Assignment 5: Linux from Scratch project kickoff
Assignment 6: Linux from Scratch project, intermediate stage
Assignment 7: Linux from Scratch project, finishing steps (due by 5:00pm on July 17)
Assignment 8: Users (due by 11:59pm on July 23)
Beginning "Beyond Linux From Scratch" (due by 4:00pm on August 4)
A simple program to display parent/child fork(2) information.
A small program to display parent/multiple children fork(2) information.
I highly recommend reading comp.risks (you can read it in rdf format at http://catless.ncl.ac.uk/rdigest.rdf, or via email --- instructions are at http://www.csl.sri.com/users/risko/risksinfo.html) or adding its RSS feed at http://catless.ncl.ac.uk/risksatom.xml to your feed browser. Also, you might want to join the FSU Nolenet mailing list.
Open Sources: Voices from the Open Source Revolution; Appendix A, The Tanenbaum-Torvalds Debate
Network Warrior, 2nd edition
by Gary A. Donahue
Publisher: O'Reilly
Pub Date: 2011
Print ISBN-13: 978-1-449-38786
2008-06-09: An Email about a SAN here at FSU: SAN Issue -- root cause explanation
2008-06-09: An Email about a Mailman problem here at FSU: Mailman problem
2008-06-11: An Email about a ClamAV problem with respect to Selinux: ClamAV/Selinux problem
2008-06-16: Morgan Stanley and AFS: When Your Business Depends On It: The Evolution of a Global File System for a Global Enterprise
2008-06-27: 2008 article on top-level domains in the New York Times: New Flavors for Addresses on the Web Are on the Way
[ 2010-08-23: So, where are we at with the above article? Current List of Internet Top Level Domains ]
2008-07-07: Article on consumer views of service downtimes in the New York Times: As Web Traffic Grows, Crashes Take Bigger Toll
2008-07-09: Article on patching DNS flaw: Vendors form alliance to fix DNS poisoning flaw
2008-07-09: DNS patches prove fatal for some software: MS DNS patch snuffs net connection for ZoneAlarm users
2008-08-08: Press release from Dr. Bernstein on DNS cache poisoning: DNS still vulnerable, Bernstein says
2008-08-11: Plastic Keys to Physical Locks: Researchers Crack Medeco High-Security Locks With Plastic Keys
2008-08-20: An Email about an administrator failing to set permanent state after setting temporary state: Blocked Hosts List?
2008-08-22: An Email about an intrusion at Redhat's Fedora: Infrastructure report, 2008-08-22 UTC 1200
2009-01-05: Backup woes: Hard Lessons in the Importance of Backups: JournalSpace Wiped Out
2009-01-22: NSA Selinux link: http://www.nsa.gov/research/selinux/.
2009-02-10: Data breach at FAA: FAA reports 45,000 data records pilfered from server
2009-03-06: Finally, a vulnerability found in DJBDNS: Security Issue in DJBDNS Confirmed
2009-03-06: And a second vulnerability also found in DJBDNS: Rapid DNS Poisoning in DJBDNS
2009-04-01: Spam Back to 94% of All E-Mail
2009-04-06: Carbonite loses customer backups, sues Promise Technology
2009-05-15: Backup woes at Avsim: Hackers 'destroy' flight sim site
2009-05-20: Microsoft IIS hole fells university server
2009-05-21: Microsoft IIS6 bug exposes sensitive files sans password
2009-07-15: U.S. Postal Service Gives Stamp of Approval to FOSS
2009-07-15: DHCP server can take over client
2009-07-21: Open-source firmware vuln exposes wireless routers
2009-07-23: Adobe Flash woes: New attacks exploit vuln in (fully-patched) Adobe Flash
2009-07-29: Major BIND bug: BIND crash bug prompts urgent update call
2009-07-29: FSU's response to the BIND bug: [Nolenet] DNS server code upgraded
2009-07-30: Data Exposure in the U.S. government: US Congress probes accidental top secret file sharing
2009-07-30: Hardware security: Intel warns over bare-metal BIOS bug
2009-07-31: DNS: Wildcard certificate spoofs web authentication
2009-07-31: iPhone: How To Hijack 'Every iPhone In The World'
2009-07-31: Fun with NULL pointers, part 1
2009-08-31: Warming server rooms: Intel says data centers much too cold: Frozen assets a waste of cash
2009-08-31: IIS bug gives attackers complete server control
2009-09-02: Why Gmail Failed Today
2009-09-09: Microsoft confirms critical unpatched Vista, Windows 7 RC bug
2009-09-09: Windows unpatchable: Microsoft: Patching Windows 2000 'infeasible'
2009-09-16: The Curious Case of the Failing Connections, The Curious Case of the Failing Connections, Part 2
2009-10-07: A practical example of why you do not want to still be using 512-bit RSA keys: TI-83 Plus OS Signing Key Cracked
2009-10-12: Linux saves Aussie electrical grid
2009-10-16: Big-Box Breach: The Inside Story of Wal-Mart’s Hacker Attack
2009-12-04: Test setup leaks into production: Bing dies (briefly) after Microsoft hits wrong button
2010-08-23: Why RAID 5 stops working in 2009
2010-09-01: Microsoft releases FixIt for critical flaw in 100 apps
2010-09-07: Part one of Doomsday Weekend: who can you trust?
