In my previous post I made brief mention of some new features in the 4.15 (well, technically, 4.14) Linux kernel, supporting encrypted volatile memory (RAM). Apart from a brief awareness of industry initiatives in this area, I hadn’t closely followed this development and so decided to take a look and write up some findings in this blog post.
Our AGM is fast approaching for the Dorset branch of BCS, the national association for computing in the UK and overseas. We’ve had a slight change to our plans, with a new Guest Speaker: Geoffrey Darnton. You can find more information on Geoffrey’s talk at our website www.dorset.bcs.org.
Due to changes in how BCS manages events, stemming from GDPR, we now use EventBrite and a ticketing system, so you’ll need to book a ticket in advance. If you’ve forgotten, don’t worry, simply turn up.
I’ve recently upgraded one of my servers to Ubuntu 18.04 LTS. (I’m a reluctant user of Ubuntu, having previously been a staunch Red Hat and Fedora Core user, disappointed by the lack of long term support in mainstream distros.)
There are some new features in the mix (both security and general functionality). Finding a succinct and complete list of new features is elusive, so here is one in case you are looking for the same:
Bind is a good DNS server, however it has a slightly chequered history insofar as vulnerabilities are concerned. Nevertheless it’s a good solution for internal networks, and offers some flexible configuration options. In this post I’m going to add some security filtering functionality using Perl, Bash and some standard Linux tools.
An interesting public event is coming up, organised by the Royal Society of Arts on 13th of September. You can watch live on Facebook.
Here’s the advert:
Squid has to be my all-time favourite open source project. I’ve used it extensively in my own projects, and Squid formed a key part of my lecturing to finalists in my spell as an academic and consultant. Every student that finished my final year networks course would have encountered my Squid build worksheet!
One of the nice features of Squid is the extensibility of the platform, the quality of the product, and clarity of configuration files. Combining Squid with some scripts can lead to some interesting security solutions. In this blog post I’m going to talk about how Squid can be used to block malicious domains, using dynamic data downloaded from the Internet and some very simple scripting.
Recent years, particularly with the advent of a broad class of IoT applications, have increased the need for crypto solutions for constrained applications. NIST has started a search to find and standardise lightweight cryptographic algorithms for precisely these situations.
The calling notice for the 2018 AGM for Dorset BCS is as follows.
The EU recently published a series of technical notes on Brexit preparedness. Here’s a selection of information security related PDFs from the published EU material.