Language Selection

English French German Italian Portuguese Spanish

SCAP: computer security for the rest of us

Filed under
Security

I'm setting up a new computer. I get through the registration screens, install my software, change my wallpaper, and everything's working fine. I'm left, though, with a lingering, uneasy feeling: I don't know if this machine is secure. I'm a computer guy, so I know how to set up strong passwords and firewalls, but I'm still not sure if I've done everything right. I turn to my vendor, who has hopefully published a hardening guide. If I'm very enthusiastic, I might even follow the NSA's Security and Network Analysis Center Guides. If I do any of these things, I'm already being more diligent that 95% of users out there. And that's a problem.

Personal Responsibility and Its Sworn Enemy, "I have something better to do."

Software vendors makes users responsible for secure configurations. They have to. If Red Hat shipped with every recommended security configuration change already in place, users would mutiny. They'd resent all the additional work required to make their system useful. Choosing default configurations that are secure enough, but not so secure that they annoy users is a delicate balance, and vendors will never get it exactly right. So the responsibility falls to the users.

Unless the user is very security-conscious, they're not going to do anything with that responsibility.

rest here




More in Tux Machines

FATHOM releases Crystallon

  • FATHOM releases Crystallon, an open-source software for lattice-based design
    Lattice structures are integral to 3D printed designs, and Aaron Porterfield, an industrial designer at additive manufacturing service bureau FATHOM, has developed Crystallon, an open source project for shaping them into structures.
  • FATHOM Introduces Open Source Software Project for Generating 3D Lattice Structures
    California-based FATHOM, which expanded its on-site managed services and announced important partnerships with Stratasys and Desktop Metal last year, is introducing a fascinating new open source project called Crystallon, which uses Rhino and Grasshopper3D to create lattice structures. FATHOM industrial designer Aaron Porterfield, also an Instructables member, developed the project as an alternative to designing lattices with commercially available software. He joined the company’s design and engineering team three years ago, and is often a featured speaker for its Design for Additive Manufacturing (DfAM) Training Program – and as the project developer, who better to explain the Crystallon project?

Kernel and Graphics: Machine Learning, Mesa, Wayland/Mir, AMDGPU

  • AI-Powered / Machine Learning Linux Performance Tuning Is Now A Thing
    A year and a half ago I wrote about a start-up working on dynamically-tuned, self-optimizing Linux servers. That company is now known as Concertio and they just launched their "AI powered" toolkit for IT administrators and performance engineers to optimize their server performance. Concertio Optimizer Studio is their product making use of machine learning that aims to optimize Linux systems with Intel CPUs for peak performance by scoping out the impact of hundreds of different tunables for trying to deliver an optimal configuration package for that workload on that hardware.
  • Pengutronix Gets Open-Source 3D Working On MX8M/GC7000 Hardware
    We've known that Pengutronix developers had been working on i.MX8M / GC7000 graphics support within their Etnaviv open-source driver stack from initial patches posted in January. Those patches back at the start of the year were for the DRM kernel driver, but it turns out they have already got basic 3D acceleration working.
  • SDL Now Disables Mir By Default In Favor Of Wayland Compatibility
    With Mir focusing on Wayland compatibility now, toolkits and other software making direct use of Mir's APIs can begin making use of any existing Wayland back-end instead. GTK4 drops the Mir back-end since the same can be achieved with the Wayland compatibility and now SDL is now making a similar move.
  • Mesa 18.1 Receives OpenGL 3.1 With ARB_compatibility For Gallium3D Drivers
    Going back to last October, Marek of AMD's open-source driver team has been working on ARB_compatibility support for Mesa with a focus on RadeonSI/Gallium3D. Today that work was finally merged. The ARB_compatibility support allows use of deprecated/removed features of OpenGL by newer versions of the specification. ARB_compatibility is particularly useful for OpenGL workstation users where there are many applications notorious for relying upon compatibility contexts / deprecated GL functionality. But ARB_compatibility is also used by a handful of Linux games too.
  • AMDGPU In Linux 4.17 Exposes WattMan Features, GPU Voltage/Power Via Hwmon
    AMD's Alex Deucher today sent in the first pull request to DRM-Next of AMDGPU (and Radeon) DRM driver feature material that will in turn be merged with the Linux 4.17 kernel down the road. There's some fun features for AMDGPU users coming with this next kernel! First up, Linux is finally getting some WattMan-like functionality after it's been available via the Windows Radeon Software driver since 2016. WattMan allows for more fine-tuning of GPU clocks, voltages, and more for trying to maximize the power efficiency. See the aforelinked article for details but currently without any GUI panel for tweaking all of the driver tunables, this WattMan-like support needs to be toggled from the command-line.

Wine and Ganes: World of Warcraft, Farm Together, Madcap Castle, Cityglitch

Security Leftovers