[JOB OPENING] QA automation engineer at TrapX Security

Hi everyone, TrapX Security (https://trapx.com), the world leader in Deception Technology (I'll let you Google), is starting several new and exciting strategic projects and is seeking to expand its R&D department. This post is one of several, referring to various open positions with th

[JOB OPENING] system/infrastructure software engineer at TrapX Security

Hi everyone, TrapX Security (https://trapx.com), the world leader in Deception Technology (I'll let you Google), is starting several new and exciting strategic projects and is seeking to expand its R&D department. This post is one of several, referring to various open positions with th

[JOB OPENING] full stack software engineer at TrapX Security

Hi everyone, TrapX Security (https://trapx.com), the world leader in Deception Technology (I'll let you Google), is starting several new and exciting strategic projects and is seeking to expand its R&D department. This post is one of several, referring to various open positions with th

Re: Security-What can be done in kernel to disable forever executable memory modificaton

om a real security professional (e.g., not me), because there are probably other concerns you and me are not even considering now. On 17/01/2019 11:26, Elazar Leibovich wrote: What you probably want, is something similar to Windows VBS HVCI, which is usually achieved via underlying hypervisor.

Re: Security-What can be done in kernel to disable forever executable memory modificaton

What you probably want, is something similar to Windows VBS HVCI, which is usually achieved via underlying hypervisor. It forces you to pass the security boundary of the hypervisor, even if security boundary between user/kernel is bypassed. Have a look at Bromium or QubeOS for a full

Re: Security-What can be done in kernel to disable forever executable memory modificaton

On 12/01/2019 15:19, Lev Olshvang wrote: Hi All, The fact that the text segment could be modified is bad news from the security standpoint. For example, in order to set a breakpoint GDB should map a text segment with MAP_PRIVATE flag which allows kernel to

Security-What can be done in kernel to disable forever executable memory modificaton

Hi All, The fact that the text segment could be modified is bad news from the security standpoint. For example, in order to set a breakpoint GDB should map a text segment with MAP_PRIVATE flag which allows kernel to ignore the dirty bit that MMU sets on this page. Somewhere in the middle

Kernel default security configuration - how it affects LSM policy?

One of the  choices of security options proposes to select default securityCONFIG_DEFAULT_SECURITYUser can select  traditional Unix DAC or one of LSMs.Suppose CONFIG_DEFAULT_SECURITY_DAC=y  selected.I wonder how it affects LSM policy decisions? Lets take file permissionsfile fs/namei.c, kernel 4.8

[JOB] TrapX Security is looking for a DevOps engineer

Hi all, TrapX Security (https://trapx.com) is looking for a DevOps engineer to join our team. If the job description below sounds like your cup of tea please send your CV to oleg (at) trapx.com (do not reply to this email). = Experience Level: Senior

Re: security/firewall on Linux desktop at home - connection to the Intenet

what you find easier and what ships with your distribution. > And regarding the Dlink router - do you recommend any other wireless router > with special security features ? what should we pay attention when > purchasing a new wireless router, related to these aspects ? or is it enough > t

security/firewall on Linux desktop at home - connection to the Intenet

eless router with special security features ? what should we pay attention when purchasing a new wireless router, related to these aspects ? or is it enough to have the firewall software on the desktop itself ? My main focus here is avoiding intrusion into the Linux desktop, but avoiding virus

[JOBS] open positions at TrapX Security

Hi everyone, My employer, TrapX Security (http://www.trapx.com), located in Ramat Hahayal, Tel Aviv, has a number of open positions in R&D. The descriptions follow below. If you are interested, or know someone who may be interested, please send the CV to me at o...@trapx.com (please do

[job] Web application security researcher

For a security team, Web Application security researcher is required. While the job is not a Linux Job per se. Most relevant servers are linux servers, and Linux knowledge is required. For further details feel free to contact me in private. ___ Linux

