Slashdot Mirror
Domain: immunix.org
Stories and comments across the archive that link to immunix.org.
Comments · 160
-
Re:Perhaps . . . but:
I thought the reason that clocks ran faster in the attic than the basement was because of gravity's affect on the MECHANISM rather than gravity's affect on time.
Uh, no. You are precisely, exactly wrong. Clocks in the attic run faster than the basement because of gravity's effect on time, not on the mechanism.Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Some Say it Has Already Happened ...If backward time travel is ever possible, then it has "already" happened. Someone has likely aleady travelled back before August 2002 and done something, we just don't know it.
Of course, this induces the potential for paradox, causing great cosmological and philosophical consternation. I don't know what will happen if/when someone goes backwards through time, but here's some ideas:
- The universe forks in two when a paradox is induced.
- The universe forks in two at the instant the traveller enters history (because at a micro-level, paradox is induced as soon as they appear).
- Paradox induces a cascading feedback loop of self-modifying universes (each inducing a time-traveller who goes back and causes another chage) until the sequence halts with a universe in which time travel is not developed. My bet is that if time-travel is possible, then this is what has happened, because there is no evidence of time travel.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
REALLY Alternative :)My wife's engagement ring is in her tongue. My engagement ring is in my left nipple. Neither involves a diamond
Ok, so that is probably a little too alternative for most people. More seriously, if you must have a diamond, and they have crappy resale value, why not go buy a used one? eBay or pawn shop for a used ring with a nice rock, and (if necessary) spend the $$ you saved on the rock on some custom jewelry work for a setting.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
I would use Immunix
I don't consider myself a full-on security guru, but from my experience, Immunix has a very good track record. Crispin Cowen has published many white papers concerning the stackguard compiler and how it will prevent buffer overflow attacks. Combine this with FormatGuard, and a resonable price ($100, free for non-commercial use. Check it out at http://wirex.com/Products/Immunix/purchase.html.
Don't forget to use Bastille to harden it after you install. Or you could do it manually, than you will need to remove SUID crap, use CHATTR to make your critical conf files immutible, and many, many other tricks. You can read about it http://www.bastille-linux.org/. Hope that helps.
-
OpenBSD isn't perfectYou mean that waste of 1,000,000 of your tax dollars on a piece-of-shit distribution that is less effective than OpenBSD and jail (total cost to the taxpayer: $0)?
You may notice that OpenBSD now claims "One remote hole in the default install, in nearly 6 years!" If OpenBSD utilized an SE Linux type security system, the remote exploit from two and a half weeks ago would have been far more limited in its scope.
Security Enhanced Linux was the motivating factor for the security framework being incorporated into the 2.5 Linux kernel. I would hardly consider that a waste of my tax dollars.
-
USENIX!!!USENIX Security Symposium: not just more affordable than SANS, it's also better. SANS is baby-food for people with more time than money: nice, competent people RTFM to you out loud.
In contrast, USENIX is actual security technology. Take the tutorials for in-depth learning on important issues, and the technical sessions for cutting-edge practical security research. We have a paper this year on the LSM (Linux Security Modules) project.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
USENIX!!!USENIX Security Symposium: not just more affordable than SANS, it's also better. SANS is baby-food for people with more time than money: nice, competent people RTFM to you out loud.
In contrast, USENIX is actual security technology. Take the tutorials for in-depth learning on important issues, and the technical sessions for cutting-edge practical security research. We have a paper this year on the LSM (Linux Security Modules) project.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:You folks don't no sh*t about patent lawCryptome is slashdotted at the moment, so I can't go look at "Claim 1". But here's some interesting prior art, drawn from a paper "Signed Executables for Linux" by Leendert van Doorn, Gerco Ballintjin, and William A. Arbaugh, CS-TR-4259, June 2001"
- Pozzo and Gray first proposed signed executables for the Locus distributed system in 1986 .
