Linux Lenny Status Update
I previously described four levels of SE Linux support on the desktop [1]. Last night I updated my APT repository of SE Linux packages for Lenny (as described on my[...]
Lenny Play Machine OnlineLenny Play Machine Online
As Debian/Lenny has been released and the temperatures in my part of the world are no longer insanely hot I have put my SE Linux Play Machine [1] online again.[...]
Do Spammers target Secondary MX ServersDo Spammers target Secondary MX Servers
Rumour has it that some types of spammer target the secondary MX servers. The concept is that some people have less control over the secondary MX server and less ability[...]