Re: Fortigate router, and security attacks

Check news channels about SIP attacks and about a botnet silently scanning the entire IPv4 range from the past week or so - there was something about such attacks. On Oct 24, 2012 4:45 AM, "ik" wrote: > On Tue, Oct 23, 2012 at 7:14 PM, shimi wrote: > > On Mon, Oct 22, 2012 at 11:13 AM, ik wrote

Re: Fortigate router, and security attacks

On Tue, Oct 23, 2012 at 7:40 PM, ik wrote: > > > > If so - are you sure they're _attacking_ you? Absolutely positive that > what > > you're seeing is NOT returning packets for packets that have originated > from > > YOUR network? (could be internal computers with malware...) > > I see the automat

Re: Fortigate router, and security attacks

On Tue, Oct 23, 2012 at 7:14 PM, shimi wrote: > On Mon, Oct 22, 2012 at 11:13 AM, ik wrote: >> >> Hello, >> >> I have a network with Fortigate router, active firewalls and the >> network itself is under NAT. >> It recently started to get attacked by external class A IP's (several >> of class A ba

Re: Fortigate router, and security attacks

On Mon, Oct 22, 2012 at 11:13 AM, ik wrote: > Hello, > > I have a network with Fortigate router, active firewalls and the > network itself is under NAT. > It recently started to get attacked by external class A IP's (several > of class A based IP blocks). > We scan from outside, the network, the

Fortigate router, and security attacks

Hello, I have a network with Fortigate router, active firewalls and the network itself is under NAT. It recently started to get attacked by external class A IP's (several of class A based IP blocks). We scan from outside, the network, the whole IP addresses of the network itself (that should go in

Re: Security patches for Apache 1.3.x?

On Thu, Jul 14, 2011 at 04:29:00PM +0300, Ira Abramov wrote: > howdie! > > I have an embeded system (roughly based on CentOS 3) with a few legacy > components, one of which is Apache 1.3.42, which has served us well this > far, but now we bumped into these: > > http://web.nvd.nist.gov/view/vuln/d

Security patches for Apache 1.3.x?

howdie! I have an embeded system (roughly based on CentOS 3) with a few legacy components, one of which is Apache 1.3.42, which has served us well this far, but now we bumped into these: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1928 http://web.nvd.nist.gov/view/vuln/detail?vulnId=

Re: Checkpoint Endpoint Security VPN with linux

On Mon, Mar 21, 2011 at 10:02 AM, Shachar Shemesh wrote: > On 21/03/11 02:41, Etzion Bar-Noy wrote: > >> It is common that the VPN provider policy *prevents* you from connecting >> to multiple networks (theirs and someone else's). The logic behind it is to >> prevent data leak, especially accident

Re: Checkpoint Endpoint Security VPN with linux

On 21/03/11 02:41, Etzion Bar-Noy wrote: It is common that the VPN provider policy *prevents* you from connecting to multiple networks (theirs and someone else's). The logic behind it is to prevent data leak, especially accidental, by combining somehow their network with someone else's. You ha

Re: Checkpoint Endpoint Security VPN with linux

On 21/03/11 09:43, Baruch Siach wrote: Hi Shachar, On Mon, Mar 21, 2011 at 04:51:43AM +0200, Shachar Shemesh wrote: I think so. Instead of me trying to explain it to you, why don't you just try to draw the network topology you think will solve the problem. I believe that will give you the

Re: Checkpoint Endpoint Security VPN with linux

Hi Shachar, On Mon, Mar 21, 2011 at 04:51:43AM +0200, Shachar Shemesh wrote: > On 20/03/11 23:49, Elazar Leibovich wrote: > >Yeah, but as your probably know, VPN is used in practice to > >connect to your workstation from your laptop > > > >And VPN solution could offer NAT, in fact a shallow Google

Re: Checkpoint Endpoint Security VPN with linux

On 20/03/11 23:49, Elazar Leibovich wrote: Yeah, but as your probably know, VPN is used in practice to connect to your workstation from your laptop And VPN solution could offer NAT, in fact a shallow Google search[1] offers exactly the same solution. Is there something I'm missing here?