- The IBM 4758 uses a signed package mechanism to load executables into the device, Smith and Weingart, 1990.
- Arbaugh built a mechanism for signed executables for SunOS and then FreeBSD in 1994.
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Code Audits, the UNIX security modelsuggest you go have a look at LSM - Linux Security Module
security model is too coarse grained:
Actually SELinux does not implement ACL's, but rather Type Enforcement. It also has potential (and experimental impementation) to implement MLS or other security policies / methods.
What type enforcement gets you is the ability to create highly fine-grained security controls, so that the program and user-security-context have privilege to execute critical functions and that privilege can be removed from the root user.
One of the debian SELinux implementers placed an SELinux system on the 'net with root-password / ssh access advertised. This is not a proof of safety, but in fact noone succeeded in escalating privilege.
As it looks like LSM is on track to be in kernel 2.6, at least the way is presently paved.
-
Re:Complacence will get us nowhere
SuxOS introduces a revolutionary security structure, using among others, the Linux Intrusion Detection System to enforce MAC (Mandatory Access Control), the grsecurity kernel patch, to enhance overall security by putting restrictions on various parts of the
The Linux Intrusion Detection System makes it possible to make an incredibly fine grained set of Access Control Lists, thus making it virtually impossible for even a skilled cracker to penetrate the strong security layers of SuxOS. LIDS provides the ability to control all access to system resources, even preventing a root compromise from subverting the security of the entire system. The default Access Control Lists in SuxOS, has been set up in a very secure fashion, by locking up the system completely, and then explicitly granting access to the applications that need it. The outcome of this is extremely fine grained access control, unsurpassed by any other known Linux distribution today.
Security of the host itself has been significantly improved. Enforcement of longer passwords, insecure protocols non-existent, and extensive logging and auditing provide a solid foundation to build a complete corporate Internet presence.
-
Have you looked into Immunix and StackGuard?See http://www.immunix.org/
While it may not be EXACTLY what you want, it may be MORE.... -
Re:That's because...offering to use NSA SELinux (because of the NSA's "approved" cachet) really seems to open a lot of doors for Linux.
While stipulating that SELinux is the best design I've see *by far* for linux;
NSA has absolutely not 'approved' this for any use, nor do they represent it as a system that's either in any production operation at NSA, nor that it is an appropriate system for such use.
As said in posts above SELinux is a research project / reference implementation. Yes many folks are planning on offering commercial solutions based on SELinux, and for good reason, it's a fine design with good attention to detail.
There is a serious set of issues involved in applying SELinux to a production environment. SEL development (and LSM on which it depends) tracks the stable and -dev kernels. This means the platform is updated often and no attempts are being made to maintain fixes/changes compatible with prior releases / kernels.
Also all versions since the first reference impelementations are based on the Linux Security Modules LSM which are an attempt by the security industry to build a common interface for securing / auditing Linux's security - relevant interfaces.
LSM is an impressive piece of work, and has come a long way in the roughly 1 year that they've been coding! When one of the participants (IBM) provides a programmatic analysis tool that finds there are some oversights in the design, you know that this is still a work in progress / and I hope that any serious security implementer will take these things into consideration.
The upside of course is that these tools are being built and both LSM and SELinux are doing very good detail work on thinking about how to get Unix (Linux in this implementation) to a place where the OS itself can eliminate the reliance on root-privilege. WinNT was supposed to be such an implementation, I think most observers agree that intent didn't make it into the release code due to the complexity and competing design objectives.
-
Re:Forms of speech describing illegal action
Code for a virus is no different than certain Stephen King books
This analogy would be relevant only if books came with an "execute" bit that caused them to immediately do what is described in the book when you opened it.Because analogies are like goldfish: sometimes they have no bearing on the subject at hand
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:More posturing, courtesy of the IEEE
However, cutting to the chase, the IEEE and the authors it represents really have little to fear in reality. The IEEE isn't "2600" Magazine; it doesn't deal with controversial subject matter on a regular basis. They aren't in the computer security business and they are unlikely to accept any remotely controversial manuscript in the first place. They changed their rules for one simple reason: they think it will make people care about the injustices of the law.
