Security :: CA And Browser Trust Models Need Overhaul
Oct 23, 2010
The cryptographic underpinnings of the Internet, as presently constituted, are messy, chaotic and rather randomly constructed. And that infrastructure is not only ripe for a variety of attacks, but is not easily fixable, a group of experts said Friday. At a forum on browser security sponsored by a Washington policy think tank, a group of technologists and policy experts from industry and government outlined the serious architectural and implementation problems with SSL, the certificate authority infrastructure and the way that browsers handle certificates. It was not a pretty picture. The problems extend from the way that CAs issue certificates to how certificates are handled by the major browsers to the way that attackers are able to take advantage of the weaknesses throughout the system.
View 1 Replies
ADVERTISEMENT
Jul 11, 2010
i want to implement different mobility models in ns2, but i can not it
View 2 Replies
View Related
Jan 12, 2010
im using firefox 3.5.7 with ubuntu 9.10 but firefox since 3.5.6 and 3.5.7 keeps crashing a lot-just now it crashed my entire system-the whole screen went black. So to that end is use of opera or chrome secure for ubuntu?
View 9 Replies
View Related
Apr 11, 2010
how to cross-reference it but searching on 'Could not initialize the browser's security component' will find it. Then look at the last 3 entries. Me and two other users have been unable to use Thunderbird since yesterday's update.
View 2 Replies
View Related
Mar 1, 2011
Ok i think Tor has some way of making the dns queries anonymous by default. I did the DNS nameserver spoofablity test here at [URL] and the results i got showed about 30 different dns servers. Normally when i carry out this test on my standard isp connection or the vpn i use i just get one dns servers settings consistently.
View 1 Replies
View Related
Jan 18, 2011
Online, I see many security alerts firefox but none related to Opera or other browsers. Is Opera more secure than Firefox?
View 3 Replies
View Related
Jun 25, 2010
I am trying to view jMol models via firefox but they don't show up. I assume that's due to the IcedTea java plugin. I cannot get firefox to use the sun java plugin.
Distributor ID:Ubuntu
Description:Ubuntu 10.04 LTS
Release:10.04
Codename:lucid
[Code]....
View 1 Replies
View Related
Sep 13, 2010
What manufacturers models of diabetes meters are compatible with GNU/Linux ?...
View 3 Replies
View Related
Jun 22, 2010
I am an undergraduate student doing some work in Cambridge, MA on NS2. As my project/paper relates to simulating different types of applications like FTP, RTP, and SIP, as they relate to commercial products (VoIP, email, bittorrent, http) and congestion, I was wondering if anyone knows of any simulation models already available besides the example ones released by NS2 and the contributed code found at [URL]. Also, does anyone know of any tcl scripts that simulate specific applications (including the transport layer and Internet layer)? I am using Ubuntu 10.04 LTS and NS2 2.34
View 1 Replies
View Related
Jan 10, 2010
Browser can't find server at att.yahoo.com so no internet. My folding at home client with Stanford can't download {an upload went ok}. I have 2 other fedora boxes & 3 windows boxes thru the same router and they are all fine.
I can manually ping Stanford ok,
Add/remove software within fed. works ok.
I can type in 192.168.0.1 & get the page for my router
The only thing I did between working & not working was to install
Nvidia Cuda driver for my GTX275
My guess is something in the firewall got tweaked. but I've compared it to 2 working boxes & nothing jumps out at me.
View 5 Replies
View Related
Mar 5, 2010
I have a F11 box serving xdmcp. I log into them machine remotely with xming. As far as I can tell, all x clients work fine, EXCEPT for sealert. I get occasional selinux alerts, but I cannot use the sealert browser on my remote machine. When I try to run the browser, I get this: sealert -V -b
2010-03-05 11:27:49,841 [dbus.proxies.ERROR] Introspect error on :1.61:/org/fedoraproject/Setroubleshootd: dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Message did not receive a reply (timeout by message bus) 2010-03-05 11:27:49,842 [dbus.proxies.DEBUG] Executing introspect queue due to error 2010-03-05 11:27:49,842 [dbus.ERROR] could not start dbus: org.freedesktop.DBus.Error.ServiceUnknown: The name :1.61 was not provided by any .service files
I see the bug at [URL].. but it does not mention the browser, nor does it say what the fix/workaround is..Im going to stab in the dark and start relabeling things, but anyone know what's really wrong?
View 2 Replies
View Related
May 21, 2010
So I downloaded a movie from megaupload and a pop up came up with [URL]....that bounced me to[URL]..but that webpage did not display. Normally, on Windows, I would have an anti-virus that would likely give me some sense of good or bad websites. On Ubuntu, I am not quite sure. Do I need a malware scanner for the firefox browser? I have the standard package from the 10.04 distro with the latest updates...
View 5 Replies
View Related
Sep 21, 2010
I am trying to use apparmor to restrict my file browser, which is Thunar to only let me view the files that are in the home directory and also removable media.I tried following the apparmor sticky with no success.I created the profile and tried editing it and it either started and let me do pretty much everything or did not start at all. Would it be possible for someone to help me step by step to set up a profile for thunar that would only show the home directory and removable media.
View 2 Replies
View Related
May 20, 2011
I was recently connecting securely to the website where I have my mail account, and I connected through Tor. When doing so firefox presents me with the screen saying that the connection is untrusted and it can't verify the certificate. So I cancelled. I'm using torbutton and I turned torbutton to off and connected again with no problem. Then with torbutton on again, same thing (untrusted).
Is it possible the exit node I was going through is doing a man in the middle attack? However later when connecting through tor I did NOT get the warning about the site being untrusted. I really don't know what exit node I was using when I got the certificate warning and what exit node I was using when I did not recieve the warning. I don't know how long I stay on the same node or how/when it changes.
View 4 Replies
View Related
Dec 29, 2010
We have a web server running apache and a custom web app that we log into from a web browser and it ask you to except the certificate and all is well. I now have an user who is using a window server 2008 and he wants to manually import the *.cer file into his browser to be able to login. My question are:
1 - What is the file that is being imported into the browser? *.pem *.crt
2 - I see on our server that we have our certs I believe located in the /etc/pki/tls/certs. The openRADIUS servers that I have created, this is the directory to where it is stored.Is this the typical placement for certs.
3 -If the files is a .cert or *.pem than could I use openssl to convert them to the appropiate *.cer file for IE7
View 2 Replies
View Related
Nov 8, 2010
A researcher at security firm Alert Logic has published code that could be used to compromise some versions of Google's Android Operating System. The exploit, if properly adapted, could make Android phones vulnerable to remote attacks and compromises.
View 2 Replies
View Related
Feb 12, 2010
One of my user wants to be able to upload file via browser to the server. For that, i need to grant apache read and write access to a folder. How much secure is allowing apache to grant complete read and write access to a folder ?
View 2 Replies
View Related
Jul 20, 2009
I'm running fedora 10 on a virtual machine. I'm trying to create a kernel so that I can use the imaging software FOG on multiple computer makes and models. I'm pretty new to linux so I'm sure I'm missing something I just need someone to point me in the right direction. I have installed the "Development Tools" and qt3-devel. When I run make xconfig or make menuconfig it errors out. The following is what I get...
make xconfig
[root@localhost linux-2.6.26.2]# make xconfig
scripts/kconfig/qconf arch/x86/kconfig
init/kconfig:514: can't open file "usr/Kconfig"
make[1]: *** [xconfig] Error 1
make: *** [xconfig] Error 2
[Code]...
View 11 Replies
View Related
Oct 27, 2010
New applesmc kernel module with dynamic configuration. The amount of machines supported by this module has increased rapidly over the past years, and the detailed driver support of the many flavors is quickly becoming a problem. The attached dkms package contains a new, dynamically configured driver which fixes a number of outstanding issues:
* Support for all new models since MacbookPro 6.
* Support for variable number of processors in the MacPros.
* Handles the odd temperature sensor types found on new models.
* Fixes minor read problems on many intermediate models.
And, of course, all models back to the MacBook1,1 should work at least as well as before. Please test and report the outcome in this thread, stating your machine model and a simple "OK" or a description of the problem. As soon as things seem to work as expected, the patches will go upstream.
View 9 Replies
View Related
Nov 10, 2010
I wonder what are models and makes of good internal SATA or IDE DVD-CD burners. I'd like to get one for my desktop tower since I've only had CD burners before. For burning, I use k3b and I'd be doing more CD burning than DVD burning but would also use the burner to watch a DVD movie now and then.
I'd prefer one that isn't too fussy about media. In other words, I'd be happy to have one that takes and plays nicely with commonly found media, rather than with exotic, hard-to-find media. And a burner that handles a good range of the various DVD formats would be nice too.
I don't need LightScribe because I figure it will only work for Windows users. Yes or No? [But does Linux have some package that lets this LightScribing work?]
[My OS is MEPIS 8.5, a Debian-based OS which uses Synaptic for package downloading and installation.] Tell me what good luck you've had with burner and tell what makes/models to avoid.
View 4 Replies
View Related
Jun 29, 2010
What are the pros and cons of each? I am just trying to make some models of different types of users and be able to scale.
View 2 Replies
View Related
Mar 7, 2010
whats the most secure firefox browser for karmic that i can use from a PPA source ? that source must be trustable.could you tell me the PPA for the one in question as well ?
View 2 Replies
View Related
Oct 20, 2010
I have a PC for windows connected to my printer. On another PC I just installed & using 10.04 LTS. First of all I am unable to get Ubuntu to find, recognize & install the DCP 395 CN. Linux appears to recognize the MSHOME but does not have my printer listed in the Brother models? This is a wired system consisting of 2 computers through a dsl broadband router. The DCP 395 printer is connected to the Windows PC by USB, if that makes any difference . Would like to connect to the MSHOME or establish a Network that will work.
View 2 Replies
View Related
Mar 12, 2011
Does anyone know the Code to automount/autofs? I can't tell if my mount points are truly NOT mounted when not accessed. Especially since they show up in /proc/mouts:
Code:
localhost mnt # cat /proc/mounts
rootfs / rootfs rw 0 0
[code]....
View 5 Replies
View Related
Aug 31, 2010
How to get my USB trust webcam working on Ubuntu 10.04.
View 4 Replies
View Related
Apr 17, 2010
I am trying to get my Trust TB-6300 drawing pad to work..
View 1 Replies
View Related
Jun 9, 2011
I have postfix relaying email to the internet for my LAN I need to configure postfix to trust only one SMTP server to relay his emails to the internet
View 4 Replies
View Related
Jan 21, 2010
I've just bought a new, cheap webcam. The manufacturer is "Trust", who builds chips of Microdia in their products. So, I plugged my new webcam, noticed that the driver obviously is missing and I finally decided to use Google.
Well, there were some tutorials which include manual installation of gspca (which should be included in the recent kernel files, but somehow isn't). So..I tried the manual installation and it aborts with the message, that there was some error in one of the code files..however.
I continued searching for a solution and found it on the German Ubuntu community page, ubuntuusers.de. Their wiki says that I have to run the following commands that download and compile the right drivers for my webcam. Or at least they should do so.
Code:
Code:
Code:
Code:
Code:
Code:
Code:
And eventually it should work properly. So far the theory. In fact it aborts at exactly this point:
Code:
And gives the following error message:
Code:
Well, urm. I guess I'll have to install that missing module..somehow, but I do not really have hunch.
View 9 Replies
View Related
Jun 25, 2010
I need some expert advice here regarding the samba problem after upgrading. All data migrated with the appropriate permission. I transferred the /etc/passwd, /etc/shadow and /etc/samba/* files to the new server.
Previous working version (Slackware v11 - 32bits - Old Hardware)
- samba-3.0.25a-i486-1_slack11.0
- XP Pro users are able to login and authenticate (NT DOMAIN)
- Login script and file sharing with permission are okay too
Upgraded to (Slackware 13.1 64bits - New hardware)
- samba-3.5.2-x86_64-1
- if the PC did not logoff, the file sharing and permission works fine.
- If they logoff, they will not able to re-logon.
- If I detach the PC from domain and then rejoin domain, I will be able to login to the domain, So I guess the samba configuration is working
I read it has to do with Machine Trust Account or something.
- Can I convert or make samba 3.5 recognize the Machine Trust Account on the new hardware?
- How can I check if the if the entry is successfully registered as machine trust account?
I checked and found the 'machinename$' (example) in all three places /etc/passwd, /etc/shadow and /etc/samba/private/passdb.tdb. I see no differences on the one PC that I unjoin and rejoin the domain versus those old domain name join to the old hardware.
View 1 Replies
View Related
Sep 7, 2011
I've been using Debian for around ~3 months now, though before that a certain derivative thereof since the start of the year.Long story short is that I was installing packages, as you do, when apt-get prompted that I run apt-get autoremove, as it does. So, trusting the computer, I do, not bothering to read the chunk of packages that it recommends to remove. Life goes on, until a reboot reveals that there are issues.Short story shorter, a quick cat /var/log/dpkg.log | grep remove spits out the following:
root@kubrick:~# cat /var/log/dpkg.log | grep remove
2011-09-05 22:04:09 startup packages remove
2011-09-05 22:04:09 remove gnome-user-share 2.30.1-1 2.30.1-1
[code]....
View 8 Replies
View Related
