Loading
January 2013 Issue of Linux Journal: Security
Sticky Note of Doom
Years ago, I had the brilliant idea that all my users in the finance department should have complex passwords. This made perfect sense to everyone, since dealing with millions of dollars of revenue is something that should be secured. So, the passwords were changed with complexity requirements enforced. I slept better that night knowing our paychecks were no longer secured by passwords like "mustang" or "mrwhiskers".
I came in the next day only to find very complex passwords written on sticky notes and affixed to everyone's monitors. Security software is no match for a Sharpie marker and a Post-It. It was a lesson well learned. This month is our Security issue, and although we don't have an answer to the Sticky Notes of Doom, we do have some great articles on Linux-related security.
Reuven M. Lerner starts off the issue with an interesting column on real-time messaging over the Web. Back in the days when every user was in a terminal window, a quick wall command would send everyone a message. Reuven describes a similar concept, but with Web users. Dave Taylor follows up not with Web programming, but with game programming. Using his talent for making learning fun, Dave shows how to write a script to play Cribbage.
Kyle Rankin returns to his PXE magic from a couple years back and explains how to leverage the network bootloader not only to install operating systems, but also to boot them directly. If you've ever been intimidated by PXE menus, or if you thought PXE was too limited, you'll want to read Kyle's column. It's a great followup to his last piece on the topic, and it showcases just how flexible PXE can be.
I joined the security bandwagon this issue and decided to talk about passwords. If you (or a "friend") use the same password for every Web site, or if you use your pet's name to secure your credit-card statements, you really need to read my column this month. Whether it's to pick up some hints on password creation or just get some pointers for convincing others to use good passwords, I hope you'll find my tips helpful.
If you're fascinated by data encryption, Joe Hendrix's article on Elliptic Curve Cryptography is more than just an interesting read. Joe not only shows how to implement this method, but also how to use it in real life with OpenSSH. With most encryption methods, people just keep making a bigger and bigger encryption key to improve security. Elliptic Curve Cryptography offers more security and smaller key sizes. When it comes to passwords, encryption is great, but even better is to destroy the password completely after using it. Todd A. Jacobs teaches how to configure one-time passwords on your servers. If you're working from an open Wi-Fi hotspot, a one-time password is a way to make sure you're safe even if your password is hijacked.
Speaking of Wi-Fi, Marcin Teodorczyk has a fun article on setting up a Wi-Fi honeypot. If you want to have fun with your neighbors, or if you're just curious about what people do to an open access point, Marcin shows you what to do. If you live near a place people tend to gather, your results should astound!
We've also got lots of other goodies for you this month. Mike Diehl discusses how to create smartphone apps with Phonegap. Joey Bernard takes a great look at Gnuplot. Our New Products section features a mention of Kyle Rankin's new book, and our Upfront section has useful tips to inform and entertain. So, in honor of the Security issue, maybe take this opportunity to remove sticky notes from monitors and challenge people to change their passwords to something other than their dogs' names. This was a fun issue for us, and we hope the same will be true for you!
Available to Subscribers: January 1
______________________
Shawn Powers is an Associate Editor for Linux Journal. You might find him chatting on the IRC channel, or Twitter
White Paper
Fabric-Based Computing Enables Optimized Hyperscale Data Centers
Today’s modular x86 servers are compute-centric, designed as a least common denominator to support a wide range of IT workloads. Those generic, virtualized IT workloads have much different resource optimization requirements than hyperscale and cloud applications. They have resulted in a “one size fits all” enterprise IT architecture that is not optimized for a specific set of IT workloads, and especially not emerging hyperscale workloads, such as web applications, big data, and object storage. In this report, you will learn how shifting the focus from traditional compute-centric IT architectures to an innovative disaggregated fabric-based architecture can optimize and scale your data center.
Sponsored by AMD
White Paper
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy
Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6
Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.
Learn more about catching the bad guy in this free white paper.
Sponsored by DLT Solutions
- New Products
- Making Linux and Android Get Along (It's Not as Hard as It Sounds)
- Drupal Is a Framework: Why Everyone Needs to Understand This
- A Topic for Discussion - Open Source Feature-Richness?
- Home, My Backup Data Center
- RSS Feeds
- Trying to Tame the Tablet
- New Products
- What's the tweeting protocol?
- Dart: a New Web Programming Experience
- Hey God - You may not be
2 hours 15 min ago - Reply to comment | Linux Journal
4 hours 48 min ago - Drupal is an Awesome CMS and a Crappy development framework
9 hours 27 min ago - IT industry leaders
11 hours 49 min ago - Reply to comment | Linux Journal
1 day 4 hours ago - Reply to comment | Linux Journal
1 day 7 hours ago - Reply to comment | Linux Journal
1 day 8 hours ago - great post
1 day 9 hours ago - Google Docs
1 day 9 hours ago - Reply to comment | Linux Journal
1 day 14 hours ago
Free Webinar: Linux Backup and Recovery
Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.
In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.
