Category Archives: Security

Food, Security

Back Door Java

Leave a comment

An outsider’s look at homes reveals the significance of having a back door in Java (Back door Java: state formation and the domestic in working class Java, 2006, page 55):

I did not fully understand why they did not want to use the kitchen in our house, because it had running water and tiled counter and floor space. Bu Sae’s kitchen, in contrast, was a small dark, dirt-floored annex to the main house, reached by a dirt path running along the east side of her house and next to our own. There was very little room and no clear space for food preparation. Yet, Bu Sae was insistent that we could not know how many people would attend and thus we could not use my house. What if we ran out of something, glasses, piring (plates), or tea? We had no back door to go get more.

The American view is focused on an infinite supply of water and space within the room. However, the back door in Java seems to represent the link to more essential services as well as a larger social network — beyond the room, or even a family.

This makes quite a bit of sense. Think about this in terms of cloud computing. Better to have a shiny new-looking server that is clean and with some capacity, or to have a server with access to many more that can expand and work together more flexibly to meet demand?

Think about it also in terms of social network sites. Some friends are greeted through the front door, and some are let in the back door.

These examples, from an Anthropologist’s view of homes in Java, tempt me to try and use the term “back door” instead of “cloud” to describe connected and scalable services that leverage social network groups…but I have a feeling that the current and very common use of the phrase “back door” in computing (unauthorized access) is probably impossible to overcome. I have to admit the title caught me off guard, but I’m glad I read the book.

Security

SourceFire Acquires Immunet

Leave a comment

The Immunet Blog says they plan to “spread” as the Sourcefire Cloud Technology Group.

Over the past 2.5 years the team here at Immunet has built an amazing cloud platform to deliver next generation security technologies and raise the bar for AntiVirus protection. As a result, we’ve built a product that is 35 times smaller than our nearest competitor using an entirely new approach to fight today’s rapidly spreading threats — our Collective Immunity technology. After growing to over 750,000 users in just over a year, we have reached a stage in our company’s life where we needed to put our pedal on the gas and spread Immunet to the entire world.

The acquisition makes a lot of sense since Immunet has been producing a Windows version of ClamAV, which was acquired by Sourcefire in 2007.

Windows ClamAV users had already been redirected to Immunet support and *nix ClamAV planned to migrate to the same Immunet Cloud technology that boasted “NO virus updates required“. This acquisition confirms Sourcefire’s commitment at a business as well as a technology level.

Security

NVIDIA announces CPU

Leave a comment

I noticed that NVIDIA slipped a CPU announcement into their CES press releases

NVIDIA announced today that it plans to build high-performance ARM based CPU cores, designed to support future products ranging from personal computers and servers to workstations and supercomputers.

Known under the internal codename “Project Denver,” this initiative features an NVIDIA CPU running the ARM instruction set, which will be fully integrated on the same chip as the NVIDIA GPU.

Just when you thought NVIDIA made it easier to crack encryption using FERMI (graphics processors)

Security

Guidelines for Secure IPv6

Leave a comment

The National Institute of Standards and Technology last week issued SP 800-119, Guidelines for the Secure Deployment of IPv6

Some things are said to be very different about it…

Router access control lists (ACLs), firewalls, and other security components must be carefully managed to retain ICMPv6 functionality. Any security measures on a network segment must allow IPv6 nodes to use ICMPv6 to accomplish Neighbor Discovery, PMTU discovery, and other essential tasks. If an IPv6 default router on a network segment is unable to receive and reply to legitimate RS messages, nodes sending those messages may experience a denial of service condition.

…while other things are said to stay the same.

The deployment of IPv6 reinforces the basic security lessons learned with IPv4. These security practices include defense in depth, diversity, patching, configuration management, access control, and system and network administrator best practices. Good security practices remain unchanged with the deployment of IPv6.