On the 17th of December, the Belgian citizens (like me) had the “good” surprise from our Minister (certainly not a X-mas gift)! A Royal Decree was published in the “Moniteur” about the tax on the private copy of digital data. From now (or from 1st of January, I suppose), when
Month: December 2009
Bash Syslog History Could Lead to Data Leakage?
A few months ago, I posted an article about how to add extra logging facilities to the Bash shell. For specific users, it can be useful to have a complete history of their activity on your server (for audit purposes). The first release candidate of Bash 4.1 is available for
Full-Disclosure is now Illegal in France
The principle of full-disclosure is to publish all the details of a discovered security problem (a software vulnerability). By doing this, the security researchers try to fight against the other principle of “Security by Obscurity”. Once a vulnerability has been found, the “normal” way of working should be to contact
Hello Karmic Koala!
Finally, I did it! I just upgraded my corporate laptop with the latest release of Ubuntu (9.10) aka “Karmic Koala”. Available for a few weeks, I preferred to wait for some holidays before the upgrade. First, because without laptop, I can’t work! In case of big issue, my off-days would
Security Starts with Confidentiality…
I read this morning an article in DataNews, a Belgian IT security newspaper, about a big contract won by a security integrator to deploy a brand new e-mail platform for the Belgian Federal Police. Good news for them! But, why did the journalist disclose in his article sensitive information like
Use the Right Tool!
A well-known expression says “The right people at the right place!“. I would like to extend it to the security perimeter, saying “Use the right tool at the right place!” or “Use the right tool for the right purpose!“. Today’s security landscape is extremely large so complex! Lot of raptors
ISSA Belgian Chapter Meeting: DNS & Security
Back from an ISSA Belgian Chapter event about DNS & Security. As says Kris Buytaert on his blog: “Everything is a Freaking DNS problem!“. Today’s speaker was Marc Lampo who has a great DNS experience (a long time ago, he gained several years of experience as hostmaster while working for
Protect your Infrastructure with IRON!
Question: Do you remember the Amiga computer? I was an early fan is this wonderful machine and operating system. Starting with AmigaOS 2.0, a macro language called ARexx (with a letter “A” like “Amiga) was added. This language, derived from REXX (“REstructured eXtended eXecutor“) developed initialy by IBM. The power
Belgian Transport Company Spotted at C&SAR 2009
C&SAR 2009 (“Computer & Electronics Security Applications Rendez-vous“) was organized in France a few days ago. The topic of the 2009 edition was “wireless security”, covered during three day by a large program of talks. One of the speakers was Gildas Avoine from the University of Louvain-La-Neuve. He spoke about
Google Goes to DNS Resolving
Once again, Google hit hard! They announced yesterday a new service via their blog: Google Public DNS. The new Google baby is a public DNS resolver open to everyone. Just reconfigure your TCP/IP stack to use the following DNS server and you’re done! 8.8.8.8 8.8.4.4 Google’s arguments are in direct