Re: Checkpoint Endpoint Security VPN with linux

It is common that the VPN provider policy *prevents* you from connecting to multiple networks (theirs and someone else's). The logic behind it is to prevent data leak, especially accidental, by combining somehow their network with someone else's. So - this poses no problem to be dealt with. The co

Re: Checkpoint Endpoint Security VPN with linux

On Sun, Mar 20, 2011 at 9:54 PM, Shachar Shemesh wrote: > > On another side note, what does it do if I'm having a 192.168.4.* internal >> network? >> > Then you are @!#*%!@#$@!)(!@#&%@#! !@(%!@#()#!@$!@%#. Wow, I'm not sure I know any adjective that long in English ;-) VPN is designed to conne

Re: Checkpoint Endpoint Security VPN with linux

On 20/03/11 21:40, Elazar Leibovich wrote: On a side note, the VPN client on windows shoves entries to the routing table which seems to depend on the actual network I'm connecting to (192.18.4.* for instance, I don't think it does so for all networks), how does it know the destination network

Checkpoint Endpoint Security VPN with linux

Anyone have experience connecting to Checkpoint VPN using Checkpoint Endpoint security with Linux? The windows client is called "Checkpoint Endpoint Security" and looks like a yellow lock in the taskbar. They seem to have a client, but I'm not sure which one to download, and

Re: OT: PHP 32 bit numbers security issue

On Thu, Jan 6, 2011 at 11:49, Nadav Har'El wrote: > On Thu, Jan 06, 2011, Uri Even-Chen wrote about "Re: OT: PHP 32 bit numbers > security issue": >> By the way, although I know hardware can be used to calculate floating >> point operations, I would prefer

Re: OT: PHP 32 bit numbers security issue

On Thu, Jan 06, 2011, Uri Even-Chen wrote about "Re: OT: PHP 32 bit numbers security issue": > By the way, although I know hardware can be used to calculate floating > point operations, I would prefer to use software - because of the > ability to be flexible and let the user o

Re: OT: PHP 32 bit numbers security issue

On Thu, Jan 6, 2011 at 00:31, Nadav Har'El wrote: > It is pointless to make such generalizations, that speed of numeric > calculation is no longer important. Many applications, including video > encoding/decoding, games, and much more, basically do calculations in a > tight loop, and they simply d

Re: OT: PHP 32 bit numbers security issue

> Uri Even-Chen writes: >> But I think programming languages should be more friendly, and >> always convert numbers to the best representation, or report >> overflow cases. What's "best"? Would you agree that "best" == "the most appropriate"? Unless you do symbolic or otherwise "pure" maths (c

Re: OT: PHP 32 bit numbers security issue

On Wed, Jan 05, 2011, Uri Even-Chen wrote about "Re: OT: PHP 32 bit numbers security issue": >But I think programming languages should be more friendly, and always convert > numbers to the best representation, or report overflow cases. In the past, > speed and memory were

Re: OT: PHP 32 bit numbers security issue

On Wed, Jan 5, 2011 at 21:35, Oleg Goldshmidt wrote: > Uri Even-Chen writes: > >>> A really great paper concerning floating point representation can >>> be found at http://docs.sun.com/source/806-3568/ncg_goldberg.html - >>> >>> What Every Computer Scientist Should Know About Floating-Point >>> A

Re: OT: PHP 32 bit numbers security issue

Uri Even-Chen writes: >> A really great paper concerning floating point representation can >> be found at http://docs.sun.com/source/806-3568/ncg_goldberg.html - >> >> What Every Computer Scientist Should Know About Floating-Point >> Arithmetic > > It's a little too long for me to read. Also, is

Re: OT: PHP 32 bit numbers security issue

2011/1/5 Michael Tewner : > > > 2011/1/5 shimi >> >> On Wed, Jan 5, 2011 at 1:52 PM, shimi wrote: >>> >>> It has something to do with the precision attempting algorithm of >>> floating point numbers, and the way it is done on fpu87 in 32bit processors. >>> It tries to get close to the number belo

