Below is a great Linux desktop security checklist from the Linux Foundation.
https://github.com/lfit/itpol/blob/master/linux-workstation-security.md
Below is a great Linux desktop security checklist from the Linux Foundation.
https://github.com/lfit/itpol/blob/master/linux-workstation-security.md
The below is a great story and a good lesson on the importance of cryptographic key size.
http://www.wired.com/threatlevel/2012/10/dkim-vulnerability-widespread/all/
Related to this, if you run a mail server consider looking into DKIM. It is an interesting addition to the Internet mail architecture and not that hard to enable via a sendmail milter (OpenDKIM).
A couple weeks ago I attended StartupCamp Waterloo. The Willet team was there to do a demo of Willet Social which is a new service they’ve developed which allows website owners to see who’s Tweeting about their site. This service is implemented as a button that the website owner adds to their site. When the user visiting the site clicks on the button they can quickly Tweet a link to the site to their followers. More recently this new service has gotten some attention on Hacker News.
In order for this to work, the user visiting the site has to give the Willet Social service write access to their Twitter account. This is done via OAuth so it’s not like Willet has complete access to the user’s account but the reality is that very few people understand this detail. What I find interesting about this is that people are actually willing to give a random service they have never used before access to their Twitter account in order to Tweet a link.
Social media isn’t really my area of expertise but had I come up with the idea for Willet Social I probably would have dismissed it outright because I, probably too optimistically, think it’s doubtful and scary that any significant number of people would give this access.