From Fedora Project Wiki

< FWN‎ | Beats

m (spacing issues for plaintext mailshot)
No edit summary
Line 6: Line 6:
Contributing Writer: [[JoshBressers]]
Contributing Writer: [[JoshBressers]]


=== Malicious Activity Grows in 2008 ===
=== Cloudy Trust? ===
 
CIO.com has a nice article that points out some of the probably flaws in cloud computing:
2008 Saw a surge in malicious code activity <ref>http://www.net-security.org/secworld.php?id=7311</ref>
''Cloud Security: Danger (and Opportunity) Ahead.''
This is a disturbing trend, and for the underground, this is easy money. The threat will continue to grow until either the money dries up (unlikely) or the difficulty of exploiting this is greater than the potential gain. Right now it looks like the trend will continue for several years.
<ref>http://www.cio.com/article/492999/Cloud_Security_Danger_and_Opportunity_Ahead</ref>
 
In theory, cloud computing is a fine idea that has the potential to lower the cost of a CPU cycle dramatically. The thing nobody is really talking about yet is keeping your data secure. Right now, it would be rather unwise to presume that anything you send to the cloud won't be compromised in some way. Securing a highly multi-user environment such as this is going to pose a huge challenge. Problems nobody has even though of are going to emerge, and will take a great deal of cooperation and understanding to solve them. This is one of the places that Open Source style collaboration will prove to be highly useful.
<references/>
 
=== Who in the Linux World Would be Responsible for a Worm ? ===
 
Last week OSNews asked a rather interesting, but easily answered question:
OSNews Asks: Who'd Be Responsible for a Linux Conficker? <ref>http://www.osnews.com/story/21312/OSNews_Asks_Who_d_Be_Responsible_for_a_Linux_Conficker_</ref>
The world of Open Source security is mostly a process that happens behind the scenes, but is quite effective. There is a wiki called OSS-Security <ref>http://oss-security.openwall.org/wiki/</ref> that provides a number of links to various groups. In the event of something like a worm, the vast majority of the effort would end up happening on the Vendor Security (vendor-sec<ref>http://oss-security.openwall.org/wiki/mailing-lists/vendor-sec</ref>) mailing list. This is a group of trusted Open Source distributors that communicate in private in an effort to keep the end users of Open Source software secure. To date this group has been working out quite well, and the members are very used to solving security flaws in a cooperative manner. In the event of a widespread Linux worm, there would be many tired people, and quite a lot of vendor-sec emails.


<references/>
<references/>

Revision as of 18:45, 22 May 2009

Security Week

In this section, we highlight the security stories from the week in Fedora.

Contributing Writer: JoshBressers

Cloudy Trust?

CIO.com has a nice article that points out some of the probably flaws in cloud computing: Cloud Security: Danger (and Opportunity) Ahead. [1] In theory, cloud computing is a fine idea that has the potential to lower the cost of a CPU cycle dramatically. The thing nobody is really talking about yet is keeping your data secure. Right now, it would be rather unwise to presume that anything you send to the cloud won't be compromised in some way. Securing a highly multi-user environment such as this is going to pose a huge challenge. Problems nobody has even though of are going to emerge, and will take a great deal of cooperation and understanding to solve them. This is one of the places that Open Source style collaboration will prove to be highly useful.