Red Hat Security Blog: April 2015 archives

  • Container Security: Just The Good Parts

    Security is usually a matter of trade-offs. Questions like: "Is X Secure?", don't often have direct yes or no answers. A technology can mitigate certain classes of risk even as it exacerbates others. Containers are just such a recent technology and their security impact is complex. Although some of the common risks of containers are beginning to be understood, many of their upsides are yet to be widely recognized. To emphasize the point, this post will highlight three of advantages of...
    Posted 2015-04-29T14:30:02+00:00 - 0
  • Regular expressions and recommended practices

    Whenever a security person crosses a vulnerability report, one of the the first steps is to ensure that the reported problem is actually a vulnerability. Usually, the issue falls into well known and studied categories and this step is done rather quickly. Occasionally, however, one can come across bugs where this initial triage is a bit more problematic. This blog post is about such an issue, which will ultimately lead us to the concept of “recommended practice”. What happened? On July 31st...
    Posted 2015-04-22T13:30:52+00:00 - 0
  • Don't judge the risk by the logo

    It's been almost a year since the OpenSSL Heartbleed vulnerability, a flaw which started a trend of the branded vulnerability, changing the way security vulnerabilities affecting open-source software are being reported and perceived. Vulnerabilities are found and fixed all the time, and just because a vulnerability gets a name and a fancy logo doesn't mean it is of real risk to users. So let's take a tour through the last year of vulnerabilities, chronologically, to see what issues got branded...
    Posted 2015-04-08T13:30:02+00:00 - 0
  • JOSE - JSON Object Signing and Encryption

    Federated Identity Management has become very widespread in past years - in addition to enterprise deployments a lot of popular web services allow users to carry their identity over multiple sites. Social networking sites especially are in a good position to drive the federated identity management, as they have both critical mass of users and the incentive to become an identity provider. As the users move away from a single device to using multiple portable devices, there is a constant pressure...
    Posted 2015-04-01T13:30:52+00:00 - 0