Cloudy with a Chance of Pain: IT Security in the Cloud

By Brian Proffitt

The promise of cloud computing is very compelling. Just listen to the pitch for hybrid clouds: “If your organization needs more computing resources, why purchase extra hardware? Just set up a connection to a public cloud, use the extra machines to your heart’s content, and stop using them when your needs are satisfied.”

Sounds [...]

Share
October 12th, 2010 | Tags: , , , , , | Category: News | Leave a comment

SCAP: computer security for the rest of us.

by Gunnar Hellekson

I’m setting up a new computer. I get through the registration screens, install my software, change my wallpaper, and everything’s working fine. I’m left, though, with a lingering, uneasy feeling: I don’t know if this machine is secure. I’m a computer guy, so I know how to set up strong passwords and firewalls, [...]

Share
October 12th, 2010 | Tags: , , , , , , | Category: News | Leave a comment

E-voting machines compromised

Researchers at University of California San Diego, Princeton University and University of Michigan have demonstrated a method to compromise and alter the tallies of Sequoia AVC Advantage voting machines. They presented their results at the Usenix 2009 Electronic Voting Workshop, held in Montreal this week. They used a method called return-oriented programming to modify voting [...]

Share
August 14th, 2009 | Tags: , , , , , | Category: Uncategorized | Leave a comment

XML Flaws disclosed

One of the core components of interactive web services was found to have serious programming flaws. An exploit of these flaws has the potential for anything from denial of service to sending of malicious documents to seize control of users computers. XML is used in all types of web services, including banking, desktop [...]

Share
August 7th, 2009 | Tags: , , , , , , , , , | Category: Uncategorized | Leave a comment

Linux Security Updates

Redhat announced kernel security and bug fix update multiple vulnerabilities (Also applies to CentOS). Also Fedora 10 & 11 have kernel updates for multiple vulnerabilities.

Updates to Firefox products have also cascaded into Fedora updates: blam (F10, F11), chmsee (F11), epiphany (F11), epiphany-extensions (F11), evolution-rss (F10, F11), firefox (F10, F11), galeon (F10, F11), gecko-sharp2 [...]

Share
August 5th, 2009 | Tags: , , , , , , , , , | Category: News | Leave a comment

Wasn’t Twitter was Google Apps that was hacked

I’ll not rewrite what Gary Barnett has to say, except to reprint his abstract. I think it’s a thoughtful criticism of what’s been written about the Twitter fiasco, as well as cloud computing and security.

If you’re busy, here’s the abstract:

It wasn’t twitter that was hacked – it was Google Apps
Please don’t confuse “network” with [...]

Share
July 18th, 2009 | Tags: , , , , , , | Category: Uncategorized | Leave a comment