I’ve decided to begin studying for the Systems Security Certified Practitioner (SSCP) exam offered through (ISC)2 since I’ve started to drift away from the security world due to my educational pursuits. In my studies I’ve come across a few security models that I feel are worth quickly summarizing which include the Bell-La Padula, Biba, and Clark-Wilson models.
So I cracked and decided to see what the hype surrounding Ubuntu was since, after all, it is based on Debian. I downloaded the respective Live CD for my system and booted up. The Ubuntu Live CD started and I was presented with a nice looking GUI that allowed me to continue installation.
Everything was going smoothly until I was asked to ‘Prepare Partitions’. This part of the installation process didn’t recognize my hard disk drive. Turns out there’s a package called dmraid that needed to be removed.
In summary, if you’re experiencing a similar error during your Ubuntu 10.04 installation try the following steps:
Message Digest 5, or MD5, was created by Ronald Rivest in 1991 to replace his previous version, MD4, which was deemed insecure after the results of cryptanalytic work by Bert den Boer and Antoon Bosselaers showed MD4 weaknesses. Interestingly enough, MD4 is the algorithm behind the computation of NT-hash password digests on Microsoft Windows NT, XP and Vista.
MD5 is a cryptographic hash function that takes an arbitrary block of data and returns a bit string of a fixed size commonly called the hash value or the message digest. Think of a hash like a digital fingerprint. MD5 produces a 128-bit message digest that is represented in 32-bit hexadecimal format. The basic operation of a hash function takes a message (input data) and encodes it using a series of rounds where algorithms modify the data to produce a hash value (bit string).
Recent MD5 flaws have been disclosed and as a result of these disclosures, US-CERT has stated that MD5 “should be considered cryptographically broken and unsuitable for further use”. As a result of these flaws, U.S. government applications will be required to move to the SHA-2 family of hash functions by 2010. Another interesting side note: the U.S. National Institute of Standards and Technology (NIST) held an open competition to find a new hash function capable of replacing SHA-2. This new hash function will be called SHA-3 and is expected to become a Federal Information Processing Standard (FIPS) sometime around 2012.
asynchronous attack vectors C character count ciphers cipher text code obfuscation communication cross-site scripting cryptanalysis cryptography decryption defense in depth demilitarized zone dmz Encryption google javascript kernel layered approach layering letter frequency network Networking network models network stack obfuscation orange book OSI perl phishing PHP plain text Programming secure email stack substitution cipher symmetric synchronous TCP/IP transformations transforms trusted computer system evaluation criteria Vulnerabilities xss
WP Cumulus Flash tag cloud by Roy Tanck and Luke Morton requires Flash Player 9 or better.
