“This week, a few interesting papers were released:
“Cryptography, PGP and Pine,” “Square one: Paring down your network
services,” and the humorous, “Top Ten Reasons Why You Shouldn’t Log
in as Root.” Each of these articles provide useful information that
can help you secure your system.”
“Effective today, CERT will now follow a new policy of
disclosing vulnerability information to the public 45 days after an
initial report, regardless of the availability of patches or
workarounds. The purpose of releasing vulnerability
information is to better inform the public while still giving
vendors adequate time fix problems.”
“Our feature this week, Dave Wreski conducted an interesting
interview with Paul Vixie and David Conrad, developers of BIND.
They discuss the Internet Software Consortium, the changes in the
latest major version of bind, the security features designed into
it, and the future of Internet security.”