Re: OT: PHP 32 bit numbers security issue

2011/1/5 shimi > > On Wed, Jan 5, 2011 at 1:52 PM, shimi wrote: > >> >> It has something to do with the precision attempting algorithm of floating >> point numbers, and the way it is done on fpu87 in 32bit processors. It tries >> to get close to the number below a certain point which is impossib

Re: OT: PHP 32 bit numbers security issue

On Wed, Jan 05, 2011, Nadav Har'El wrote about "Re: OT: PHP 32 bit numbers security issue": > what does it have to do with 32 vs 64 bits? I think I can answer this one myself: It appears that for x86-64 gcc, the default is to use SSE instructions, while the i386 target defaults

Re: OT: PHP 32 bit numbers security issue

On Wed, Jan 5, 2011 at 4:10 PM, Nadav Har'El wrote: > > p.s. > > The link you gave bellow is to php.net not Zend. > > > Sorry, I don't follow the intricacies of Php development. I remembered that > 10 years ago Zend (=Zeev and Andi) were writing PHP, and just assumed it's > the same today... > > W

Re: OT: PHP 32 bit numbers security issue

On Wed, Jan 05, 2011, Lior Kaplan wrote about "Re: OT: PHP 32 bit numbers security issue": > It's a hardware bug, which can be avoided by the right compilation flags. > Since it comes from the legacy x87 feature, it doesn't happen on x86_64 > which is a newer archi

Re: OT: PHP 32 bit numbers security issue

On Wed, Jan 5, 2011 at 1:52 PM, shimi wrote: > > It has something to do with the precision attempting algorithm of floating > point numbers, and the way it is done on fpu87 in 32bit processors. It tries > to get close to the number below a certain point which is impossible, and > the algorithm do

Re: OT: PHP 32 bit numbers security issue

On Wed, Jan 5, 2011 at 1:41 PM, Nadav Har'El wrote: > On Wed, Jan 05, 2011, Hetz Ben Hamo wrote about "OT: PHP 32 bit numbers > security issue": > > Hi, > > I just found something related to PHP and handling 32 bit numbers, I > wrote > > about it here

Re: OT: PHP 32 bit numbers security issue

On Wed, Jan 5, 2011 at 13:07, Tzafrir Cohen wrote: > On Wed, Jan 05, 2011 at 12:40:14PM +0200, Uri Even-Chen wrote: >> I hate floating point. if you search Google for 2^1023, > > > >> you get this result: >> >> 2^1023 = 8.98846567 × 10^307 >> >> However if you search for 2^1024, you don't get a nu

Re: OT: PHP 32 bit numbers security issue

r'El wrote: > On Wed, Jan 05, 2011, Hetz Ben Hamo wrote about "OT: PHP 32 bit numbers > security issue": > > Hi, > > I just found something related to PHP and handling 32 bit numbers, I > wrote > > about it here: http://goo.gl/xqQZd > > I found a fix on Ze

Re: OT: PHP 32 bit numbers security issue

dav Har'El > On Wed, Jan 05, 2011, Hetz Ben Hamo wrote about "OT: PHP 32 bit numbers > security issue": > > I just found something related to PHP and handling 32 bit numbers, I > wrote > > about it here: http://goo.gl/xqQZd > > I know this doesn't excuse

Re: OT: PHP 32 bit numbers security issue

On Wed, Jan 05, 2011, Hetz Ben Hamo wrote about "OT: PHP 32 bit numbers security issue": > Hi, > I just found something related to PHP and handling 32 bit numbers, I wrote > about it here: http://goo.gl/xqQZd I found a fix on Zend's repository, http://svn.php.net/viewv

Re: OT: PHP 32 bit numbers security issue

On Wed, Jan 05, 2011, Hetz Ben Hamo wrote about "OT: PHP 32 bit numbers security issue": > I just found something related to PHP and handling 32 bit numbers, I wrote > about it here: http://goo.gl/xqQZd I know this doesn't excuse a Denial-of-Service bug, but I'm

