Integrity/Availability Leftovers
-
Guy [cracks] UZ and allocates accommodation to students, netting US$3000 in the process
UZ has an online platform where students can apply for accommodation. What the State is alleging is that Martin gained access to the UZ’s computer network and could edit information on that accommodation platform.
Once he had that access he proceeded to approach students who were seeking accommodation and charged them between US$40 and $60 to secure it. He is said to have done this between October and November 2021. All in all, he allegedly pocketed over US$3000 from the 64 students he offered the service.
-
ZBC suffers power outage disrupting radio & television programming
The Zimbabwe Broadcasting Corporation (ZBC) has, in a tweet, notified the nation that it has suffered a power outage at its Pockets Hill Broadcasting Centre.
-
Why Are Authentication and Authorisation So Difficult?
Once you’ve selected which type of authentication to support, you may also need to pick a specific implementation if it is not a standard. This potentially complicates the end user’s environment if it’s not a match for the other applications in use. This National Security Agency (NSA) guide categorizes specific MFA solutions into the evaluation criteria from the National Institute of Standards and Technology’s (NIST) 800-63 authentication documents and is a very helpful resource for understanding the strength of each solution. If you are less familiar with identity management and all it encompasses, the NIST documentation is an excellent resource to learn more about this complex set of technologies.
-
Simple Things That Are Actually Hard: User Authentication
And that’s for the most obvious feature that every application has. No wonder it has been implemented incorrectly many, many times. The IT world is complex and nothing is simple. Sending email isn’t simple, authentication isn’t simple, logging isn’t simple. Working with strings and dates isn’t simple, sanitizing input and output isn’t simple.
-
Hidden Certificate Authorities
The security of encrypted Web traffic depends upon a set of Certificate Authorities (CAs). Browsers and operating systems are configured with a list of CAs that they trust. The system is brittle, in the sense that if any of the multitude of CAs that your browser trusts is incompetent or malign, the security of all your traffic is imperiled. I've written several times on the topic of misbehaving CAs; there is a list of links at the end of the post.
In Web trust dies in darkness: Hidden Certificate Authorities undermine public crypto infrastructure, Thomas Claiburn reports on an important paper, Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem by Yiming Zhang et al. This paper looks at what happens when, by fair means or foul, unofficial entries are added to or replace the CAs in the official list that your browser trusts. Below the fold I discuss their findings.
- Login or register to post comments
- Printer-friendly version
- 2091 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago