Dustin Kirkland wrote an interesting post about fingerprint authentication . He suggests using fingerprints for identifying users (NOT authentication) and gives an example of a married couple sharing a tablet and using fingerprints to determine who’s apps are loaded.
In response Tollef Fog Heen suggests using fingerprints for lightweight authentication, such as resuming a session […]
Dr Suelette Dreyfus gave an interesting LCA keynote speech on Monday (it’s online now for people who aren’t attending LCA ). One of the interesting points she made was regarding the greater support for privacy protection in Germany, this is apparently due to so many German citizens having read their own Stasi files.
The section […]
The Scope of the Problem
Security is inherently complex because of the large number of ways of circumventing it. For example Internet facing servers have been successfully attacked based on vulnerabilities in the OS, the server application, public key generation, DNS, SSL key certificates (and many other programs and algorithms in use), as well as […]
At the end of my talk on Monday about the status of SE Linux  I described some of the things that I want to do with SE Linux in Debian (and general SE Linux stuff). Here is a brief summary of some of them:
One thing I’ve wanted to do for years is to […]
This morning I gave a status report on SE Linux. The talk initially didn’t go too well, I wasn’t in the right mental state for it and I moved through the material too fast. Fortunately Casey Schaufler asked some really good questions which helped me to get back on track. The end result seemed reasonably […]
A member of SAGE-AU  found two ATM skimmers  and gave me permission to publish his description and analysis of the situation. I’ve lightly edited this from a mailing list post to a blog format with permission from the author. This Courier-Mail article refers to the skimmers in question .
People were wondering what […]
I’ve just uploaded a new SE Linux policy for Debian/Wheezy. It now works correctly with systemd and Chromium, two significant features that I wanted for Wheezy. Now it turns out that we have until the end of the month for Wheezy updates, so I may get another version of the policy uploaded before then. If […]
It’s almost the Wheezy freeze time and I’ve been working frantically to get things working properly.
At the moment I’m preparing an upload of the policy which will support KDE (and probably most desktop environment) logins and many little fixes related to server operations (particularly MTAs). I would like to get another version […]
While writing my previous post I heard a huge noise at the front of my house. I found one man being restrained in a seated position on the ground at my front door, the man who was holding him down was accusing him of theft and asking me to call the police, and a woman […]
Some Random WTFs
The Daily WTF is an educational and amusing site that recounts anecdotes about failed computer projects. One of their stories titled “Remotely Incompetent” concerns someone who breaks networking on a server and is then granted administrative access to someone else’s server by the Data Center staff !
In one of the discussions […]