Red Hat Security Blog: October 2013 archives
-
Symmetric Encryption
So far we have looked at what cryptography is and have taken a brief look at the history of cryptography; it's time for us to take a dive into how cryptography works. Cryptography often involves two important and complimentary processes called encryption and decryption. The process of encryption and decryption involves a secret key which is known only to the sender and the receiver of the message. Needless to say, the secrecy of the message depends on the secrecy of the key. This is analogous... -
Enterprise Linux 5.9 to 5.10 risk report
Red Hat Enterprise Linux 5.10 was released this month (October 2013), ten months since the release of 5.9 in January 2013. So let's use this opportunity to take a quick look back over the vulnerabilities and security updates made in that time, specifically for Red Hat Enterprise Linux 5 Server. Red Hat Enterprise Linux 5 is in its seventh year since release, and will receive security updates until March 31st 2017. Errata count The chart below illustrates the total number of security updates... -
We are not who we are
In authentication, we generally talk about three "factors" for determining identity. A "factor" is a broad category for establishing that you are who you claim to be. The three types of authentication factors are: Something you know (a password, a PIN, the answer to a "security question", etc.) Something you have (an ATM card, a smart card, a one-time-password token, etc.) Something you are (your fingerprint, retinal pattern, DNA) Historically, most people have used the first of these three...