Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Submission Summary: 0 pending, 14 declined, 1 accepted (15 total, 6.67% accepted)

Security

+ - SmoothWall team release version 3 RC 1->

Submitted by
wallyhall
wallyhall writes: "As the phrase goes ... "As we know, there are no known knowns. There are things we know we know. We also know there are known unknowns. That is to say we know there are some things we do not know. But there are also unknown unknowns, the ones we don't know we don't know."

The GPL Smoothwall project has released version 3 RC1 (codename "Sammy"), and for the first time it's available in both "user" and "developer" editions, for both 32 and 64bit architectures."

Link to Original Source
Security

+ - MI5 terrorist threat "critical"->

Submitted by
wallyhall
wallyhall writes: "Today MI5's terrorist threat assessment level was moved to "critical" (MI5.gov.uk), the highest it can be. The BBC (news.bbc.co.uk) also has the story.
The level changed from "severe" after 2 attempted car bombings yesterday and a burning car driven into Glasgow airport today. Several people were arrested in connection to the attacks. Those living in Britain are told to be vigilant."

Link to Original Source
Security

+ - Laptop hibernation a security risk?

Submitted by
wally
wally writes: "I was having a long think today when it popped into my mind, is hibernation on laptops a security risk?

My flow of thought went like this: if I stole a laptop knowing that it had encrypted home and root partitions (assuming a Unix-like OS), presumably if it has a separate swap partition, that'd contain an unencrypted snapshot of the system prior to hibernation.

Therefore, this RAM image is presumably exploitable. Booting a USB stick would allow closer examination, presumably I could do anything from reading an open sensitive OpenOffice document to inserting some exploitable code into the frozen kernel to do something nasty when the laptop is next booted.

Even if the system keeps a checksum somewhere hidden to ensure the integrity of the RAM image before loading, you could at the least extract some potentially sensitive details that would otherwise be safe?

What do other slashdotters think? Is this an easily exploitable threat that should see suspended RAM images encrypted?"

It's currently a problem of access to gigabits through punybaud. -- J. C. R. Licklider

Working...