Assignment 2, modifying your early runtime
Assignment 3, setting up a new daemon, a webserver
Assignment 4, ad hoc /proc parsing
Assignment 5, using virtualization
Assignment 6, installing Arch under virtualization
Assignment 7, installing NixOS under virtualization
I highly recommend reading the ACM's Risks Digest (you can read it in rdf format at http://catless.ncl.ac.uk/rdigest.rdf, or via email — instructions are at http://www.csl.sri.com/users/risko/risksinfo.html) or adding its RSS feed at http://catless.ncl.ac.uk/risksatom.xml to your feed browser.
Reference to the Tanenbaum-Torvalds discussion of micro versus macro: Open Sources: Voices from the Open Source Revolution; Appendix A, The Tanenbaum-Torvalds Debate
The Evolution of the Unix Time-sharing System
2008-06-09: An Email About A SAN here at FSU: SAN Issue -- root cause explanation
2008-06-09: An Email about a Mailman problem here at FSU: Mailman problem
2008-06-11: An Email about a ClamAV problem with respect to Selinux: ClamAV/Selinux problem
2008-06-13: Reference for enjoyable book on networking:
Network Warrior, Second Edition
by Gary A. Donahue
Publisher: O'Reilly
Pub Date: May, 2011
Print ISBN-13: 978-1-4493-8786-0
2008-06-16: Morgan Stanley and AFS: When Your Business Depends On It: The Evolution of a Global File System for a Global Enterprise
2008-06-16: Relatively recent (2006) NFS operations resource: Linux NFS-HOWTO
2008-06-27: Recent article on top-level domains in the New York Times: New Flavors for Addresses on the Web Are on the Way
2008-07-07: Recent article on consumer views of service downtimes in the New York Times: As Web Traffic Grows, Crashes Take Bigger Toll
2008-07-09: Recent article on patching DNS flaw: Vendors form alliance to fix DNS poisoning flaw
2008-07-09: DNS patches prove fatal for some software: MS DNS patch snuffs net connection for ZoneAlarm users
2008-08-08: Press release from Dr. Bernstein on DNS cache poisoning: DNS still vulnerable, Bernstein says
2008-08-11: Plastic Keys to Physical Locks: Researchers Crack Medeco High-Security Locks With Plastic Keys
2008-08-20: An Email about an administrator failing to set permanent state after setting temporary state: Blocked Hosts List?
2008-08-22: An Email about an intrusion at Redhat's Fedora: Infrastructure report, 2008-08-22 UTC 1200
2009-01-05: Backup woes: Hard Lessons in the Importance of Backups: JournalSpace Wiped Out
2009-01-22: NSA Selinux link: http://www.nsa.gov/research/selinux/.
2009-02-10: Data breach at FAA: FAA reports 45,000 data records pilfered from server
2009-02-26: Man-in-the-middle attack that looks viable: SSL Strip
2009-03-06: Finally, a vulnerability found in DJBDNS: Security Issue in DJBDNS Confirmed
2009-03-06: And a second vulnerability also found in DJBDNS: Rapid DNS Poisoning in DJBDNS
2009-04-01: Spam Back to 94% of All E-Mail
2009-04-06: Carbonite loses customer backups, sues Promise Technology
2009-05-15: Backup woes at Avsim: Hackers 'destroy' flight sim site
2009-05-20: Microsoft IIS hole fells university server
2009-05-21: Microsoft IIS6 bug exposes sensitive files sans password
2009-07-15: U.S. Postal Service Gives Stamp of Approval to FOSS
2009-07-15: DHCP server can take over client
2009-07-21: More on the DD-WRT story mentioned brought up in class: Open-source firmware vuln exposes wireless routers
2009-07-23: Adobe Flash woes: New attacks exploit vuln in (fully-patched) Adobe Flash
2009-07-29: Major BIND bug: BIND crash bug prompts urgent update call
2009-07-29: FSU's response to the BIND bug: [Nolenet] DNS server code upgraded
2009-07-30: Data Exposure in the U.S. government: US Congress probes accidental top secret file sharing
2009-07-30: Hardware security: Intel warns over bare-metal BIOS bug
2009-07-31: DNS: Wildcard certificate spoofs web authentication
2009-07-31: iPhone: How To Hijack 'Every iPhone In The World'
2009-07-31: Details on the Linux 2.30 NULL pointer problem: Fun with NULL pointers, part 1
2009-08-31: Warming server rooms: Intel says data centers much too cold: Frozen assets a waste of cash
2009-08-31: IIS bug gives attackers complete server control
2009-09-02: Why Gmail Failed Today
2009-09-09: Windows unpatchable: Microsoft: Patching Windows 2000 'infeasible'
2009-09-16: The Curious Case of the Failing Connections, The Curious Case of the Failing Connections, Part 2
2009-09-16: Microsoft starts warnings of support phase-out for older Windows Server releases
2009-10-07: A practical example of why you do not want to still be using 512-bit RSA keys: TI-83 Plus OS Signing Key Cracked
2009-10-12: Linux saves Aussie electrical grid
2009-10-16: Big-Box Breach: The Inside Story of Wal-Mart's Hacker Attack
2009-10-16: Maybe all's well that ends well? Microsoft recovers 'most, if not all' Sidekick users' data
2009-12-04: Test setup leaks into production: Bing dies (briefly) after Microsoft hits wrong button
2010-08-23: Why RAID 5 stops working in 2009
20109-09-07: Part one of Doomsday Weekend: who can you trust?