You could not be more wrong about that. The IEEE Computer Society Tecnical Committee on Security and Privacy runs some of the most significant security conferences, including the "Oakland" security conference and the Computer Security Foundations Workshop. It is entirely likely that the IEEE may end up considering publishing DMCA-related papers, making this change highly problematic.Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:VirusesBut pseudo-words are such fun! "Vaxen", "orientate", and my personal favorite, "performant"
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
"Geeks"? :)Anyone who cannot figure out how to prevent pop-ups, banners, spam, and e-mail virii from disrupting their life hardly deserves the moniker of "geek".
Hint: disable javascript, edit your
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:SELinux vs. LIDSSee my post on LSM: the Linux Security Modules project. This is precisely what LSM is about: give Linux a kernel loadable module interface that lets you load SELinux, SubDomain, LIDS (which got its security model from SubDomain), etc. into the kernel.
Stacking modules (loading more than one module at once) is problematic, because security policies are known to not be composable in general. However, if the modules have been designed to be stacked, then LSM will let you stack them.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:SELinux vs. LIDSSee my post on LSM: the Linux Security Modules project. This is precisely what LSM is about: give Linux a kernel loadable module interface that lets you load SELinux, SubDomain, LIDS (which got its security model from SubDomain), etc. into the kernel.
Stacking modules (loading more than one module at once) is problematic, because security policies are known to not be composable in general. However, if the modules have been designed to be stacked, then LSM will let you stack them.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:SELinux vs. LIDSSee my post on LSM: the Linux Security Modules project. This is precisely what LSM is about: give Linux a kernel loadable module interface that lets you load SELinux, SubDomain, LIDS (which got its security model from SubDomain), etc. into the kernel.
Stacking modules (loading more than one module at once) is problematic, because security policies are known to not be composable in general. However, if the modules have been designed to be stacked, then LSM will let you stack them.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Linux Security Modules (LSM)Note that the issue of getting SELinux from being a patch to Red Hat to being a truly generic solution is part of what the Linux Security Modules (LSM) project is all about: provide a module interface for the standard Linux kernel that can load a variety of modules, including SELinux. We are close to ready to propose the LSM patch for inclusion into the Linux 2.5 source tree. We maintain up-to-date LSM patches for both Linux 2.4 and 2.5.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Linux Security Modules (LSM)Note that the issue of getting SELinux from being a patch to Red Hat to being a truly generic solution is part of what the Linux Security Modules (LSM) project is all about: provide a module interface for the standard Linux kernel that can load a variety of modules, including SELinux. We are close to ready to propose the LSM patch for inclusion into the Linux 2.5 source tree. We maintain up-to-date LSM patches for both Linux 2.4 and 2.5.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Tax Levy Google CacheExcept that the google cache copy is out of date with respect to the current issue. The actual FAQ was updated as of March 13, 2002, while the google cache is from 2000.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Spamming for dumbassesSo tell us his IP addresses, so we can "chat" with his up-stream ISPs and get them to severely "chat" with him
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Spam Works!Hey, spam really can increase your penis size. It has turned Bill Jones into a giant dick!
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Sardonix: Auditing Open Source SoftwareWe're working on ranking expressions that accomodate all of those factors. The trick is to design it such that the expressions encourage all the right behaviors, discourage all the wrong behaviors, and aren't so complex that the auditors can't figure out what it is they're supposed to be doing
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Artificial Restrictions
Cynical? Not really; I'm being realistic based on years of experience in activism.
But that is cynicismCrispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Is this Snake Oil Still Around?They've been pushing this crap for years, and it is still crap: It fails to stand up to an y reasonable threat model.
