Spam Report
Friday, 19 Aug 2005: 68 messages, 37 real, 31 spam
Saturday, 20 Aug 2005: 35 messages, 9 real, 26 spam
Sunday, 21 Aug 2005: 56 messages, 17 real, 39 spam
Monday, 22 Aug 2005: 72 messages, 48 real, 24 spam
Tuesday, 23 Aug 2005: 88 messages, 56 real, 32 spam
Wednesday, 24 Aug 2005: 90 messages, 59 real, 31 spam
Thursday, 25 Aug 2005: 79 messages, 53 real, 26 spam
488 messages, 279 real (57.2%), 209 spam (42.8%)
Previously estimated at 62.5% spam to 77.5%, average 71.9% (450 out of 1200 to 2000 mails, average 1600)
In any case, going from 1150 spam messages per week to 210 is pretty sweet!
Machine Translation Reading Group
Here's the
comptranslation reading list for fall, 2005. The tentative presenters are listed, and this page will become the calendar for the group. I'll post mirrors and citations on a more detailed page later.
CIS 798, Computational Models of Decision Making in Agents
Here's the course agenda, cross-posted inmassforge:
Cybersecurity
Today's lecture by Wallentine dealt with:
We also discussed the ramifications of packet sniffing, systems administrator access to user information, and acceptable use policies for information systems. The ramifications ofk_state's acceptable use policy were of particular interest. The Bell-LaPadula information model was covered towards the end of the class.
K-State Online (KSOL) has its own formatted version of this privacy statement. I did a cursory visual comparison and didn't notice any differences except those of formatting (e.g., the epigraph has its own section number in the K-State version and none in the KSOL one), but I haven't tried a computer diff.
--
Banazir
Friday, 19 Aug 2005: 68 messages, 37 real, 31 spam
Saturday, 20 Aug 2005: 35 messages, 9 real, 26 spam
Sunday, 21 Aug 2005: 56 messages, 17 real, 39 spam
Monday, 22 Aug 2005: 72 messages, 48 real, 24 spam
Tuesday, 23 Aug 2005: 88 messages, 56 real, 32 spam
Wednesday, 24 Aug 2005: 90 messages, 59 real, 31 spam
Thursday, 25 Aug 2005: 79 messages, 53 real, 26 spam
488 messages, 279 real (57.2%), 209 spam (42.8%)
Previously estimated at 62.5% spam to 77.5%, average 71.9% (450 out of 1200 to 2000 mails, average 1600)
In any case, going from 1150 spam messages per week to 210 is pretty sweet!
Machine Translation Reading Group
Here's the
comptranslation reading list for fall, 2005. The tentative presenters are listed, and this page will become the calendar for the group. I'll post mirrors and citations on a more detailed page later.CIS 798, Computational Models of Decision Making in Agents
Here's the course agenda, cross-posted in
massforge:- Planning Meeting: Week 01, 26 Aug 2005
- Paper 01 (Week 02, 02 Sep 2005): Target acquisition
- Paper 02 (Week 03, 09 Sep 2005): Locomotion - bipedal, quadripedal, etc.
- Paper 03 (Week 04, 16 Sep 2005): Character animation
- Paper 04 (Week 05, 23 Sep 2005): Path planning
- Paper 05 (Week 06, 30 Sep 2005): Crowds
- Review Meeting: Week 07, 07 Oct 2005
- Paper 06 (Week 08, 14 Oct 2005): Collision avoidance
- Paper 07 (Week 09, 21 Oct 2005): Vehicle guidance
- Paper 08 (Week 10, 28 Oct 2005): Path Planning
- Review Meeting: Week 11, 04 Nov 2005
- Paper 09 (Week 12, 11 Nov 2005): Scheduling
- Paper 10 (Week 13, 18 Nov 2005): Herding
- Paper 11 (Week 14, 21 Nov 2005): Learning
- Review Meeting: Week 15, 02 Dec 2005
- Paper 12 (Week 16, 09 Dec 2005): Vehicle interaction
Cybersecurity
Today's lecture by Wallentine dealt with:
- security policies
- integrity properties
- trust
- formal verification
- information flow
We also discussed the ramifications of packet sniffing, systems administrator access to user information, and acceptable use policies for information systems. The ramifications of
k_state's acceptable use policy were of particular interest. The Bell-LaPadula information model was covered towards the end of the class.K-State Online (KSOL) has its own formatted version of this privacy statement. I did a cursory visual comparison and didn't notice any differences except those of formatting (e.g., the epigraph has its own section number in the K-State version and none in the KSOL one), but I haven't tried a computer diff.
--
Banazir
- Current Mood:
excited
- Current Music:Tommy Lee - Good Times
Profile
banazir- Banazîr the Jedi Hobbit
- Unusual Nut-Case Lays of Ea (U.N.C.L.E.): Tolkien Humor
Comments
There are few current operating system implementations that actually enforce a role-based access control system as defined by the NCSA (the rainbow series).
Until recently (a year and a half to two years ago) the only modern operating sysytem that really supported this concept at its core was Windows NT. The idea behing the NT priv model is a very sound one: No one interactive user has complete access to every resource of the system. "Administrator" is just that, an Administrator. He can perform system level tasks, maintinance of the filesystem, configuration of interfaces, maintinance of the routing table, but cannot arbitrarily read files.
WinNT in 2000 and above enforces this most effectively with on-disk encryption. When a computer is not joined to a domain, the administrator is the default key recovery agent, kind of defeating the purpose. In a domain, however, this works well.
The only problem with EFS is it ties your login credentials to your disk encryption, and as an associate of mine discovered when she changed her password while heavily medicated, this can screw you in the end.
Linux only picked up this level of functionality at first in 2.4, with the CAP system, but no one took it seriously. The NSA's SELinux framework is a good stab at a manditory access control system with roles and object descriptors. Downside, like any true MAC system, it is a complete bitch to administer. Administering a single SELinux system is a full time job. A full time job I wouldn't take.
There's also the RSBAC project (www.rsbac.org) which started off as one insane German guy (and he's really insane.. he added ~120 syscalls with his patchset) and now there's a small-ish German company backing it. I've used it some, its interface is getting better but still not quite there. It's largely dialog-based and when they get the kinks out of interfacing from userspace to kernelspace for security policy configuration and administration, it'll be there.
Gentoo and Debian both have SELinux and RSBAC implementions (http://www.gentoo.org/proj/en/hardened/ and http://www.trusteddebian.org/) and provide security policies for their environments. Red Hat uses SELinux in Fedora, and Novell is using the pile of shi^H^H^H^H^H^H^H^H^H^Hfine software put together by the Immunix team (that isn't ... quite... anything, except Immunix).
trustedBSD was merged into freeBSD 5.4 but my freeBSD laptops hard drive died and I'm not getting a replacement until tomorrow. A lot of the same thought that went into SELinux is the kind that went into trustedBSD (MAC, security policies, and rule and role based access control). I'm interested in playing with that, as freeBSD is generally a lot more unified than Linux.
And we're really, really, not gonna talk about Grsecurity. Not at all.
This wound up a lot longer than I wanted it to be. sorry...