Comments
journal for 2013
I would suggest please come to this site and take the chance from suplementos importados
I like the job over here it
I like the job over here it is interesting to share wonderful comments for your creative topic.Graduation essay
I found this is an
I found this is an informative and interesting post so i think so it is very useful and knowledgeable. I would like to thank you for the efforts you have made in writing this article. Free tenancy agreement template
http://www.hairwigs.de/
http://www.hairwigs.de/
When you have nice post then
When you have nice post then content helps you with latest information. here it is the same situation, i have new tips to reduce your fat in most quick way.
write my research paper
I have found your post to be
I have found your post to be very rousing and full of good information.We are really grateful for your blog post. You will find a lot of approaches after visiting your post. ffxi gold
We've also got lots of other
We've also got lots of other goodies for you this month. Mike Diehl discusses how to create e-papierosy smartphone apps with Phonegap. Joey Bernard takes a great look at Gnuplot. Our New Products section features a mention of Kyle Rankin's new book, and our Upfront section has useful tips to e-papierosy inform and entertain. So, in honor of the Security issue, maybe take this opportunity to remove sticky notes from monitors and challenge people to change their passwords to something other than their dogs' names. This was a fun issue for us, and we hope the same will be true for you!
2013 issue
Many web developers use user agent switchers to address this issue
linux jornal
Due to the multifarious nature of the mobile web, developers tend to spend a lot of time testing their work is lipo 6 black, lipo 6 unlimited and dhea
http://www.watchessegment.com
http://www.watchessegment.com This post has helped me to have another perspective. I am researching this topic for a paper I am writing. Your article provided me great insight of my topic.
http://www.watchessegment.com
http://www.watchessegment.com This post has helped me to have another perspective. I am researching this topic for a paper I am writing. Your article provided me great insight of my topic.
hello.
Natural Cosmetics Another excellent example of innovation, I am happy to find it. There are so several developers working on this segment but this is one of the best innovative idea ever. Thanks for sharing it here.
Awesome
You actually make it appear so easy with your presentation but I find this affair to be actually something which I think I would never understand. It seems too recondite and extremely broad for me. I'm looking forward for your next post, I’ll try to get the hang of it!
mode
Security of system as well as
Security of system as well as network is such a serious issue. Especially, in large organizations where system contains many vital information. Same is the condition with home pc as well where there can be many secret data storing. The article could provide a lot of important information about password and system security.for more details
Brilliant!! Enjoying your
Brilliant!! Enjoying your ideas. Top Job!.Gifts To Pakistan
Awsome article Waiting for
Awsome article Waiting for more info dude !!Send Gifts To Pakistan
If you replace "UEFI" with
If you replace "UEFI" with "UEFI Secure Boot", the rest of this section is fine - Although, I'd argue that there is a good amount of FUD still present. RedHat, Ubuntu and Sabayon can all boot with Secure Boot enabled in the BIOS by using Shim. The only prevention of user control that I've seen proof of, is on Windows 8 tablets where Secure Boot cannot be disabled, leaving no opportunity to add keys to allow custom software to run. e-papierosy
Post new comment Please note
Post new comment
Please note that comments may not appear immediately, so there is no need to repost your comment.IBM's platform as a service (PaaS), IBM SmartCloud Application Services, is now generally available and ready to help your development team collaborate in the cloud!
http://www.lehighvalleylive.com/bethlehem/index.ssf/2008/11/australian_c...
I am very interested, unable
I am very interested, unable to hold oneself back to share with the people around me have a look. Yellow Pages Cybo I support your ideas, and I wish you make persistent efforts.They may have helped him but in all honesty, what was said about the success of the album’s true no matter if the album had a 15 month 200k start before Brantley’s hit.
I am upbeat to found such
I am upbeat to found such advantageous post. I decidedly broadened my memorizing accompanying peruse your post which may be helpful for me. web design vancouver
I really enjoy simply reading
I really enjoy simply reading all of your weblogs. Simply wanted to inform you that you have people like me who appreciate your work. Definitely a great post. Hats off to you! The information that you have provided is very helpful web design vancouver
Great post!!
I am upbeat to found such advantageous post. I decidedly broadened my memorizing accompanying peruse your post which may be helpful for me. online discount clothing
message
Combat Training
nice sties
Awesome blog. I enjoyed reading your articles. This is truly a great read for me. I have bookmarked it and I am looking forward to reading new articles. Keep up the good work!Microdermabrasion
diff -u UEFI
I've got a bit of a bone to pick about the last topic discussed in the diff -u section of this issue. When I see sentences like, "I'd say that UEFI almost certainly will be part of the kernel", and "Its purpose is to prevent users from having control of their own systems..." I cry inside. This only shows a lack of good research.
As usual in the Linux community, the concepts of "UEFI" and "UEFI Secure Boot" are all mixed up. UEFI is already supported very well by the kernel and does not, by itself, pose any threat to Linux or Linux users. UEFI, at a basic level, is really only a set of interfaces to replace the 20+ year old BIOS to OS interfaces.
Secure Boot (a single chapter of the UEFI spec, chapter 27) provides a method to only load signed UEFI drivers and applications to prevent malicious or undesired software from being run by the firmware (BIOS).
The main problem is that the definition of "undesired" is not defined at all in the specification.
If you replace "UEFI" with "UEFI Secure Boot", the rest of this section is fine - Although, I'd argue that there is a good amount of FUD still present. RedHat, Ubuntu and Sabayon can all boot with Secure Boot enabled in the BIOS by using Shim. The only prevention of user control that I've seen proof of, is on Windows 8 tablets where Secure Boot cannot be disabled, leaving no opportunity to add keys to allow custom software to run.
-Tim