Algorithmic passwords - Memorable, high entropy, and unique

Background Passwords… ugh. I would wager that passwords rank among many peoples least favorite topics, but they are an integral part of life and therefore warrant discussion. Back in 2003 NIST published authentication guidelines for the US Federal government. Those requirements are largely responsible for password requirements for the last 15 years. In typical NIST fashion the document is comprehensive, includes threat models, mitigations, and detailed requirements. For their purposes a password is referred to as a “Memorized Secret Token” and the relevant threats and mitigations are:

SELinux and RPM

Wow, I just noticed it's been a year since I've blogged, that is not good. That doesn't mean nothing has been going on though, we've been quite busy around here. First I'd like to talk about a couple projects we are working on. The first is better integration of SELinux policies into RPM. We've posted a patch set to the rpm-maint [1] mailing list and are awaiting feedback. To try out the patches yourself you can read the instructions on the project page at selinuxproject.

The SELinux Documentation Project

One of the biggest complaints people have about SELinux is the lack of documentation. Indeed we had a nice group discussion with some users at Linux Plumbers Conference who once again brought this to our attention. The reason is simple. Most of us working on SELinux are developers. We don’t like writing documentation. We’d rather write blog entries explaining some aspect of SELinux instead of real documents. While this works when your primary audience are knowledgeable enough to find the blog entries, figure out how to apply the concepts to their problems and connect all the dots between here and there it isn’t useful for new users or users trying to solve a simple problem.

Red Hat and Tresys Partner

For those who haven’t seen this, it is good news for everyone I think. Basically it means that the company that I work for, Tresys Technology, which has considerable security engineering experience and knowledge now has the ability to reach people who need those services, through Red Hat’s services division. Up until now we have done primarilly government work so we’ve been somewhat out of touch with the needs of commercial Linux users, many of which need security expertise to meet regulations or to protect their customers privacy. and the SELinux poll

So, was released to public beta pretty recently and I must say I’m impressed. It looks like a great place to go to get tough programming (and other) questions answered. So, in order to give it a spin I posted the question Do you disable SELinux? It didn’t get nearly as many answers as What’s your favorite “programmer” cartoon but I did get mostly good feedback, it seems like the audience on stackoverflow, in general, have seen the positive progress of SELinux and many have chosen to keep it enabled (or even write policies and make it work for them).

SELinux on Ubuntu (part 1)

I’m in the process of moving my server from an ancient decrepit Gentoo install to a shiny new Ubuntu Hardy install with SELinux enabled.

Web browsers, security and Google Chrome

Securing web browsers has always been a little tricky. With so many web applications available today, including corporate intranet sites, email and so on with confidential or proprietary information it is always a bit troublesome that web browsers essentially run in one security domain. The last thing I want is for a teller at my bank to go to some site that ends up getting bank info from another tab.

Security Anti-Pattern: MLS for Guards

This article was requested, and was a long time coming anyway. I’ve gone over Multi-Level Security (MLS) a little bit before. It’s basically a security policy that is implemented by many trusted operating systems (such as Trusted Solaris) that is hierarchical and inflexible by nature. Specifically Bell-LaPadula (BLP) is used by many operating systems because it reflects the real world security policy used by the government and military. In BLP subjects and objects have a label consisting of a level (Secret, Top Secret, Unclassified, etc) and a set of non-hierarchical categories (US Only, Army, etc).

Is the BSD license more liberal or conservative than the GPL?

Recently I was looking around for a piece of software and I thought to myself “I need something with a more liberal license than the GPL”.. Then I thought “Wait, is liberal the right word there? Hrm”… So what do you guys think?

Secure doesn't mean anything.

No, seriously. I’m not trying to be ironic because the title of my blog is “Brindle on Security”, which I should probably change to something more creative anyway.

During my tenure at Gentoo, running the Hardened Gentoo project, the most common question by far was “How do I secure my system?” Warning, this article may contain some flamebait, avoid it if you can’t resist flaming back ;) .

Eventually we gave up and just pointed people to websites, perhaps this post can serve as that page. The answer was “What do you mean ‘secure’ your system?” Security isn’t, and can’t be, a goal by itself. You need to know what exactly you are trying to protect yourself against, your threat model, as it were.