From the Editor: January 2005 - Security on the Go
It's time to question some security assumptions. Regular users' systems are always on an internal network with a firewall between them and the Internet. The only hosts reachable from the outside are a few bastion hosts. Bastion hosts run a strictly limited set of software, and only sysadmins have accounts on them. Computer security depends on physical security, because anyone who breaks into the server room can boot the server from a rescue disk and have his or her way with the files.
Meanwhile, in the real world, you have a copy of the project you're working on and a bunch of confidential e-mail on your laptop, and you're drinking La Minita at Dana Street Roasting Company while you peruse your project's Request Tracker and hold a Jabber meeting with people in three countries.
Public wireless cafés are a lot of great things, but secure corporate networks they're not. Because more and more companies would rather pay for laptops and drop-in office space than cubicles and desktops for all, you can wave bye-bye to the neat security chart with a bunch of stuff between the user and the menacing Internet Cloud.
Linux distributions are starting to offer good support for some encrypted partitions, which do the attacker no good without the key. Mike Petullo takes the process to its logical extreme and encrypts the root filesystem, which means you can encrypt everything (page 62).
The less we trust the network, the more we need encrypted e-mail. At Linux Journal, we rolled out GNU Privacy Guard (GPG) for everyone. Encrypted mail isn't the tweaky mess it used to be, now that the common mailers are integrating GPG support. Find out how to make secure mail a part of your work life in Roy Hoobler's article on page 52.
Now that everyone is outside all the time, the problem of removing unneeded software and keeping packages up to date is even more critical. Fortunately, many of the Linux distributions offer easy tools for installing new versions. Jeremy Turner shows off some screenshots on page 46. Meanwhile, we're still experimenting with SELinux, which could lock down even insecure versions of software to contain attacks. James Morris gives us a peek at the SELinux future on page 56.
The new mobile way of working isn't only a burden for sysadmins. Users often prefer to escape from cubicle-land. Why not make your company's Linux migration a productivity and multimedia treat, not a retraining chore? Just as Lincoln Durey's “Dear Laptop Vendor” was going to press in the fall of 2004, HP made the bold move of offering Linux preinstalled on a full-featured notebook computer. We had one at Linux Journal to try out, and yes, we're impressed. Get the details, including the results of a support call, on page 74.
Have fun keeping your systems secure for the real world, and if you see me editing the next issue at a coffeehouse, come over and say hi.
Don Marti is editor in chief of Linux Journal.
Practical Task Scheduling Deployment
One of the best things about the UNIX environment (aside from being stable and efficient) is the vast array of software tools available to help you do your job. Traditionally, a UNIX tool does only one thing, but does that one thing very well. For example, grep is very easy to use and can search vast amounts of data quickly. The find tool can find a particular file or files based on all kinds of criteria. It's pretty easy to string these tools together to build even more powerful tools, such as a tool that finds all of the .log files in the /home directory and searches each one for a particular entry. This erector-set mentality allows UNIX system administrators to seem to always have the right tool for the job.
Cron traditionally has been considered another such a tool for job scheduling, but is it enough? This webinar considers that very question. The first part builds on a previous Geek Guide, Beyond Cron, and briefly describes how to know when it might be time to consider upgrading your job scheduling infrastructure. The second part presents an actual planning and implementation framework.
Join Linux Journal's Mike Diehl and Pat Cameron of Help Systems.
Free to Linux Journal readers.View Now!
|The Firebird Project's Firebird Relational Database||Jul 29, 2016|
|Stunnel Security for Oracle||Jul 28, 2016|
|SUSE LLC's SUSE Manager||Jul 21, 2016|
|My +1 Sword of Productivity||Jul 20, 2016|
|Non-Linux FOSS: Caffeine!||Jul 19, 2016|
|Murat Yener and Onur Dundar's Expert Android Studio (Wrox)||Jul 18, 2016|
- Stunnel Security for Oracle
- The Firebird Project's Firebird Relational Database
- Murat Yener and Onur Dundar's Expert Android Studio (Wrox)
- SUSE LLC's SUSE Manager
- Managing Linux Using Puppet
- My +1 Sword of Productivity
- Non-Linux FOSS: Caffeine!
- Google's SwiftShader Released
- SuperTuxKart 0.9.2 Released
- Doing for User Space What We Did for Kernel Space
With all the industry talk about the benefits of Linux on Power and all the performance advantages offered by its open architecture, you may be considering a move in that direction. If you are thinking about analytics, big data and cloud computing, you would be right to evaluate Power. The idea of using commodity x86 hardware and replacing it every three years is an outdated cost model. It doesn’t consider the total cost of ownership, and it doesn’t consider the advantage of real processing power, high-availability and multithreading like a demon.
This ebook takes a look at some of the practical applications of the Linux on Power platform and ways you might bring all the performance power of this open architecture to bear for your organization. There are no smoke and mirrors here—just hard, cold, empirical evidence provided by independent sources. I also consider some innovative ways Linux on Power will be used in the future.Get the Guide