Language Selection

English French German Italian Portuguese Spanish

Becoming a "Linux Security Artist"

Filed under
Security

After forty years in the commercial computing business, the one idea that has been drilled into me by security professionals is the fact that there is no such thing as a secure computer system, only levels of insecurity. Therefore the cost of keeping the information and system secure has to be balanced with the cost of losing that information or system, or having it damaged. Unfortunately the speed and availability of the Internet combined with the low cost of very powerful computers and network services have made the cost of “cracking” go down and the cost of “securing” go up.

The most important thing in a secure system is to have a good security policy. Without that, you are lost and will wander ineffectively. Therefore you have to give thought as to who will be able to do what, whether those limitations are discretionary or mandatory and how you will implement and enforce those policies. A good example of not having a good policy is the company that forces all of their employees to have long, complicated passwords that change once a week, but tolerate people writing their passwords on sticky notes and pasting it on their LCD panels “because they can not remember the passwords.”

The next most important things are a good set of security tools and people trained to deploy them and monitor their output.




More in Tux Machines

today's leftovers

F2FS Tools Gain FSCK Support

The F2FS Tools v1.4.0 release introduces fsck.f2fs for fixing corrupted images/partitions for Samsung's Flash-Friendly File-System. There's also now dump.f2fs for retrieving a specific file. Additionally, the f2fs-tools 1.4 update also has bug-fixes for the stat and fibmap utilities. Last but not least is some code refactoring for the Android build. The release was mentioned today on the kernel mailing list by Samsung's Jaegeuk Kim. Read more

xorg-server 1.16.1

xorg-server 1.16.1 is now available. A single fix since Monday's 1.16.0.901, to address an issue when building Xwayland from the tarball. Julien Cristau (2): xwayland: always include drm.xml in tarballs Bump to 1.16.1 git tag: xorg-server-1.16.1 Read more

Geary Email Client Receives Major Overhaul and New Features

Geary, a lightweight email program designed around conversations and built for the GNOME desktop by the Yorba software group, has reached version 0.8 and it comes with a ton of new features. Read more