Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment Drupal for the win (Score 1) 192

I choose Byzantine schema over everything stored in two tables any day of the week. I pick allowing the customer to add fields via actual database tables rather than stuffing them into a "meta" table in a serialized form. If by code in the DB you mean having a rules/actions engine that is defined with data from the DBI pick that over hand coding anyday. Upgrades incompatible? I pick testing your upgrade rather than blindly upgrading a production site.

Privacy

Submission + - Lax SSH key management a big problem

cstacy writes: Tatu Yionen, inventor of SSH, says he feels "a moral responsibility" to come out of retirement and warn that a "little-noticed problem" could jeopardize the security of much of the world's confidential data. He is referring to the management (or lack thereof) of SSH keys (i.e. "authorized_keys") files. He suggests that most organizations simply allow the SSH key files to be created, copied, accumulated, and abandoned, all over their network, making easy pickings for intruders to gain access.

Do you think this is a widespread problem?
How does your company manage SSH keys?

Slashdot Top Deals

I haven't lost my mind -- it's backed up on tape somewhere.

Working...