Making the High Security of Repeated Hashing Practical
Last week I explained how repeated hashing works. Our user Alice can prove that she knows her secret without exposing that secret, and the server can verify this without knowing what her secret is. The follow-up question is – how to make it practical? My explanation last week told you how repeated hashing works, but […]
PolicyKit Authentication Framework: Creating Your Own Rules
Last week I was explaining the important distinction between authentication and authorization, and how Linux handles them in PAM and polkit, respectively. The PolicyKit Authentication Framework or polkit controls how subjects or unprivileged programs (such as a user’s shell) can be allowed to run mechanisms or privileged programs (such as normally root-only programs like mount […]
Linux Virtualization Part 4: Manage, Monitor, and Control Your Virtual Machines with libvirt
I’ve been writing the last two weeks about Linux virtualization, including how to use Containers and Docker and how to virtualize multiple operating systems on different architectures. We can do many powerful things, but you may be getting worried — how hard is it to control all these widely varying virtualization technologies? There’s good news: […]
How Much Does Software Development Quality Really Cost?
What can you do about improving software quality on your development projects? Maybe it’s time to look at structural quality — pay attention to the non-functional requirements (NFRs) and not the functional requirements (FRs)? Here is a fascinating study that suggests how to really measure software quality. CAST Worldwide Application Software Quality Study — 2010 […]
Are all these Java Issues problems for Android, too?
It seems that’s a common question these days. A lot of us use Android systems and some of us have heard that Android is programmed in Java. So, are the Java security issues we read about in the news an issue for our Android devices and should we be concerned? The answer is, “No. Don’t […]