- If it is truly meant to make incriminating e-mail disappear, it will fail. Recipients of incriminating e-mail are likely to make durable storage copies, with a camera if nothing else. The crypto software cannot possibly prevent this.
- If it is only meant to make casual e-mail disappear, then it is a great deal of fuss for something that can be handled by simpler means, such as corporate policy, leaving e-mail on mail server spools, and having the system administrators delete it.
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Hmmmm...I would really like to see that 1991 set of predictions claimed to be 85% accurate. IMHO, some of his current predictions are on crack. The goofiest one I've found yet: AI entity gains PhD 2016. I'll be impressed if an AI entity can parse a dissertation well enough to answer trivial questions about it by 2016.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Sardonix: Auditing Open Source SoftwareThe Sardonix project is intended to address some of this problem. "Many eyes make bugs shallow" but only if many eyes are actually looking. Sardonix seeks to encourage source code review with an auditor rating system based on performance. Programs will also be rated, according to who has audited them. Naturally, we provide a set of resources for people to use in their auditing.
Wanna make security better? Come do something about it.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Benefit?!?!Benefit? Benefit?! There was no "benefit"; digital projection in a theatre sucked ass. It was very similar in quality to what you get when you hook up a DVD to an InFocus projector, i.e. visible grain, far, far worse than 35mm.
When I read two years ago that Lucas was going all digital for Clones, I thought he should put down the crack pipe. I'm now more convinced than ever.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
LameWell, that's lame. There are several examples of more attractive micro-PCs at more attractive prices. Here's some:
- EZAV: smaller form factor, similar power, about $900 configured reasonably. Advantage: has a video port. Disadvantage: only one NIC.
- American Portwell: little server appliances. No video, but three NICs, two USBs, and a serial port.
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Um, fund a non-profit, Uncle SamClue: DARPA funds lots of for-profit companies. The vast majority of them give back far less to the community than WireX does.
They've already had their DARPA contracts, and what have they contributed? No-exec patches for Linux. That's about it.
Brilliant. Completely, precisely wrong. The non-executable stack patch is by Solar Designer. WireX has contributed StackGuard, FormatGuard, and the Linux Security Module project, with more on the way.They need to be actively involved in the security community; not just post a message when they get funding. I think we'd see much greater success.
- 114 moderator-approved posts to securityfocus.com mailing lists.
- 48 publications and citations to our work on the USENIX site.
- I served on the USENIX Security 1999 program committee.
- I was the publicity chair for the New Security Paradigms Workshop for three years.
- My first post to the Linux Security Audit Project in 1998.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Um, fund a non-profit, Uncle SamClue: DARPA funds lots of for-profit companies. The vast majority of them give back far less to the community than WireX does.
They've already had their DARPA contracts, and what have they contributed? No-exec patches for Linux. That's about it.
Brilliant. Completely, precisely wrong. The non-executable stack patch is by Solar Designer. WireX has contributed StackGuard, FormatGuard, and the Linux Security Module project, with more on the way.They need to be actively involved in the security community; not just post a message when they get funding. I think we'd see much greater success.
- 114 moderator-approved posts to securityfocus.com mailing lists.
- 48 publications and citations to our work on the USENIX site.
- I served on the USENIX Security 1999 program committee.
- I was the publicity chair for the New Security Paradigms Workshop for three years.
- My first post to the Linux Security Audit Project in 1998.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Um, fund a non-profit, Uncle SamClue: DARPA funds lots of for-profit companies. The vast majority of them give back far less to the community than WireX does.
They've already had their DARPA contracts, and what have they contributed? No-exec patches for Linux. That's about it.
Brilliant. Completely, precisely wrong. The non-executable stack patch is by Solar Designer. WireX has contributed StackGuard, FormatGuard, and the Linux Security Module project, with more on the way.They need to be actively involved in the security community; not just post a message when they get funding. I think we'd see much greater success.
- 114 moderator-approved posts to securityfocus.com mailing lists.
