LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Security page

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Security quotes of the week

[Posted July 4, 2012 by jake]

Virology is not computer science. A biological virus is not the same as a computer virus. A vulnerability that affects every individual copy of Windows is not as bad as a vulnerability that affects every individual person. Still, the lessons from computer security are valuable to anyone considering policies intended to encourage life-saving research in virology while at the same time prevent that research from being used to cause harm. This debate will not go away; it will only get more urgent.
-- Bruce Schneier

Considering that the members of the security disclosure list are public (http://www.xen.org/projects/security_vulnerability_process.html) and considering that some of them are service providers, if I am a [customer], why would I ever choose a provider that is not in that list?

Having that list on the website is like writing: "please choose one of the providers in the list below as they have a better security response".

-- Stefano Stabellini (Thanks to George Dunlap.)

To defend against hackers, filtered computers are standard in the government, but they are problematic for officials who are trying to discover dishonest activity on the Web; it's a bit like telling a cop he can't patrol in high-crime neighborhoods. A handful of unfiltered computers are available in restricted labs at the FTC's [US Federal Trade Commission] headquarters on Pennsylvania Avenue and its satellite offices on New Jersey Avenue and M Street, but this is an ungainly setup. Rather than leaving their office, waiting for an elevator, swiping their ID badges across a sensor at the lab's locked door and logging into a computer soaked with malware (because the lab computers are used to test suspicious applications and websites), the technologists have instead stayed in their office and tethered their personal laptops to their personal cellphones. The office does not have a window, and the cell signals are not strong; even by phone standards, their Web connection is slow.
-- Peter Maass at ProPublica

The [UK] Government has been forced to suspend an online consultation into pornography controls after a security breach exposed respondents’ confidential answers and contact details.
-- Nick Clark in The Independent
(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds