It’s too Hot in MelbourneIt’s too Hot in Melbourne
The Bureau of Meteorology has forecast temperatures of 43, 43, and 35 for today and the next two days. Those temperatures are in celcius. Yesterday was also above 40C so[...]
Category: Security
SE-LAPPSE-LAPP
On Tuesday afternoon I gave a talk on behalf of KaiGai Kohei about SE Linux and the LAPP (Linux Apache, PostgreSQL, PHP/Perl) stack. KaiGai has blogged about this [1], unfortunately[...]
Status of SE Linux in Debian LCA 2009Status of SE Linux in Debian LCA 2009
This morning I gave a talk at the Security mini-conf of LCA about the status of SE Linux in Debian. Here is a summary of the issues I covered: General[...]
Security Lessons from a FerrySecurity Lessons from a Ferry
On Saturday I traveled from Victoria to Tasmania via the ferry (to attend LCA), they grossly failed in their security measures and provide three lessons for others: Make it possible[...]
Security Enhanced PostgreSQLSecurity Enhanced PostgreSQL
Today was the first day of Linux Conf Au 2009 [1]. KaiGai Kohei was unable to attend the conference and give a database mini-conf presentation about his work on Security[...]
Debian Multimedia and SE LinuxDebian Multimedia and SE Linux
I have just had a need to install packages from Debian-Multimedia.org to correctly play .3gp files from my mobile phone (the stock Mplayer in Debian would not play the sound).[...]
Per-process Namespaces – pam-namespacePer-process Namespaces – pam-namespace
Mike writes about his work in using namespaces on Linux [1]. In 2006 I presented a paper titled “Polyinstantiation of directories in an SE Linux system” about this at the[...]
SE Linux and Decrypted DataSE Linux and Decrypted Data
There is currently a discussion on the Debian-security mailing list about how to protect data which came from an encrypted file. I was going to skip that one until someone[...]
EC2 SecurityEC2 Security
One thing that concerns me about using any online service is the security. When that service is a virtual server running in another country the risks are greater than average.[...]
The Security Benefits of Being UnimportantThe Security Benefits of Being Unimportant
A recent news item is the “hacking” of the Yahoo mailbox used by Sarah Palin (the Republican VP candidate) [1]. It seems most likely that it was a simple social-engineering[...]