Re: OT: PHP 32 bit numbers security issue

See http://bugs.php.net/bug.php?id=53632 patch is here: http://svn.php.net/viewvc/?view=revision&revision=307095 I guess the distros will release updated packages soon. Kaplan 2011/1/5 Hetz Ben Hamo > Hi, > I just found something related to PHP and handling 32 bit numbers, I wrote > about it

Re: OT: PHP 32 bit numbers security issue

On Wed, Jan 05, 2011 at 12:40:14PM +0200, Uri Even-Chen wrote: > I hate floating point. if you search Google for 2^1023, > you get this result: > > 2^1023 = 8.98846567 × 10^307 > > However if you search for 2^1024, you don't get a number at all. Do you prefer to do that in fixed-point? It's

Re: OT: PHP 32 bit numbers security issue

Hi Tzafrir, Regarding the link, I tweeted the post link and simply pasted the short version here from the buffer. As for the bug, it seems that it fixed in SVN, now the various distributions needs to backport it to the various PHP versions and packages. Hetz 2011/1/5 Tzafrir Cohen > On Wed, J

Re: OT: PHP 32 bit numbers security issue

On Wed, Jan 05, 2011 at 12:05:25PM +0200, Hetz Ben Hamo wrote: > Hi, > I just found something related to PHP and handling 32 bit numbers, I wrote > about it here: http://goo.gl/xqQZd I missed one characted and ended up with: http://www.tzb-info.cz/106687-vyborne-tepelneizolacni-vlastnostmi-cihel-

Re: OT: PHP 32 bit numbers security issue

I hate floating point. if you search Google for 2^1023, you get this result: 2^1023 = 8.98846567 × 10^307 However if you search for 2^1024, you don't get a number at all. Even if you search for 1.999*2^1023 you get a number, but if you search for 1.*2^1023 you don't g

OT: PHP 32 bit numbers security issue

Hi, I just found something related to PHP and handling 32 bit numbers, I wrote about it here: http://goo.gl/xqQZd Thanks, Hetz ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

need security people

Hi people, I'm looking for people who knows Linux security very well, and Linux internals well, and they are freelancers. I'm making a list of those people for our company, so if someone buys from us an unmanaged VPS, they'll get this list and can contact those people and s

Re: Runtime security/memory checks for gcc/gdb

i never performed a thorough "head-to-head" comparison between the two. valgrind has a few limitations - i didn't check if purify can overcome them or not. if it can - it could be a reason to use both of them. i think i did once check a program, that had a bug that valgrind didn't manage to i

Re: Runtime security/memory checks for gcc/gdb

On Wed, Jan 13, 2010 at 10:50 AM, guy keren wrote: > Amos Shapira wrote: > >> 2010/1/13 guy keren : >> >>> >>> if you are running on windows - you can use purify - it's a commercial >>> tool, >>> >> >> Why the condition of Windows? Purify is available for Linux as well. >> >> --Amos >> > > i mean

Re: Runtime security/memory checks for gcc/gdb

Amos Shapira wrote: 2010/1/13 guy keren : if you are running on windows - you can use purify - it's a commercial tool, Why the condition of Windows? Purify is available for Linux as well. --Amos i meant (implied) that if he's using windows, he cannot use valgrind there - but instead he ca

Re: Runtime security/memory checks for gcc/gdb

2010/1/13 guy keren : > > > if you are running on windows - you can use purify - it's a commercial tool, Why the condition of Windows? Purify is available for Linux as well. --Amos ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji

Runtime security/memory checks for gcc/gdb

2010/1/12 Elazar Leibovich : > > On Tue, Jan 12, 2010 at 8:02 AM, Shachar Shemesh > wrote: >> >> Elazar Leibovich wrote: >> >> I tried using valgrind in a different project. The main problems I've had >> with valgrind are speed >> >> Yes, that is known. >> >> and false positives. >> >> That one is

Re: Runtime security/memory checks for gcc/gdb

Elazar Leibovich wrote: On Tue, Jan 12, 2010 at 8:02 AM, Shachar Shemesh > wrote: Elazar Leibovich wrote: I tried using valgrind in a different project. The main problems I've had with valgrind are speed Yes, that is known. and false positives