2010-09-07: A series of disorderly events
2010-09-08: DNSSEC versus DNSCurve OpenDNS adopts DNSCurve
2010-09-15: Stuxnet attackers used 4 Windows zero-day exploits
2010-09-16: Intel eats crow on software RAID
2010-09-20: Siemens: Stuxnet worm hit industrial systems
2010-09-21: PostgreSQL 9.0 is now available
PSN was running on unpatched Apache server with no firewall .2011-05-10: Why Sony's PSN problem won't take down cloud computing
2011-05-10: Summary of the Amazon EC2 and Amazon RDS Service Disruption in the US East Region
2011-05-10: Global CIO: Why The Amazon Cloud Outage Is Irrelevant
2011-06-06: How a cheap graphics card could crack your password in under a second
2011-08-02: Anatomy of a Unix breach
2011-08-30: Fixing a CGI-like Script
2011-09-12: Rent-a-Bot Networks Tied to TDSS Botnet
2011-11-04: Chaos Computer Club analyzes government malware
2011-11-14: Et tu, Boeing? FACT CHECK: SCADA Systems Are Online Now
2011-11-14: Underground call-centre for identity theft uncovered by security researchers
2011-11-14: The Dark Side Of Biometrics: 9 Million Israelis' Hacked Info Hits The Web
2011-11-14: The Underground Economy of Fake Antivirus Software (PDF)
2011-11-14: The Perfect Scam
2011-11-14: Who killed the fake-antivirus business?
2011-11-14: Russian police take a bite out of online crime
2011-11-28: Japan's continuing cybersecurity problems: Upper House confirms falling victim to cyber-attacks
2011-11-28: Japan's continuing cybersecurity problems: Only 45% of lawmakers changed passwords after cyber-attack
2011-11-30: Carrier IQ saga: Carrier IQ Tries to Silence Security Research Exposing Its Rootkit, gets Pinned Down by the EFF
2011-11-30: Carrier IQ saga: The Rootkit Of All Evil — CIQ
2011-11-30: Carrier IQ saga: Carrier IQ Tries to Censor Research With Baseless Legal Threat
2011-11-30: Carrier IQ saga: Smartphone Invader Tracks Your Every Move
2011-11-30: Carrier IQ saga: CarrierIQ
2011-11-30: Carrier IQ saga: Proof Published that Carrier IQ is Recording Key Presses and Location Data
2011-11-30: Carrier IQ saga: The Storm Is Not Over Yet — Lets Talk About #CIQ
2012-04-19: OpenSSL flaw
2012-06-11: US Navy buys Linux to guide drone fleet
2012-08-31: Finspy: Software Meant to Fight Crime Is Used to Spy on Dissidents
2012-08-31: Finspy: Egypt, FinFisher Intrusion Tools and Ethics
2012-08-31: Finspy: From Bahrain With Love: FinFisher’s Spy Kit Exposed?
2012-08-31: Finspy: The SmartPhone Who Loved Me: FinFisher Goes Mobile?
2012-09-24: DNT: Why Do Not Track is worse than a miserable failure
2013-01-16: "Red October" Diplomatic Cyber Attacks Investigation
2013-02-18: U.S. said to be target of massive cyber-espionage campaign
2013-02-20: APT1: Exposing One of China's Cyber Espionage Units
2013-02-25: Code certificate laissez-faire leads to banking Trojans
2013-03-04: Where Apps Meet Work, Secret Data Is at Risk
2013-03-22: How whitehats stopped the DDoS attack that knocked Spamhaus offline
2013-04-08: How a banner ad for H&R Block appeared on apple.com - without Apple's OK
2013-05-14: The Case of the 500 Mile Email
2013-05-16: Network outage here at FSU
2013-07-11: US agency baffled by modern technology, destroys mice to get rid of viruses
2013-07-11: Netragard's Hacker Interface Device (HID).
2013-07-16: Fraudsters trick people into handing over cards on doorstep
2013-08-01: Trusting iPhones plugged into bogus chargers get a dose of malware
2013-08-26: The Guardian's NSA Files collection of articles (also related, The Guardian's general NSA keyword articles)
2013-08-26: They Know Much More Than You Think
2013-08-27: Snowden Interview
2013-08-27: Viewing PRISM: XKEYSCORE
2013-09-10: The NSA Is Breaking Most Encryption on the Internet
2013-09-10: NSA Foils Much Internet Encryption
2013-09-10: The NSA's Secret Campaign to Crack, Undermine Internet Security
2013-09-10: Revealed: how US and UK spy agencies defeat internet privacy and security
2013-09-10: The Factoring Dead: Preparing for the Cryptopocalypse
2013-09-10: How Advanced Is the NSA's Cryptanalysis—And Can We Resist It?
