Language Selection

English French German Italian Portuguese Spanish

Becoming a "Linux Security Artist"

Filed under
Security

After forty years in the commercial computing business, the one idea that has been drilled into me by security professionals is the fact that there is no such thing as a secure computer system, only levels of insecurity. Therefore the cost of keeping the information and system secure has to be balanced with the cost of losing that information or system, or having it damaged. Unfortunately the speed and availability of the Internet combined with the low cost of very powerful computers and network services have made the cost of “cracking” go down and the cost of “securing” go up.

The most important thing in a secure system is to have a good security policy. Without that, you are lost and will wander ineffectively. Therefore you have to give thought as to who will be able to do what, whether those limitations are discretionary or mandatory and how you will implement and enforce those policies. A good example of not having a good policy is the company that forces all of their employees to have long, complicated passwords that change once a week, but tolerate people writing their passwords on sticky notes and pasting it on their LCD panels “because they can not remember the passwords.”

The next most important things are a good set of security tools and people trained to deploy them and monitor their output.




More in Tux Machines

Fedora 25 Review: A Stable Release, But Slightly Slow to Boot (on rotational disks)

If you have a rotational disk, then Fedora 25 will be a little slow to boot and there is nothing you or I can do to fix it. But if you have an SSD, then you shall have no issues here. Other than that, I’m quite pleased with this release actually. Sure the responsiveness sucked the first time on, but as mentioned, it can be fixed, permanently. And the stability is also excellent. While I’m not a huge fan of the GNOMEShell (I think it’s stupid!), the ‘Classic’ session is also available, nonetheless. If you fancy giving it a go, then get it from here, but first make sure to read the release notes. Read more

KDE Leftovers

Parental Controls for Linux Unleashed

For years, one of the overlooked areas for the Linux desktop was access to “effective” parental controls. Back in 2003, I remember the now defunct Linspire (then known as Lindows) offered a proprietary option called SurfSafe. Surprisingly, at least back then, the product worked very well in providing accurate content filtering capabilities; something that was not,in fact, available and easy-to-use at that time. Years later, an open-source alternative was released to the greater Linux community known as GNOME Nanny. Fantastic in terms of usage control, its web content web filter was laughably terrible. As expected, crowd-sourcing a filtering list isn’t a great solution. And like SurfSafe, the project is now defunct. Read more

Chapeau 24 Cancellara - Same same but different

Fedora plus Moka icons plus some extra software, mainly coming from proprietary sources. I guess that's the best way to describe Chapeau. But then, what separates one distro from another if not a collection of decorations, as software is essentially the same, apart from a very small number of standalone distributions trying to develop their own identity with their own desktop environments and app stack, re: elementary or Solus + Budgie? Except they struggle, too. Chapeau 24 is a nice effort to make Fedora friendlier, but then it does not achieve the needed result without pain. The biggest issues included a botched smartphone support. Samba woes and the horrible bootloader bug. Other than that, it behaved more or less the same way as the parent distro. Then again, why bother if you can pimp up Fedora without any loss of functionality? I do like Chapeau Cancellara, but I cannot ignore the fact Fedora does the same with fewer problems. All in all, it's a welcome effort, but it needs more polish. It does not quite capture the heart the way Fuduntu did. And with some issues looming high above the distro, the grade can only be about 6/10. Most importantly, the bootloader setup must be flawless, and there's not excuse for small app errors that we've seen. We know it can do more. Anyhow, if you're not keen on any self-service round Fedora, this could be a good test bed for your games. A moderately worthy if somewhat risky and flawed experience. Read more