DNSSECDNSSEC
reason=”verification failed; insecure key” I’ve recently noticed OpenDKIM on systems I run giving the above message when trying to verify a DKIM message from my own domain. According to Google[...]
Category: Security
Fixing Strange Directory Write AccessFixing Strange Directory Write Access
type=AVC msg=audit(1403622580.061:96): avc: denied { write } for pid=1331 comm="mysqld_safe" name="/" dev="dm-0" ino=256 scontext=system_u:system_r:mysqld_safe_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir type=SYSCALL msg=audit(1403622580.061:96): arch=c000003e syscall=269 success=yes exit=0 a0=ffffffffffffff9c a1=7f5e09bfe798 a2=2 a3=2 items=0 ppid=1109 pid=1331 auid=4294967295[...]
Replacement Credit Cards and Bank FailingsReplacement Credit Cards and Bank Failings
I just read an interesting article by Brian Krebs about the difficulty in replacing credit cards [1]. The main reason that credit cards need to be replaced is that they[...]
Fingerprints and AuthenticationFingerprints and Authentication
Dustin Kirkland wrote an interesting post about fingerprint authentication [1]. He suggests using fingerprints for identifying users (NOT authentication) and gives an example of a married couple sharing a tablet[...]
Dr Suelette Dreyfus LCA KeynoteDr Suelette Dreyfus LCA Keynote
Dr Suelette Dreyfus gave an interesting LCA keynote speech on Monday (it’s online now for people who aren’t attending LCA [1]). One of the interesting points she made was regarding[...]
Security is ImpossibleSecurity is Impossible
The Scope of the Problem Security is inherently complex because of the large number of ways of circumventing it. For example Internet facing servers have been successfully attacked based on[...]
SE Linux Things To DoSE Linux Things To Do
At the end of my talk on Monday about the status of SE Linux [1] I described some of the things that I want to do with SE Linux in[...]
My SE Linux Status Report – LCA 2013My SE Linux Status Report – LCA 2013
This morning I gave a status report on SE Linux. The talk initially didn’t go too well, I wasn’t in the right mental state for it and I moved through[...]
Finding an ATM SkimmerFinding an ATM Skimmer
A member of SAGE-AU [1] found two ATM skimmers [2] and gave me permission to publish his description and analysis of the situation. I’ve lightly edited this from a mailing[...]
New SE Linux Policy for WheezyNew SE Linux Policy for Wheezy
I’ve just uploaded a new SE Linux policy for Debian/Wheezy. It now works correctly with systemd and Chromium, two significant features that I wanted for Wheezy. Now it turns out[...]