As 2016 approaches, I thought it would be nice to look back on 2015 and share with you the Top 10 most viewed blog posts here on this blog. Let the countdown begin … Continue reading “Top 10 posts from 2015”
The 12 Themes of 2014
Rather than bring you the 12 Days of Christmas, we’ve done the 12 themes of 2014 instead! A look back at what has been making the headlines in the world of Information Security (and beyond) this year. Take a moment to relive the year…… Continue reading “The 12 Themes of 2014”
No, Shellshock does not defeat SELinux
A week is a long time in Cyber Security.
These past few weeks you may have heard about the latest ‘big vulnerability’, dubbed ShellShock. If you haven’t, or want more information on it, I direct you to the best authority I know: Wikipedia.
Yet Another Shellshock Article
Well ShellShock has certainly created a lot of press – and I am sure that most readers will understand what the Linux Shell is by now.
Each day we become more reliant on the Internet in both our personal and business lives, yet each day there are new stories of security failures. A key part of living and working on the Internet is the ability to be able to communicate securely; whether inter-personal communication, such as email or chat, or client / server communication to access a web site.
This blog looks at how and why secure communications fail, and what we can do about it.
Building the Guard
Okay. We’ve analysed the problem, we’ve produced an excellent design, and we’ve got our security approach nailed down. It’s time to get our hands dirty and actually build it.
Continue reading “Building the Guard”
Booting Linux Securely
A report from Learning Tree “Linux Scores Highest in UK Government Security Assessment” has analysed the CESG set of reports on the security of end user devices, in which CESG assessed 11 operating systems. The Learning Tree report observed:
Of those, Linux got the best overall score
The report then looked at the criteria used to make this assess, and suggested:
As for Secure Boot, that has its serious detractors
Securing the Guard
I have talked previously about the challenge of building a File Guard, and the approach we took to designing it.
Continue reading “Securing the Guard”
RedHat Case Study – Nexor Sentinel
Those nice people at RedHat have written a Case Study on the Nexor Sentinel Product…
SE Linux for Android
One of the challenges with a general purpose operating system, it that it is general purpose! It is designed to provide the application developer with a tool set to build their application. When building an application used to enforce security, this is a real challenge.