Paranoid Penguin - Linux Security Challenges 2010
The explosive proliferation of new types of Web applications, cloud computing services and virtualization solutions are exposing our data, systems and networks in ever-bigger, ever-further-reaching ways. Targeted malware, man-in-the-middle attack techniques and similar threats against SSL/TLS, the involvement of organized identity theft rings, and other nasty trends on the attack side of the equation only make it harder for those of us concerned with security to protect these emerging applications, services and infrastructures.
But what is a crisis, if not a job for experts? Interesting times call for creative, technology-obsessed types like Linux Journal's readers (and columnists), and I have no doubt that we, the geek community, are amply up to the challenge. So, here's wishing you a safe, productive and interesting (in the good sense, not just the scary sense) 2010!
Michael Kemp's Presentation “Virtualization: There Is No Spoon” (from Bellua Cyber Security 2008 Conference): www.bellua.com/conference/asia08.materials/bcs08-kemp.ppt
The 2009 Verizon Business Data Breach Investigations Report (describes trends in the use of targeted malware and the involvement of organized crime in real-world security breaches): www.verizonbusiness.com/resources/security/reports/2009_databreach_rp.pdf
Mick Bauer (firstname.lastname@example.org) is Network Security Architect for one of the US's largest banks. He is the author of the O'Reilly book Linux Server Security, 2nd edition (formerly called Building Secure Servers With Linux), an occasional presenter at information security conferences and composer of the “Network Engineering Polka”.