Language Selection

English French German Italian Portuguese Spanish

Becoming a "Linux Security Artist"

Filed under
Security

After forty years in the commercial computing business, the one idea that has been drilled into me by security professionals is the fact that there is no such thing as a secure computer system, only levels of insecurity. Therefore the cost of keeping the information and system secure has to be balanced with the cost of losing that information or system, or having it damaged. Unfortunately the speed and availability of the Internet combined with the low cost of very powerful computers and network services have made the cost of “cracking” go down and the cost of “securing” go up.

The most important thing in a secure system is to have a good security policy. Without that, you are lost and will wander ineffectively. Therefore you have to give thought as to who will be able to do what, whether those limitations are discretionary or mandatory and how you will implement and enforce those policies. A good example of not having a good policy is the company that forces all of their employees to have long, complicated passwords that change once a week, but tolerate people writing their passwords on sticky notes and pasting it on their LCD panels “because they can not remember the passwords.”

The next most important things are a good set of security tools and people trained to deploy them and monitor their output.




More in Tux Machines

Ubuntu 15.10 to Be Called Wily Werewolf

Mark Shuttleworth has just announced the name of the Ubuntu 15.10, the next iteration of the Linux distribution from Canonical, and it's Wily Werewolf. The founder of Canonical used to make these announcements on this personal blog, but he has chosen the Ubuntu Online Summit keynote to make this one. What's interesting about this particular name is the fact that it makes a full circle (almost) to the first Ubuntu release Ubuntu 4.10 (Warty Warthog), that dates back to October 2004. Read more Also: Mark Shuttleworth Promises Ubuntu Phone that Turns into PC This Year

Knoppix Topics: An interview with Linux pioneer Klaus Knopper

At this year’s CeBIT trade show in Hanover, Germany, Christopher von Eitzen sat down with Linux legend Klaus Knopper to discuss his popular Knoppix Linux distribution as well as Linux and accessibility in open source software. Designed to boot and run directly from a CD, DVD or USB flash drive without needing to be installed on a computer’s hard drive, Knoppix incorporates automatic hardware detection with support for a wide range of video and sound cards, USB devices and other peripherals and uses and on-the-fly decompression to run entirely in a computer’s memory. The CD version carries up to 2GB of executable software, while the single-layer DVD edition stores up to 10GB of data. The operating system can be used, for example, as a rescue system, to demonstrate Linux, as an educational CD, or installed directly to a system. Read more

LibreOffice 4.4.3 RC2 Is Out, Stable Version Should Arrive Very Soon

The Document Foundation has just announced that the second RC (Release Candidate) for the LibreOffice 4.4.3 branch has been released and is now available for download and testing. Read more