ing
it. It's a great opportunity to reintegrate seurity in a way that we
just never had with the Web 1.0 universe.
-nash
On Tue, Aug 15, 2006 at 10:03:07AM +0200, John Wilander wrote:
> Hi!
>
> The security principle of minimizing your attack surface (Writing
> Secure Code, 2
ystems. They're more flexible and
should have all the features you want, but are still largely
theoretical.
http://en.wikipedia.org/wiki/Capability-based_security
That said, every decent Unix system I'm aware of has ulimit, which you
can use to restrict virtual memory allocations, total op
sign stage. Getting a security architecture in place
that matches your risk tolerance and functional requirements is the
single best way to prevent intrusions, bar none.
nash e. foster
Stratum Security, LLC
--
"the lyf so short, the craft so long to lerne."
#x27;t mean that "chances
are very good" attackers can compromise the credentials.
Not all identities have to be perfectly defended.
-nash
--
An ideal world is left as an exercise for the reader.
- Paul Graham
t way
the strings command didn't find them. Didn't help much if your hackers
had read the HHGTTG, though.
-nash
On Mon, Apr 25, 2005 at 07:55:43AM +, john bart wrote:
> Hello to all the list.
> I need some advice on where to store the keystore's password.
> Right now,
int Theory. I read about it briefly, but
can't really comment on how well it addresses this problem. It seems to
be a promising possibility, though. See Nielson for more.
ciao,
-nash
"Semantics with Applications", Nielson & Nielson, Wiley, 1992. Available
as a PDF her
oughts on this? Any references to relevant theories of failures and
> errors, or to explorations of this or similar ideas, would be welcome.
There are academics active in this field of research. Here's a few
links:
http://cm.bell-labs.com/cm/cs/what/spin2005/
http://www.google.com/sea
On Sat, Aug 07, 2004 at 06:41:49PM -0700, Matt Setzer wrote:
> Specifically, what are the top five or ten
> security papers that you'd recommend to anyone wanting to learn more about
> security? What are the papers that you keep printed copies of and reread
> every few years just to get a new pers
e, has an interesting argument
in favor of the "Not Invented Here Syndrome":
http://www.joelonsoftware.com/articles/fog07.html
l8r,
-nash