This was originally written for a class assignment and as that has not been modified (much) for the web. Jeff Atwood’s password was compromised, the following includes a summary of how it happened, and how better security policies could have avoided it. This was written for Advanced Report Writing at Baker College.Summary of ArticleOn May 3, 2009, Jeff Atwood reports that his Stack Overflow password was compromised an that he received an email explaining the details.
Posts with the tag security:
(note: this was originally intended as a reply to Why Is So Hard for Windows Users to Understand That Linux Is Not Windows, but it got so long I felt it should be it’s own post. I’m not sure the title is good, but it’s close enough)(note: I use the term users in this blog to mean people who use computers that do not, develop, administrate, repair, or are other wise considered power users, and professional computer users.
I’m sure you’ve read about Debian’s OpenSSL blunder. If not here’s a recap on Linux.com. I’m just wondering… is it possible that the pain will be so great for admins that the great stable debian will be discontinued from production server use? I would (but I don’t use debian based systems for anything but livecds), seriously this is a hugely idiotic mistake, the pain of which is only beginning. This may in fact be the biggest security blunder I have ever heard of in open source.
I’ve noticed recently that some of the feeds I’ve subscribed to are including a lot of stuff I don’t care about, I’m wondering if it would be possible to have a bayesian filter for rss/atom like I do for email.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.
The Best guide for learning the basics of iptables is here Linux 2.4 Stateful firewall design for the most part it continues to apply to the 2.6 kernel. The only things that won’t apply to your linux system will be: emerge if you aren’t on gentoo, and the kernel options which have changed since 2.4 and even a couple of times during 2.6. I’m not going to cover those here. If you need help building your kernel or installing iptables I suggest that you consult with either the iptables home page or even better your distribution.
Taggedyet another Social Networking site. I don’t mind that these sites want to connect to my email and check for contacts… but always ALWAYS allow me to skip that section. I find it poor security to enter my password just because something asks for it. Fortunately I was smart enough to stop entering data, and click a link in the ‘welcome to’ email to go straight to my profile. I’m adding them to the hall of shame for being a security risk.
also see the selinux home/news page http://www.nsa.gov/selinux/news.cfm–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.
Yes, yes, one again the USA has made a fool of itself. This time by sending emails out with a return address of ‘donotreply.com’. the guys blog is funny, look at all the corporate fools.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.