Language Selection

English French German Italian Portuguese Spanish

SCAP: computer security for the rest of us

Filed under
Security

I'm setting up a new computer. I get through the registration screens, install my software, change my wallpaper, and everything's working fine. I'm left, though, with a lingering, uneasy feeling: I don't know if this machine is secure. I'm a computer guy, so I know how to set up strong passwords and firewalls, but I'm still not sure if I've done everything right. I turn to my vendor, who has hopefully published a hardening guide. If I'm very enthusiastic, I might even follow the NSA's Security and Network Analysis Center Guides. If I do any of these things, I'm already being more diligent that 95% of users out there. And that's a problem.

Personal Responsibility and Its Sworn Enemy, "I have something better to do."

Software vendors makes users responsible for secure configurations. They have to. If Red Hat shipped with every recommended security configuration change already in place, users would mutiny. They'd resent all the additional work required to make their system useful. Choosing default configurations that are secure enough, but not so secure that they annoy users is a delicate balance, and vendors will never get it exactly right. So the responsibility falls to the users.

Unless the user is very security-conscious, they're not going to do anything with that responsibility.

rest here




More in Tux Machines

5 Raspberry Pi Alternatives to Build Your Own Small Computer

A single board computer (SBC) is a complete computer built on a single circuit board. These tiny PCs were designed to be low cost and energy efficient. As such, SBCs proved to be popular with hobbyists, DIY enthusiasts and educational institutions. Upon the release of the Raspberry Pi, SBCs gained far greater attention. The Raspberry Pi was initially designed to teach basic computer science. The first-generation Raspberry Pi was released in 2012 and quickly surpassed expectations. It has since gone on to become the best-selling British computer of all time with over eleven million units sold. Despite its popularity, the Raspberry Pi family of computers are not the only SBCs on the market. In fact there are a number of manufacturers making SBCs at lower price points and with more powerful hardware. If you’re looking for a Raspberry Pi alternative, consider the SBCs below. Read more

Top Linux Distros for Media Creation

I find it interesting how many existing Linux users don't realize there are specialized distributions just for media creation. These distributions come with a bundle of special media-centric applications, a real-time kernel and other tweaks provided by default. This article will provide a tour of these top Linux distros for media creation. I'm confident that even if you've heard of some of these distros, you might not be aware of what makes them unique when compared to a standard desktop Linux distribution. Read more

Portable Android SDR player supports DRM and DAB

Titus SDR’s Android-based “Titus II” Software Defined Radio receiver has a 7-inch touchscreen, a WiFi hotspot, and support for FM, AM, DRM, DAB, and DAB+. Titus SDR is prepping an Android-based wideband digital RF receiver with Software Defined Radio (SDR) capabilities and a hi-fi amplifier. Built around a 7-inch Android tablet, the portable, battery-powered Titus II is billed as the world’s first consumer SDR digital receiver, “bringing true multi-standard radio reception with DRM (AM & VHF bands), DAB(+) and core data applications.” Read more

Programming: OpenJ9, SCons, and Adafruit NeoPixel Stick

  • Some Early Tests Of The Eclipse OpenJ9 Java Virtual Machine
    With IBM's newly open-sourced J9 Java Virtual Machine as the Eclipse OpenJ9, I've run some quick benchmarks to get an idea how its performance is comparing to the de facto Java Virtual Machine, Hotspot.
  • SCons 3.0 Released
    For those that haven't jumped fully on the Meson build system bandwagon, the SCons 3.0 software construction utility is now available.
  • Small Glowing Thing
    Quite a while ago I obtained an Adafruit NeoPixel Stick. It was cheap enough to be an impulse buy but it took me some time to get around to actually doing something with it. I’ve been wanting to play a little more with the ATtiny range of microcontrollers so these things seemed to go together nicely. It turns out that getting an ATtiny programmed is actually rather simple using an Arduino as an ISP programmer. I’ve written up some notes on the procedure at the 57North Hacklab wiki.