2010-09-07: A series of disorderly events
2010-09-08: DNSSEC versus DNSCurve OpenDNS adopts DNSCurve
2010-09-15: Stuxnet attackers used 4 Windows zero-day exploits
2010-09-16: Intel eats crow on software RAID
2010-09-20: Siemens: Stuxnet worm hit industrial systems
PSN was running on unpatched Apache server with no firewall .
2011-05-10: Why Sony's PSN problem won't take down cloud computing
2011-05-10: Summary of the Amazon EC2 and Amazon RDS Service Disruption in the US East Region
2011-05-10: Global CIO: Why The Amazon Cloud Outage Is Irrelevant
2011-05-31: BIND Named woes again: Large RRSIG RRsets and Negative Caching can crash named
2011-06-06: How a cheap graphics card could crack your password in under a second
2011-08-02: Anatomy of a Unix breach
2011-08-30: Fixing a CGI-like Script
2011-09-12: Rent-a-Bot Networks Tied to TDSS Botnet
2011-11-04: Chaos Computer Club analyzes government malware
2011-11-14: Et tu, Boeing? FACT CHECK: SCADA Systems Are Online Now
2011-11-14: Underground call-centre for identity theft uncovered by security researchers
2011-11-14: The Dark Side Of Biometrics: 9 Million Israelis' Hacked Info Hits The Web
2011-11-14: The Underground Economy of Fake Antivirus Software (PDF)
2011-11-14: The Perfect Scam
2011-11-14: Who killed the fake-antivirus business?
2011-11-14: Russian police take a bite out of online crime
2011-11-28: Japan's continuing cybersecurity problems: Upper House confirms falling victim to cyber-attacks
2011-11-28: Japan's continuing cybersecurity problems: Only 45% of lawmakers changed passwords after cyber-attack
2011-11-30: Carrier IQ saga: Carrier IQ Tries to Silence Security Research Exposing Its Rootkit, gets Pinned Down by the EFF
2011-11-30: Carrier IQ saga: The Rootkit Of All Evil — CIQ
2011-11-30: Carrier IQ saga: Carrier IQ Tries to Censor Research With Baseless Legal Threat
2011-11-30: Carrier IQ saga: Smartphone Invader Tracks Your Every Move
2011-11-30: Carrier IQ saga: CarrierIQ
2011-11-30: Carrier IQ saga: Proof Published that Carrier IQ is Recording Key Presses and Location Data
2011-11-30: Carrier IQ saga: The Storm Is Not Over Yet — Lets Talk About #CIQ
2012-04-19: OpenSSL flaw
2012-06-11: US Navy buys Linux to guide drone fleet
2012-08-31: Finspy: Software Meant to Fight Crime Is Used to Spy on Dissidents
2012-08-31: Finspy: Egypt, FinFisher Intrusion Tools and Ethics
2012-08-31: Finspy: From Bahrain With Love: FinFisher's Spy Kit Exposed?
2012-08-31: Finspy: The SmartPhone Who Loved Me: FinFisher Goes Mobile?