Re: Runtime security/memory checks for gcc/gdb

: compile just the parts you need, debug it enough so that it would run on the PC, and keep the changes. Hopefully, after enough time, all (or most) of the code would be runnable on a PC. We use gcc+gdb to compile and debug the code. In Vi

Re: Runtime security/memory checks for gcc/gdb

Elazar Leibovich wrote: IIRC the problem was using a different library, and tracing which problems are yours and which are of the library. See for instance this rant http://www.mega-nerd.com/erikd/Blog/CodeHacking/house_of_cards.html I haven't really got into this, so maybe the suprresion fil

Re: Runtime security/memory checks for gcc/gdb

t; on a PC. > We use gcc+gdb to compile and debug the code. In Visual Studio's > cl.exe there are some security > checks<http://msdn.microsoft.com/en-us/library/aa289171(VS.71).aspx>at > run time. This can really assist debugging. For example knowing when > an > unintia

Re: Runtime security/memory checks for gcc/gdb

On Tue, Jan 12, 2010 at 8:02 AM, Shachar Shemesh wrote: > Elazar Leibovich wrote: > > I tried using valgrind in a different project. The main problems I've had > with valgrind are speed > > Yes, that is known. > > and false positives. > > That one is new to me. Can you elaborate? > IIRC the prob

Re: Runtime security/memory checks for gcc/gdb

Elazar Leibovich wrote: I tried using valgrind in a different project. The main problems I've had with valgrind are speed Yes, that is known. and false positives. That one is new to me. Can you elaborate? Getting gdb to report that during runtime has its advantages. Anyhow, I was hoping to he

Re: Runtime security/memory checks for gcc/gdb

eed, debug it enough so that it would run on the PC, and keep the >> changes. Hopefully, after enough time, all (or most) of the code >>would be runnable on a PC. >>We use gcc+gdb to compile and debug the code. In Visual Studio's >>cl.exe there are some secu

Re: Runtime security/memory checks for gcc/gdb

Elazar Leibovich writes: > Just a remark, as some people asked me about it privately. > > I'm not interested in static analysis (which gcc gives for > uninitialized variables). But with runtime analysis of where the > uninitialized variable have been actually used when the code was > run. This is

Re: Runtime security/memory checks for gcc/gdb

me, all (or most) of the code would be runnable on a PC. We use gcc+gdb to compile and debug the code. In Visual Studio's cl.exe there are some security checks <http://msdn.microsoft.com/en-us/library/aa289171(VS.71).aspx> at run time. This can really assist de

Re: Runtime security/memory checks for gcc/gdb

hat it would run on the PC, and keep the changes. > Hopefully, after enough time, all (or most) of the code would be runnable on > a PC. > We use gcc+gdb to compile and debug the code. In Visual Studio's > cl.exe there are some security > checks<http://msdn.microsoft.com/en

Re: Runtime security/memory checks for gcc/gdb

ould be runnable on a PC. We use gcc+gdb to compile and debug the code. In Visual Studio's cl.exe there are some security checks <http://msdn.microsoft.com/en-us/library/aa289171(VS.71).aspx> at run time. This can really assist debugging. For example knowing when an unintialized vari

Runtime security/memory checks for gcc/gdb

ug it enough so that it would run on the PC, and keep the changes. Hopefully, after enough time, all (or most) of the code would be runnable on a PC. We use gcc+gdb to compile and debug the code. In Visual Studio's cl.exe there are some security checks<http://msdn.microsoft.com/en-us/librar

Re: Uptime vs. security (was: [offtopic] Government and technology)

nice uptime. However, weren't there any newer kernels released > > since with important security updates? Won't that potentially jeopardise > > your system? > > So far I believe all the fixes were to local exploits (of which I'm less > worried) and maybe once to

Re: data security

il Sent: Wednesday, February 04, 2009 12:07 PM Subject: data security hi one day this week, i started my computer, it behaved very strange - i had a blank screen for about 2 minutes before i got the boot screen, then it continued to boot from ... network the reason was that the hard driv

