I thought it would be nice to share with you that I received a comment from Pádraig Brady, member of the GNU Core Utilities (coreutils) maintainers team, on yesterday’s post about effective data wiping saying that he has decreased shred‘s default number of passes from 25 to 3, as shown in this git commit. The [...]

One of the first things computer users, who are concerned with security, learn is that multiple overwrites with ones and zeros are required in order to wipe data to the extent that it is unrecoverable by any forensic analysis tools. According to this article on Softpedia, on which I stumbled while searching for something else, [...]

I’ve been using the mod_dav_svn module for Apache, part of the subversion distribution package, in order to make several SVN repositories available over the HTTP protocol for quite some time now. More specifically, I use a multi-repository setup under the same virtualhost by using the SVNParentPath directive of mod_dav_svn. Also, the authorization policy is enforced [...]

delayed-shutdown is an initscript that delays the shutdown (runlevel 0) or reboot (runlevel 6) procedure as long as a pre-defined lock file exists. The goal is to create a mechanism, which can be used by programs that perform critical operations that must not be interrupted, in order to delay system shutdown until these programs have [...]

You may have obtained my password, but you can’t type it like me! This could be the summary of the excellent article, titled Identify and verify users based on how they type by Nathan Harrington, which demonstrates how it is possible to enhance a computer system’s security by using a special algorithm which, in addition [...]

The National Security Agency (NSA) of the USA has published some security configuration guides for various popular Operating Systems. Linux is covered by the Red Hat Enterprise Linux 5 security guide, but most of the included information can be easily translated to other Linux distributions. As it is clearly stated in the guide’s disclaimer, all [...]

A digital certificate[1]‘s purpose of existence is to sign or encrypt other material, either the latter is an online transaction, an email message or software code. Root Certificates, their respective private key actually[1], are used by Certificate Authorities to sign and add certain extensions to other certificates they issue, thus making the latter valid for [...]

This article describes how to implement SSL-enabled name-based vhosts – that is secure virtual hosts which share the same IP address and port – with the SNI-capable mod_gnutls module for Apache’s httpd web server.

Today I had the opportunity to read “The Athens Affair” article, a very popular document during the last couple of weeks, written by Vassilis Prevelakis and Diomidis Spinellis. I have enjoyed reading it so much, that I decided to go a bit off-topic on my blog and write a post about it.

According to the latest post, at the time of writing, on the WordPress development blog, a cracker gained access to one of the servers that power wordpress.org and modified the WordPress 2.1.1 distribution package. It is said that malicious code that can make the web application vulnerable was planted into the archive.