classic security mistakeclassic security mistake
One of the most obvious (and yet most common) computer security mistakes is to take input from an untrusted (and potentially hostile) source. A classic example of this is in[...]
Category: Security
ps and securityps and security
A post by Scott James Remnant describes how to hide command-line options from PS output. It’s handy to know that but that post made one significant implication that I strongly[...]
core filescore files
The issue of core file management has come up for discussion again in the SE Linux list. I believe that there are two essential security requirements for managing core files,[...]
more about vista securitymore about vista security
While reading the discussion of Vista security on Bruce Schneier’s blog it occurred to me that comparing the issues of DRM that face MS with the issues faced by SE[...]
DOSing Windows VistaDOSing Windows Vista
Chris Samual writes a good summary of Peter Gutmann’s analysis of the cost of Vista (in terms of DRM). The following paragraph in the article however seemed more interesting to[...]
installing Debian Etchinstalling Debian Etch
A few days ago I installed Debian/Etch on my Thinkpad. One of the reasons for converting from Fedora to Debian is that I need to run Xen and Fedora doesn’t[...]
encryption speed – Debian vs Fedoraencryption speed – Debian vs Fedora
I’m in the process of converting my Fedora/rawhide laptop to Debian. On Fedora the AES encrypted filesystems deliver about 38MB/s read speed according to dd. On Debian the speed is[...]
some questions about disk encryptionsome questions about disk encryption
On a mailing list some questions were asked about disk encryption, I decided to blog the answer for the benefit of others: What type of encryption would be the strongest?[...]
Debian SE Linux policy bugDebian SE Linux policy bug
checkmodule -m -o local.mod local.te semodule_package -o local.pp -m local.mod semodule -u local.pp Save the following policy as local.te and then run the above commands to make semodule work correctly[...]
SE Linux on Debian in 5 minutesSE Linux on Debian in 5 minutes
Following from my 5 minute OSDC talk yesterday on 5 security improvements needed in Linux distributions I gave a 5 minute talk on installing SE Linux on Debian etch. To[...]