Internet Draft: Transport Layer Security (TLS) Evidence Extensions

om 19-Nov-2008: https://datatracker.ietf.org/ipr/1026/ IANL but the language looks too familiar... "RedPhone Security agrees to grant licenses for such uses in a fair and nondiscriminatory manner. This statement applies to the Disclosed Patent Information, including all amendments in all

Re: Uptime vs. security

Ira Abramov wrote: I am hoping Lenny becomes stable soon, though it could have been cool to have a 550 day uptime :-) Due date is February 14. In 5 days. Shachar ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mail

Uptime vs. security (was: [offtopic] Government and technology)

Quoting Shlomi Fish, from the post of Sat, 07 Feb: > On Friday 06 February 2009 23:42:54 Ira Abramov wrote: > > 23:40:21 up 512 days, 9:49, 2 users, load average: 0.89, 0.83, 1.11 > > That's a nice uptime. However, weren't there any newer kernels released since

Re: data security

On Wednesday, 4 בFebruary 2009, Amos Shapira wrote: > 2009/2/4 Shachar Shemesh > > Erez D wrote: > >> 1. i do not know of a major linux distibution (i.e. redhat/ubuntu etc... > > Debian does. The installer even offers to install it for you. > And so does Ubuntu. And Fedora also of course ;-) --

Re: data security

This whole encryption thread reminded me of a recent xkcd: http://xkcd.com/538/ :-) --y On Wednesday 04 February 2009, Moish wrote: > Shachar Shemesh wrote: > > Orr Dunkelman wrote: > >> The question is whether your swap partition is encrypted or not. > >> > >> In case it is not - you are proba

Re: data security

Meir Michanie wrote: He asked about what to do with his broken harddisk. - Original Message - Subject: Re: data security From: Erez D To: "Meir Michanie" CC: "linux-il" Date: 04-02-2009 13:47 On Wed, Feb 4, 2009 at 1:10 PM, Meir Michanie wrote: What abo

Re: data security

He asked about what to do with his broken harddisk. > - Original Message - > Subject: Re: data security > From: Erez D > To: "Meir Michanie" > CC: "linux-il" > Date: 04-02-2009 13:47 > > > On Wed, Feb 4, 2009 at 1:10 PM, Meir Michanie w

Re: data security

Shachar Shemesh wrote: Orr Dunkelman wrote: The question is whether your swap partition is encrypted or not. In case it is not - you are probably writing too many secrets to the hard disk. If it is - well, then I can understand why the machine is slow. It is encrypted, but swap is hard

Re: data security

Orr Dunkelman wrote: The question is whether your swap partition is encrypted or not. In case it is not - you are probably writing too many secrets to the hard disk. If it is - well, then I can understand why the machine is slow. It is encrypted, but swap is hardly used on my machine. An

Re: data security

op is stolen ... > > > > - Original Message - > > Subject: Re: data security > > From: Shachar Shemesh > > To: "Orr Dunkelman" > > CC: "linux-il" ,"Erez D" > > Date: 04-02-2009 13:02 > > > > > > Orr Dunkelman wrote: >

Re: data security

What about /etc/shadow and other sensitive files? so no encrypting your root filesystem is also an issue. What if you put the hard drive under a very strong magnetic field? > - Original Message - > Subject: Re: data security > From: Shachar Shemesh > To: "Orr Dunkelm

Re: data security

On Wed, Feb 4, 2009 at 12:02 PM, Shachar Shemesh wrote: > Also, keep in mind that some things are automatically generated but still > sensitive. The most important examples are my bash history file ( > .bash_history under your home directory) and the database for the "locate" > command (/var/cach

Re: data security

2009/2/4 Shachar Shemesh > Erez D wrote: > >> >> so i though of a solution - use a crypto FS. >> but there are many problems with it. >> the practical problems are at least: >> 1. i do not know of a major linux distibution (i.e. redhat/ubuntu etc... ) >> that fully support crypto-fs out of the bo

