Archive for the ‘LINKS’ Category.
Microsoft Monoculture is a [national] security risk
Geer, Bace, Gutmann, Metzger, Pfleeger, Quarterman, Schneier:
CyberInsecurity: The Cost of Monopoly (PDF)
[via
CCIA
(Computer & Communications Industry Association, advocating
“open markets, open systems,
open networks, and full, fair, and open competition”)]
Note:
Author Dan Geer got fired by @Stake for publishing this report.
Java is the SUV of programming tools
OK, everybody in the world is linking to it, so this isn’t new, but it’s a provocative note: Philip Greenspun’s Weblog: Java is the SUV of programming tools.
Make sure you
read the comments.
Spammers use hotels to send e-mail
Spammers use Ottawa hotels to send e-mail:
A handful of hotels in the Ottawa area have unwittingly become the instruments of e-mail spammers, who use the hotels’ high-speed Internet access services to send unsolicited electronic mail touting products and services.
[via
Techdirt]
Wi-Fi Flapping in the breeze
I don’t think most people understand the implications of running wireless networks. While sitting here in Starbucks, I have access to the shares on the CVS pharmacy file server next door containing their POS system, prescription system, and a database server containing who knows what. I also have access to ten workstation on the network who are sharing the c-drives. I probably even have access back into their corporate network…
This is a perfect example of how, as things are becoming more open, individuals can keep up and protect themselves while organizations languish in the wake.
IRS patches 5000 servers and 125000 workstations
IRS Blasts Worm With Autonomic Software: Basically an ad for Tivoli Software Distribution, Remote Control, and Enterprise Console
Bear: An Open-Source Virtual Secure Coprocessor based on TCPA
MacDonald, Smith, Marchesini, Wild (Dartmouth):
Bear: An Open-Source Virtual Secure Coprocessor based on TCPA:
This paper reports on our ongoing project to use TCPA to transform a desktop Linux machine into a virtual secure coprocessor: more powerful but less secure than higher-end devices. We use TCPA hardware and modified boot loaders to protect fairly static components, such as a trusted kernel; we use an enforcer module—configured as Linux Security Module—to protected more dynamic system components; we use an encrypted loopback filesystem to protect highly dynamic components.
