Loading
From the Editor: January 2005 - Security on the Go
Now that work is just a verb, not a place, are all your security assumptions wrong?
It's time to question some security assumptions. Regular users' systems are always on an internal network with a firewall between them and the Internet. The only hosts reachable from the outside are a few bastion hosts. Bastion hosts run a strictly limited set of software, and only sysadmins have accounts on them. Computer security depends on physical security, because anyone who breaks into the server room can boot the server from a rescue disk and have his or her way with the files.
Meanwhile, in the real world, you have a copy of the project you're working on and a bunch of confidential e-mail on your laptop, and you're drinking La Minita at Dana Street Roasting Company while you peruse your project's Request Tracker and hold a Jabber meeting with people in three countries.
Public wireless cafés are a lot of great things, but secure corporate networks they're not. Because more and more companies would rather pay for laptops and drop-in office space than cubicles and desktops for all, you can wave bye-bye to the neat security chart with a bunch of stuff between the user and the menacing Internet Cloud.
Linux distributions are starting to offer good support for some encrypted partitions, which do the attacker no good without the key. Mike Petullo takes the process to its logical extreme and encrypts the root filesystem, which means you can encrypt everything (page 62).
The less we trust the network, the more we need encrypted e-mail. At Linux Journal, we rolled out GNU Privacy Guard (GPG) for everyone. Encrypted mail isn't the tweaky mess it used to be, now that the common mailers are integrating GPG support. Find out how to make secure mail a part of your work life in Roy Hoobler's article on page 52.
Now that everyone is outside all the time, the problem of removing unneeded software and keeping packages up to date is even more critical. Fortunately, many of the Linux distributions offer easy tools for installing new versions. Jeremy Turner shows off some screenshots on page 46. Meanwhile, we're still experimenting with SELinux, which could lock down even insecure versions of software to contain attacks. James Morris gives us a peek at the SELinux future on page 56.
The new mobile way of working isn't only a burden for sysadmins. Users often prefer to escape from cubicle-land. Why not make your company's Linux migration a productivity and multimedia treat, not a retraining chore? Just as Lincoln Durey's “Dear Laptop Vendor” was going to press in the fall of 2004, HP made the bold move of offering Linux preinstalled on a full-featured notebook computer. We had one at Linux Journal to try out, and yes, we're impressed. Get the details, including the results of a support call, on page 74.
Have fun keeping your systems secure for the real world, and if you see me editing the next issue at a coffeehouse, come over and say hi.
______________________
Webcast
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Sponsored by AMD
White Paper
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy
Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6
Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.
Learn more about catching the bad guy in this free white paper.
Sponsored by DLT Solutions
- RSS Feeds
- Making Linux and Android Get Along (It's Not as Hard as It Sounds)
- Using Salt Stack and Vagrant for Drupal Development
- Dynamic DNS—an Object Lesson in Problem Solving
- New Products
- Validate an E-Mail Address with PHP, the Right Way
- Drupal Is a Framework: Why Everyone Needs to Understand This
- A Topic for Discussion - Open Source Feature-Richness?
- Download the Free Red Hat White Paper "Using an Open Source Framework to Catch the Bad Guy"
- Tech Tip: Really Simple HTTP Server with Python
- myip
38 min 2 sec ago - Keeping track of IP address
2 hours 29 min ago - Roll your own dynamic dns
7 hours 42 min ago - Please correct the URL for Salt Stack's web site
10 hours 53 min ago - Android is Linux -- why no better inter-operation
13 hours 9 min ago - Connecting Android device to desktop Linux via USB
13 hours 37 min ago - Find new cell phone and tablet pc
14 hours 35 min ago - Epistle
16 hours 4 min ago - Automatically updating Guest Additions
17 hours 13 min ago - I like your topic on android
17 hours 59 min ago
Enter to Win an Adafruit Pi Cobbler Breakout Kit for Raspberry Pi
It's Raspberry Pi month at Linux Journal. Each week in May, Adafruit will be giving away a Pi-related prize to a lucky, randomly drawn LJ reader. Winners will be announced weekly.
Fill out the fields below to enter to win this week's prize-- a Pi Cobbler Breakout Kit for Raspberry Pi.
Congratulations to our winners so far:
- 5-8-13, Pi Starter Pack: Jack Davis
- 5-15-13, Pi Model B 512MB RAM: Patrick Dunn
- 5-21-13, Prototyping Pi Plate Kit: Philip Kirby
- Next winner announced on 5-27-13!
Free Webinar: Hadoop
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Some of key questions to be discussed are:
- What is the “typical” Hadoop cluster and what should be installed on the different machine types?
- Why should you consider the typical workload patterns when making your hardware decisions?
- Are all microservers created equal for Hadoop deployments?
- How do I plan for expansion if I require more compute, memory, storage or networking?
Developer Poll
Comments
HP drops Linux laptop - no replacement
I asked HP whether there was a replacement laptop with Suse Linux preinstalled - there isnt. All a bit strange considering the news coverage (and the reviews on numerous sites, including your own)
From: hpuk&i AT hp DOTcom
Thank you for your pre-sales enquiry to HP.
There is no replacement for the nx5000. There are no other notebooks with Suse Linux installed.
Available in the USA
The US order form is still showing the nx5000 with Linux. There are two instances of "HP recommends Microsoft® Windows® XP Professional" on the form, but that's just so they can keep getting the co-op marketing money from MSFT.
HP Linux laptop no longer sold?
"Just as Lincoln Durey's "Dear Laptop Vendor" was going to press in the fall of 2004, HP made the bold move of offering Linux preinstalled on a full-featured notebook computer. We had one at Linux Journal to try out, and yes, we're impressed. Get the details, including the results of a support call, on page 74."
i've just got word from HP in the UK that the HP nx5000 with Linux preinstalled has been discontinued. Maybe you'd like to follow that one up with HP.