2013-09-10: A Few Thoughts on Cryptographic Engineering
2013-09-10: New Snowden Documents Show NSA Deemed Google Networks a "Target"
2013-09-24: The iPhone 5s Touch ID hack in detail
2013-09-26: UEFI Boot to Zork
2013-09-30: Meet the Machines that Steal Your Phone's Data
2013-10-10: A Computer Infection That Can Never Be Cured
2013-10-10: The Next Frontier of Password Cracking
2013-10-17: Analysis of the HTTPS Certificate Ecosystem
2013-10-22: The Privacy Challenges of Big Data: A View from the Lifeguard's Chair
2013-10-22: Experian Sold Consumer Data to ID Theft Service
2013-10-31: Meet "badBIOS," the mysterious Mac and PC malware that jumps airgaps
2013-10-31: The DEFCON21 Social Engineer Capture The Flag Report (PDF)
2013-11-01: Just Six People Got Insurance Through Healthcare.gov on Day One
2013-11-05: Top 100 Adobe passwords
2014-01-09: NSA ANT document in PDF format (rough OCR has been applied)
2014-01-09: The Danger of Rogue System Administrators
2014-01-09: NSA Codenames
2014-01-09: A new Dual EC DRBG flaw
2014-01-23: A First Look at the Target Intrusion, Malware
2014-01-23: Bluetooth Hackers Allegedly Skimmed Millions Via Gas Stations
2014-01-28: Spy Agencies Probe Angry Birds and Other Apps for Personal Data
2014-02-05: 7 Die in Fire Destroying Argentine Bank Archives
2014-05-13: Analyzing Forged SSL Certificates in the Wild
2014-05-13: Feds: Sailor hacked Navy network while aboard nuclear aircraft carrier
2014-05-22: The Naming of Hosts Is a Difficult Matter
2014-06-03: Filing by Computer: A Pillow Helped
2014-06-25: Mathematicians Discuss the Snowden Revelations
2014-07-22: Mayhem
2014-08-26: Protecting processes from a hostile operating system: Virtual Ghost
2014-09-11: Execute in Place
2014-09-11: Supporting filesystems in persistent memory
2014-09-25: The Astonishing Story of the Federal Reserve on 9-11
2014-10-16: The human element: Core Secrets: NSA Saboteurs in China and Germany
2014-10-20: Kickstarter pulls Anonabox, a Tor-enabled router that raised over $585,000
2014-10-20: Report: Cybercrime costs US $12.7M a year
2014-11-05: "The Devil had possessed his netbook" — and other tales of IT terror
2014-11-19: Unscheduled Windows update kills critical security bug under active attack
2014-11-19: It's A Return To The Azure-Alypse — Microsoft Azure Suffers Global Outage
2014-11-20: Update on Azure Storage Service Interruption
2015-09-28: Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud
2015-10-21: towel.blinkenlights.nl
2015-10-26: Google Cloud Brownout Fix Forget Some Servers
Nerves rattled by highly suspicious Windows Update delivered worldwide
Internet of Things Poses Opportunities for Cyber Crime
File Says N.S.A. Found Way to Replace Email Program
China-Tied Hackers That Hit U.S. Said to Breach United Airlines
2016-05-11: Building and Scaling Fastly Network
2016-05-11: Bangladesh Bank Woes
2016-05-13: Salesforce outage
2016-05-13: Open Source Should Not Imply Live Access
2016-06-08: Ransomware at University Calgary
2016-06-08: University statement
2016-06-10: Microsoft's Compiler Shenanigans (also see the classic Thompson "Trusting Trust" paper)
2016-07-15: HTTP 2 in the real world
2016-07-15: Cybercrime over takes traditional crime in the United Kingdom
2016-07-15: Linux kernel insecurity
2016-07-20: Five million Danish ID numbers sent to Chinese firm by mistake
2016-07-20: Regex woes
2016-09-07: House of Keys
2016-09-12: FTP Servers mint money
2016-09-22: Github Load Balancer
2016-10-08: Strange Loop — IP Spoofing
2016-10-26: A low-level kernel hibernation bug hunt
2016-10-26: IOT
2016-10-31: Senator Prods Federal Agencies on IOT Mess
2016-11-10: Vlany LD_PRELOAD rootkit
2016-11-16: Truly impressive USB attack
2016-11-16: VLANY, LD_PRELOAD attack strategy
2016-11-16: Cryptpad
2017-05-15: Two days after WCRY worm, Microsoft decries exploit stockpiling by governments
2017-05-16: Efficient Memory Disaggregation with Inifiswap (courtesy of "The Morning Paper")
2017-05-22: HTTPS on Stack Overflow
2017-06-15: I Know What You Did Last Summer — in the Cloud
2017-06-21: Fuzzing node.js
2017-06-21: Gray Failure
2017-07-04: IoT Goes Nuclear: Creating a ZigBee Chain Reaction
2017-07-24: Swedish data leak
Links to look at on an ongoing basis: