A quick Google search turned up a number of projects in early development, and a couple of commercial systems with price tags in the hundreds of dollars (presumably for enterprise-level applications).
Of course, you do know biometrics are a bit of a joke, and nowhere near as secure and reliable as a good password, right? You can fool 2D facial recognition apps with a photograph. Fingerprint scanners can be fooled by a piece of tape with a lifted fingerprint, or a piece of damp paper with a photocopy of the person's fingerprint. Voice recognition software can be fooled by a digital voice recorder with a decent speaker.
And all of them will fail due to normal bodily changes. Gain or lose a few pounds, or wear a bit more or less makeup than usual, and the facial recognition software might not recognize your face. Get a cut or burn on your finger, and the fingerprint scanner won't let you log in to your computer. Catch a cold or laryngitis, and neither will voice recognition software.
On the other hand, if a password is at least eight characters, includes numbers and/or special characters, and is something you can easily remember, it will always work, and is very secure as long as you keep it in your head.
sexta-feira, 18 de junho de 2010
sexta-feira, 11 de junho de 2010
SELinux
A maioria dos métodos de autenticação de controle de acesso são arbitrários. O dono do objeto (seja um programa ou dado) pode alterar as permissões para outras pessoas e grupos.
Anos atrás, a Agência de Segurança Nacional (NSA) criou um projeto para aplicar “Mandatory Access Control” (MAC) dentro do kernel Linux. Este projeto ficou conhecido como “Security Enhanced Linux” ou “SELinux”. O MAC reforça as políticas de segurança que limitam o que um usuário ou programa pode fazer, e quais arquivos, portas, aparelhos e diretórios um programa ou usuário pode acessar.
SELinux tem três modos: “Desabilitado”, “Permissivo” e “Execução”. No modo “Desabilitado” nada é feito. Neste modo você tem as políticas configuradas e prontas, mas não ativas. O modo “Permissivo” registra as violações da política em arquivos de log para que você possa verificar ou monitorar. No modo “Execução” qualquer violação da política de segurança será contida.
SELinux utiliza cerca de 5 a 10% do desempenho do sistema quando no modo de Execução ou Permissivo.
Da mesma forma, o SELinux pode ser executado em uma política de “Orientada” ou “Estrita”. A política “Orientada” significa que os controles MAC apenas se aplicam a determinados processos. A “Estrita” significa que os controles MAC se aplicam a todos os processos. As pessoas devem ser advertidas de que o uso indiscriminado da política “Estrita” do SELinux pode tornar o sistema praticamente inutilizável para alguns usuários. Tem que haver um compromisso de manter o sistema seguro, mas permitindo que os usuários façam o seu trabalho.
Argumenta-se que o SELinux é um “exagero” em um sistema de um único usuário, mas com modernos exploits e o poder do “sistemas de um único usuário”, podemos encontrar mais e mais aplicações do SELinux em um desktop de um único usuário.
Anos atrás, a Agência de Segurança Nacional (NSA) criou um projeto para aplicar “Mandatory Access Control” (MAC) dentro do kernel Linux. Este projeto ficou conhecido como “Security Enhanced Linux” ou “SELinux”. O MAC reforça as políticas de segurança que limitam o que um usuário ou programa pode fazer, e quais arquivos, portas, aparelhos e diretórios um programa ou usuário pode acessar.
SELinux tem três modos: “Desabilitado”, “Permissivo” e “Execução”. No modo “Desabilitado” nada é feito. Neste modo você tem as políticas configuradas e prontas, mas não ativas. O modo “Permissivo” registra as violações da política em arquivos de log para que você possa verificar ou monitorar. No modo “Execução” qualquer violação da política de segurança será contida.
SELinux utiliza cerca de 5 a 10% do desempenho do sistema quando no modo de Execução ou Permissivo.
Da mesma forma, o SELinux pode ser executado em uma política de “Orientada” ou “Estrita”. A política “Orientada” significa que os controles MAC apenas se aplicam a determinados processos. A “Estrita” significa que os controles MAC se aplicam a todos os processos. As pessoas devem ser advertidas de que o uso indiscriminado da política “Estrita” do SELinux pode tornar o sistema praticamente inutilizável para alguns usuários. Tem que haver um compromisso de manter o sistema seguro, mas permitindo que os usuários façam o seu trabalho.
Argumenta-se que o SELinux é um “exagero” em um sistema de um único usuário, mas com modernos exploits e o poder do “sistemas de um único usuário”, podemos encontrar mais e mais aplicações do SELinux em um desktop de um único usuário.
Ubuntu Maverick development updates
For last 2 hours, I dug through all the mails from ubuntu mailing lists, esp the announcements related to development, recalled many changes which I heard in last week or two and penned them down.
- Ubuntu Maverick Meerkat Alpha 1 released with Linux Kernel 2.6.34-5 #
- Ubuntu sparc and IA64 ports are candidates for decommissioning unless someone comes up to take the responsibility of maintaining it. #
- Maverick won’t run on processors below i686 #
- DebianImportFreeze on June 24th, Alpha 2 will come on July 1st #
- On Alpha 1 alternate, creation of encrypted /home is broken #
- Shotwell replaces F-Spot as Image organizer #
- Daniel Holbach invites everyone for Operation Cleansweep. It aims to bring down bugs with patches down to 0(zero) by the time of Maverick release. #
- Ubuntu User Days has been postponed till July 10th, 2010 #
- Jono Bacon has invited interested people to come forward and take over Acire and PyJunior development #
- Maverick rebased to Kernel 2.6.35-rc1 # # # (Status: Maverick (ogasawara) section)
- Maverick will be getting 1.8 X Server due to which all drivers need to be rebuilt. It might break X when upgrading. Later in the cycle X will be upgraded to 1.9 #
- Chromium is default for Ubuntu Netbook Remix #
- Martin Pitt has a page for burn-down chart and work progress for Maverick Alpha 2 #
- Lots of Software Center UI enhancements on the way #
quinta-feira, 10 de junho de 2010
The Thing King
The Thing King and the Paging Game
This note is a formal non-working paper of the Project MAC Computer Systems Research Division. It should be reproduced and distributed wherever levity is lacking, and may be referenced at your own risk in other publications.
This note is a formal non-working paper of the Project MAC Computer Systems Research Division. It should be reproduced and distributed wherever levity is lacking, and may be referenced at your own risk in other publications.
Rules
- Each player gets several million things.
- Things are kept in crates that hold 4096 things each. Things in the same crate are called crate-mates.
- Crates are stored either in the workshop or the warehouses. The workshop is almost always too small to hold all the crates.
- There is only one workshop but there may be several warehouses. Everybody shares them.
- Each thing has its own thing number.
- What you do with a thing is to zark it. Everybody takes turns zarking.
- You can only zark your things, not anybody else’s.
- Things can only be zarked when they are in the workshop.
- Only the Thing King knows whether a thing is in the workshop or in a warehouse.
- The longer a thing goes without being zarked, the grubbier it is said to become.
- The way you get things is to ask the Thing King. He only gives out things by the crateful. This is to keep the royal overhead down.
- The way you zark a thing is to give its thing number. If you give the number of a thing that happens to be in a workshop it gets zarked right away. If it is in a warehouse, the Thing King packs the crate containing your thing back into the workshop. If there is no room in the workshop, he first finds the grubbiest crate in the workshop, whether it be yours or somebody else’s, and packs it off with all its crate-mates to a warehouse. In its place he puts the crate containing your thing. Your thing then gets zarked and you never know that it wasn’t in the workshop all along.
- Each player’s stock of things have the same numbers as everybody else’s. The Thing King always knows who owns what thing and whose turn it is, so you can’t ever accidentally zark somebody else’s thing even if it has the same thing number as one of yours.
Notes
- Traditionally, the Thing King sits at a large, segmented table and is attended to by pages (the so-called “table pages”) whose job it is to help the king remember where all the things are and who they belong to.
- One consequence of Rule 13 is that everybody’s thing numbers will be similar from game to game, regardless of the number of players.
- The Thing King has a few things of his own, some of which move back and forth between workshop and warehouse just like anybody else’s, but some of which are just too heavy to move out of the workshop.
- With the given set of rules, oft-zarked things tend to get kept mostly in the workshop while little-zarked things stay mostly in a warehouse. This is efficient stock control.
Marcadores:
kernel,
memory,
The Thing King,
Virtual System
terça-feira, 8 de junho de 2010
Ubuntu: luckyBackup a powerful, fast and reliable backup & sync tool
The main goal of luckyBackup, as its name states, is the creation of backups of your data.
Somebody once said:
“ if you haven't backed up your data is like not having them at all !! ”
That is because, based at the laws of probability, some time, for some reason, something will happen and you will lose valuable data. Another guy once said:
“ computer users can be divided into 2 categories:
Those that have lost data
...and those that have not lost data YET ”
I really wish you to never come to that situation.
But if you do, then I hope that you backed up your data the very last minute either by using this application or not :-)
It is simple to use, fast (transfers over only changes made and not all data), safe (keeps your data safe by checking all declared directories before proceeding in any data manipulation ), reliable and fully customizable.
On Ubuntu, line command, type:
$ sudo apt-get install luckybackup
After that, go on Applications->System menu...
Marcadores:
backup,
linux,
sync,
syncronization,
Ubuntu
Assinar:
Postagens (Atom)