2012-09-24: DNT: Why Do Not Track is worse than a miserable failure
2013-01-16: "Red October" Diplomatic Cyber Attacks Investigation
2013-02-18: U.S. said to be target of massive cyber-espionage campaign
2013-02-20: APT1: Exposing One of China's Cyber Espionage Units
2013-02-25: Code certificate laissez-faire leads to banking Trojans
2013-03-04: Where Apps Meet Work, Secret Data Is at Risk
2013-03-22: How whitehats stopped the DDoS attack that knocked Spamhaus offline
2013-04-08: How a banner ad for H&R Block appeared on apple.com - without Apple's OK
2013-05-14: The Case of the 500 Mile Email
2013-05-16: Network outage here at FSU
2013-07-11: US agency baffled by modern technology, destroys mice to get rid of viruses
2013-07-11: Netragard's Hacker Interface Device (HID).
2013-07-16: Fraudsters trick people into handing over cards on doorstep
2013-08-01: Trusting iPhones plugged into bogus chargers get a dose of malware
2013-08-26: The Guardian's NSA Files collection of articles (also related, The Guardian's general NSA keyword articles)
2013-08-26: They Know Much More Than You Think
2013-08-27: Snowden Interview
2013-08-27: Viewing PRISM: XKEYSCORE
2013-09-10: The NSA Is Breaking Most Encryption on the Internet
2013-09-10: NSA Foils Much Internet Encryption
2013-09-10: The NSA's Secret Campaign to Crack, Undermine Internet Security
2013-09-10: Revealed: how US and UK spy agencies defeat internet privacy and security
2013-09-10: The Factoring Dead: Preparing for the Cryptopocalypse
2013-09-10: How Advanced Is the NSA's Cryptanalysis—And Can We Resist It?
2013-09-10: A Few Thoughts on Cryptographic Engineering
2013-09-10: New Snowden Documents Show NSA Deemed Google Networks a "Target"
2013-09-24: The iPhone 5s Touch ID hack in detail
2013-09-26: UEFI Boot to Zork
2013-09-30: Meet the Machines that Steal Your Phone's Data
2013-10-10: A Computer Infection That Can Never Be Cured
2013-10-10: The Next Frontier of Password Cracking
2013-10-17: Analysis of the HTTPS Certificate Ecosystem
2013-10-22: The Privacy Challenges of Big Data: A View from the Lifeguard's Chair
2013-10-22: Experian Sold Consumer Data to ID Theft Service
2013-10-31: Meet "badBIOS," the mysterious Mac and PC malware that jumps airgaps
2013-10-31: The DEFCON21 Social Engineer Capture The Flag Report (PDF)
2013-11-01: Just Six People Got Insurance Through Healthcare.gov on Day One
2013-11-05: Top 100 Adobe passwords
2014-01-09: NSA ANT document in PDF format (rough OCR has been applied)
2014-01-09: The Danger of Rogue System Administrators
2014-01-09: NSA Codenames
2014-01-09: A new Dual EC DRBG flaw
2014-01-23: A First Look at the Target Intrusion, Malware
2014-01-23: Bluetooth Hackers Allegedly Skimmed Millions Via Gas Stations
2014-01-28: Spy Agencies Probe Angry Birds and Other Apps for Personal Data
2014-02-05: 7 Die in Fire Destroying Argentine Bank Archives
2014-05-13: Analyzing Forged SSL Certificates in the Wild
2014-05-13: Feds: Sailor hacked Navy network while aboard nuclear aircraft carrier
2014-05-22: The Naming of Hosts Is a Difficult Matter
2014-06-03: Filing by Computer: A Pillow Helped
2014-06-25: Mathematicians Discuss the Snowden Revelations
2015-05-12: Exploiting DRAM rowhammer bug
2015-05-12: Architecting Websites in the HTTP2 era
2015-06-17: Locked Out of the Server Room
2015-06-30: Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation
2015-06-30: Process isolation NsJail
2015-10-06: Latest filesystem hierarchy specification: Linuxbase
2015-11-10: The Future of Leap Seconds
2015-11-10: XKCD's take on the leap second problem
2015-11-17: Beware of Ads that Use Inaudible Sound to Link Your Phone, TV, Tablet, and PC
2016-09-08: Congressional Report on The OPM Database Compromise
2016-10-25: Dyn statement on DDOS
2016-10-26: IOT
2016-12-01: San Francisco Rail Ransomware
2016-12-01: Avalanche
2018-09-26: WASM JIT
2018-11-05: Linux now tops on Azure
2018-11-05: Microsoft working on porting systinternals to Linux
2018-11-05: Sysinternals
2018-12-05: NIST's 2017: "Introduction to Information Security"
2018-12-05: NIST authentication guidelines 800-63
2018-12-05: Secrets as authentication (aka "passwords")