Star wars movie!
Where is my nobel prize, I can predict the future by reading the website of DHI, and drawing clues.
He has done this kind of "diashow" for some time now. The first time I saw it it was awesome, now I just ignore the whole story.
But very much enjoyed his post on the last "new planet discovered thats even more like earth" news wave:
That former employee that knows the root password or has the keys can't get to it.
Make a good policy, no passwords, only keys, and every employee has one. Then you only have to delete the keys from all boxes, if an employee leaves, done. You will however have to use custom tools for logging, because ssh does only log the key if at VERBOSE loglevel, which you usually don't want.
The current employee that fat fingers a command to the wrong host can't do much damage.
That is, I agree, more likely possible. However if an employee has to do "sudo" all the time, they just start turning their brain off while doing it. Too much "are you sure" harms too.
That thief with a stolen laptop can't use a key to get full access remotely.
If you require your employees to encrypt their keys with a passphrase, which you should do, then this isn't an issue.
disabling root logins has no security benefit at all. Keep the keys secure, everything is fine. In some cases there is a small benefit, but in most there is none.
Do you call the first version of your software "2.1"?
From your website, I see that "make install" only installs two files, the executable and the manpage, but I prefer keeping my $PATH mostly filled with applications I can update with my package manager.
These smartwatches are toys. What happens when we put machines in our bodies, giving them control over body functions? Do I have to change implants when I change my employer, because the new one has stricter security guidelines?
Just make sure you get the name right on the check.
H and L only differ on the 6th bit. You can't expect from everybody to have all bits right!
... but this time, its with windows 10!
What they did is getting a basic overview of which projects need most attention. This is the first stage in improving the situation the most effective way. Now people/companies which have an interest in linux security as a whole (e.g. redhat) have a list of projects they can contribute to, even sorted by which to contribute first. I think the list is incredibly useful. Before heartbleed nobody did this kind of research, or it didn't get any attention.
This is the result if news media take science publications as truth. Of course, most of them are well researched, but even if, every result can be questioned.
You can tax online gambling too, if you want. Its more direct, and you can keep more of the money as gambling organisation. No kiosk middleman.