- 48 publications and citations to our work on the USENIX site.
- I served on the USENIX Security 1999 program committee.
- I was the publicity chair for the New Security Paradigms Workshop for three years.
- My first post to the Linux Security Audit Project in 1998.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Um, fund a non-profit, Uncle SamClue: DARPA funds lots of for-profit companies. The vast majority of them give back far less to the community than WireX does.
They've already had their DARPA contracts, and what have they contributed? No-exec patches for Linux. That's about it.
Brilliant. Completely, precisely wrong. The non-executable stack patch is by Solar Designer. WireX has contributed StackGuard, FormatGuard, and the Linux Security Module project, with more on the way.They need to be actively involved in the security community; not just post a message when they get funding. I think we'd see much greater success.
- 114 moderator-approved posts to securityfocus.com mailing lists.
- 48 publications and citations to our work on the USENIX site.
- I served on the USENIX Security 1999 program committee.
- I was the publicity chair for the New Security Paradigms Workshop for three years.
- My first post to the Linux Security Audit Project in 1998.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
So What's the Problem?So what, excactly, is the problem with heavy users paying their own way?
What's the point of high speed broadband access if you can't use it to full potential without having to start selling organs to pay the bills?
HmmmLook, all they're doing is changing the bundling of their service to more closely reflect the usage patterns of two groups of customers. To insist that they do otherwise is to demand that the light-usage customers subsidize the heavy users. And this is exactly what happens in the DSL market anyway, where service providers charge different rates for different bandwidths.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:so?
That it's the only job they can get doesn't justify telemarketing any more than it justifies prostitution, contract hits, or crack dealing.
Hey, watch what you say about prostituion and crack dealing. Those professions are far more legitimate than telemarketing.Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Project Moneypot :-)Cousin to the Honeypot idea, meet the Moneypot
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Maybe Due To Different TopologyIt occurs to me that mostly CableModem companies have this bizzarre fetish about "abusing" your service by using NAT, running "VPNs", etc., while most DSL providers do not. I also observe that my friend (who has CableModem) gets much higher peak BW than I get on my DSL, and that he gets it often because he lives in a podunk small town without a lot of competing users.
So now it occurs to me that the CableModem providers may be rabid about creative ways to use more bandwidth because their infrastructure is more fundamentally shared: their peak BW is higher, but users have to share the cable to the CO. In DSL, they can clamp my line if they want to.
Thus "nothing more than the bandwidth for which they are paying" may be the crux of the issue. DSL providers actually can limit you to your paid BW, but CableModem operators have a much harder time doing that.
Not that I actually support an ISP that wants to ban my NAT box. I would immediately switch to an alternate provider who lets me do what I want with my bits. Oh wait, I already did
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Quick question for you:
claim to be a Ph.D
"claim"?! How hard can it be to look up someone named "crispin"?If the Earth's magnetic field alternated its polarity 60 times a second, do you think ALL of the flourescent lighting in the world would glow?
Yes, they would. That's because a static magnetic field does not convey any energy, and an alternating field does. You can only induce power from moving EM fields.It's an inference from there to the assumption that static magnetic fields are harmless while various alternating EM fields may cause damage. I'm pretty comfortable with the idea that the Earth's magnetic field is harmless to us
I'm somewhat more on the fence about whether EM radiation causes health hazards. It seems plausible that any field with lots of energy (such as lighting up a florescent tube, or microwaves that melt chocolate) stand a stronger chance of being dangerous than weak fields (such as cell phone or radio towers).
Note that there have been cases in the past where something was thought to be safe and turned out to be very dangerous. In the 1950's, shoe stores had these X-ray devices for checking out your shoe fit. Put your feet over the emitter, put your face above the view plate, and lookit your tooties in the shoes. Small problem: loads of X-ray rems hitting you in the face
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Oh no! Certain doom!Then you calculated wrong. Experiment: go get a 3 or 4 foot florescent tube light bulb, go stand under a high voltage line at night, and point the bulb at the high voltage line. The bulb will light up. I have personally verified that this works.
In a related anecdote, some guy (IIRC in the UK) was busted for stealing power from the power company. He did this buy winding a large quantity of copper coil around his garage, which was situated underneith a high voltage line. The garage full of coil was sufficient to induce enough power to run his house. Unfortunately, I can't find a link to the story.
Caveat: I still think the people trying to shut down the school radio are nuts. I just wanted to point out that short-range EM from high voltage lines is a much different situation than EM from cell towers.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Security?Dunnow about what IMASS did, but the equivalent WireX server appliance protects itself with the suite of Immunix security tools.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Security?Dunnow about what IMASS did, but the equivalent WireX server appliance protects itself with the suite of Immunix security tools.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
But There are LOTS of These Server Appliances ...Why does yet another server appliance rate a slashdot story? There are many companies selling this kind of SOHO (Small Office/Home Office) server appliance, starting with the venerable Cobalt Qube.
WireX (my company) has been selling this kind of product for a long time now. The WireX web-based management interface (as provisioned on Dell PowerApp servers) even won an "Emperor Class" award from Linux Magazine. And the WireX servers have the additional benefit of being protected with Immunix security, something which is especially needed by the kinds of users who choose "easy to use" server appliances.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
But There are LOTS of These Server Appliances ...Why does yet another server appliance rate a slashdot story? There are many companies selling this kind of SOHO (Small Office/Home Office) server appliance, starting with the venerable Cobalt Qube.
WireX (my company) has been selling this kind of product for a long time now. The WireX web-based management interface (as provisioned on Dell PowerApp servers) even won an "Emperor Class" award from Linux Magazine. And the WireX servers have the additional benefit of being protected with Immunix security, something which is especially needed by the kinds of users who choose "easy to use" server appliances.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:You're caught
I admitted that we shared code, only because we had shared ideas and had all come to the solution together.
You cheated, plain and simple. Busted. Quit yer bitchin'.When we poked our heads in his office he was in his chair - asleep. If that isn't enough - he completely forgot to show up for the final exam.
So the prof was lame. Granted. Doesn't make what you did non-cheating. Suck it up, and if you don't like your school, change to a different one. To be really helpful, tell us the name of your school, so that other people can avoid going there.Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase
The Olympic Games: A Century of Corruption and Graft/center -
Just Say ".No" :-)
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Where'd the Microsoft Spike Come From?IMHO, more significant (to say nothing of distrubing) than the domain name reduction is the huge spike in use of Microsoft web servers starting last June. The spike continues unabated through the summer of Code Red and Nimda.
What is it that caused this surge in Microsoft web servers? And what is it that causes these clueless dweebs to ignore the substantial risks of employing Microsoft web servers?
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
Re:Rights of authors to control their works (i.e.The main problem with this is that DRM without mandated hardware is fundamentally impossible. DRM without controlling hardware amounts to cute watermarks and obfuscation. You cannot prevent bits from being copied, you can only build machines that will refuse to play copied bits. While I agree that functional DRM may well be a boon to independent artists, it is about as helpful as observing that functional antigravity devices would be a boon to transportation, i.e. a pipe dream.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase -
ImmunixImmunix is our security-hardened Linux system. Immunix offers a security confinement mechanism called SubDomain which is similar to SELinux and HP's Virtual Vault technology, which is what is incorporated into their HP-LX product. SubDomain is "in between" SELinux and HP-LX, in the following ways:
- Complexity and Flexibility: The more complex a product is, the more flexible it can be. SubDomain is less complex to manage than SELinux, but offers more flexibility than HP-LX.
- Price: SELinux is free, Immunix Systems are $90 each, and HP-LX is $3000 each.
- StackGuard: resists most buffer overflow attacks.
- FormatGuard: resists most printf format bug attacks.
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase