Tag: security

Detailed Smart Card Cryptographic Token Security Guide

August 6th, 2015, 4 Comments

After my first post about smartcards under Linux, I thought I would share some information I’ve been gathering. This post is already huge, so I am not going to dive into — much — specific commands, but I am linking to many sources with detailed instructions. I’ve reviewed several types of cards. For this review, […]

Administering Dozens of Debian Servers

December 16th, 2008, 19 Comments

At work, we have quite a few Debian servers. We have a few physical machines, then a number of virtual machines running under Xen. These servers are split up mainly along task-oriented lines: DNS server, LDAP server, file server, print server, mail server, several web app servers, ERP system, and the like. In the past, […]

Why Do Web Applications Stink So Badly?

November 25th, 2008, 36 Comments

So today, I happen to be looking at wikis for two small to mid-sized public proojects (MoinMoin and DokuWiki look like frontrunners right now — any suggestions?) Recently, I’ve also looked at blog and CMS software, and a host of other web apps. It’s as if these people have learned nothing about good software practices […]

Thoughtfulness on the OpenSSL bug

May 14th, 2008, 5 Comments

By now, I’m sure you all have read about the OpenSSL bug discovered in Debian. There’s a lot being written about it. There’s a lot of misinformation floating about, too. First thing to do is read this post, which should clear up some of that. Now then, I’d like to think a little about a […]

Why Is Expensive Software So Crappy?

July 8th, 2006, 9 Comments

Today I was listening to Gary McGraw on Frontline Security talking about software security. One of his points was that a large part of security trouble is poor design. That reminds me how I’ve been meaning to rant a bit about the really terrible security I’ve seen in proprietary software lately. Some of this is […]


http://changelog.complete.org / security