Re: data security

Orr Dunkelman wrote: I guess that the configuration may still reveal some secrets (like which hosts are important enough to be in /etc/hosts), but it's better than nothing... On my laptop, "most" of the data is not encrypted. I discovered that compiling inside an encrypted partition is hor

Re: data security

2009/2/4 Erez D : > > when a hard drive dies and it is under warrenty, we need give the old one > when we want it replaced. > usuallyon the hard drive we have some personal things - pictures, documents, > or confidential data if it belonged to a company etc... > assuming the data is backed up (back

Re: data security

Erez D wrote: so i though of a solution - use a crypto FS. but there are many problems with it. the practical problems are at least: 1. i do not know of a major linux distibution (i.e. redhat/ubuntu etc... ) that fully support crypto-fs out of the box, so if i use it, i will need to do manual

data security

hi one day this week, i started my computer, it behaved very strange - i had a blank screen for about 2 minutes before i got the boot screen, then it continued to boot from ... network the reason was that the hard drive has died. it wasn't even recognized by the bios. the computer was 2 months old

Re: Security question - Clipperz anyone?

cond-reminder-why-you-should-use-better-passwords/ 3. Key loggers? They have 1 time passphrase? 4. My 2 cents thoughts, they keep your passphrase and hide it as useful software. 5. What happens if they are DOS attacked? there are many more aspects to this, but you get the idea. 6. Security dis

Re: Security question - Clipperz anyone?

y loggers? They have 1 time passphrase? 4. My 2 cents thoughts, they keep your passphrase and hide it as useful software. 5. What happens if they are DOS attacked? there are many more aspects to this, but you get the idea. 6. Security disk linux (backdoor and written by nsa). If you check the code,

Security question - Clipperz anyone?

till their code and the user's data around to retrieve it. Since it's open source, I'm thinking to start with a local server on the internal network but the hosted service sounds appealing. My question - has any of the security experts here heard about them, their technology or maybe c

Re: Top FOSS security vulnerabilities

On Sat, 2007-12-15 at 02:35 +, Amos Shapira wrote: > On 14/12/2007, Omer Zak <[EMAIL PROTECTED]> wrote: > > http://www.linux.com/feature/123171 explains the philosophy and > > reasoning of Palamida, which found those vulnerabilities. I found the > > article to be FUD-free. > > Should be very

Re: Top FOSS security vulnerabilities

On 14/12/2007, Omer Zak <[EMAIL PROTECTED]> wrote: > http://www.linux.com/feature/123171 explains the philosophy and > reasoning of Palamida, which found those vulnerabilities. I found the > article to be FUD-free. Should be very interesting, but the alleged link to the spreadsheet with data (htt

Top FOSS security vulnerabilities

, they do not miss an opportunity to promote their business (audit of corporate codebase to find uses of Free Software and overlooked vulnerabilities). DISCLAIMER: I am neither affiliated nor customer (satisfied or otherwise). I only read some security related Web news items, and thought it'll be

Re: webcam security software

Geoffrey S. Mendelson wrote: > On Wed, Aug 01, 2007 at 01:27:22PM +0300, Shachar Shemesh wrote: > >> I suggest you read http://blog.shemesh.biz/?p=453 >> > > Thanks, but I can't. :-( > > Geoff. > In a nutshell, it talks about the importance of both resolution and frames per second in ord

Re: webcam security software

On Wed, Aug 01, 2007 at 01:27:22PM +0300, Shachar Shemesh wrote: > I suggest you read http://blog.shemesh.biz/?p=453 Thanks, but I can't. :-( Geoff. -- Geoffrey S. Mendelson, Jerusalem, Israel [EMAIL PROTECTED] N3OWJ/4X1GM IL Voice: (07)-7424-1667 U.S. Voice: 1-215-821-1838 Visit my 'blog at h

Re: webcam security software

Geoffrey S. Mendelson wrote: > > IMHO the knowledge that the cameras are active 24/7 and recorded would > be enough to prevent pranks or minor vandalism. > > Geoff. > I suggest you read http://blog.shemesh.biz/?p=453 Shachar = To

  1   2   3   4   >