Category
news
-
06.28.11The Sibyl going to the No cON NameBoth rafacas and pfortuny are going next September to Barcelona to the No cON Name conference, to talk about The Sibyl, of which we have already written here. If any of you is interested in IT Security and can make it to Barcelona in September (14-17), it would be nice to meet you there.
-
12.08.10The savannah.gnu incident and the SibylThe savannah.gnu.org compromise in December 2010 is another example of the weakness of system passwords: there will always be someone using a brute-force attackable key. And that is the weakest link. I just want to point out to all our readers out there that the Sibyl is precisely an idea to implement a secure way to store hashes of passwords and prevent brute-force attacks. It is not computationally cheap or even the simplest of setups, but security has a price. At least, it is, but for the hardware part, which depends on your implementation, 'gratis' and BSD-licenced. Hope you like it.
-
12.05.09SysAdvent Calendar 2009SysAdvent is a project started by Jordan Sissel last year. It consists of sysadmin related posts. A post a day from 1st to 25th Dec. Jordan takes that idea from the Perl Advent Calendar. This year there are some bloggers helping Jordan on this task. I recommend subscribing to it, their posts are quite useful.
-
04.13.09OpenBSD’s pf null pointer dereferenceWe have talked quite a few times about pf, OpenBSD's Packet Filter (firewall). Well, a bug has been discovered which may trigger a kernel panic. There exists a solution, be sure to patch your boxes asap. Notice that the 'editing' solution works on all platforms and versions (at least from 4.2 upwards and probably on older ones).
-
03.24.09Linux Kernel 2.6.29 releasedVia Slashdot I have found out that Linus Torvalds has just released the Linux 2.6.29 kernel. There is a temporary change of logo to Tuz, a Tasmanian Devil, wich is an endangered species. Besides the logo, some of the new important features are: Support for kernel mode-setting on Intel hardware. "Mode setting" is for setting up things like screen resolution and depth mode, in other words, configuring whatever is necessary on the graphics card for displaying things on the screen. Btrfs: is the next-generation Linux filesystem, developed from scratch following the design principles of filesystems like ZFS, WAFL, etc. Squashfs: is a highly compressed ...
-
02.25.09Bash 4.0 releasedVia Slashdot I found out about bash version 4.0 being out. Bash is the GNU Project's Bourne Again SHell, a complete implementation of the POSIX.2 shell spec, but also with interactive command line editing, job control on architectures that support it, csh-like features such as history substitution and brace expansion, and a slew of other features. The new version fixes several bugs in the 3.x releases and introduces a bunch of new features. The most notable ones are associative arrays, improvements to the programmable completion functionality, case-modifying word expansions, co-processes, support for the `**' special glob pattern, and additions to the shell ...