Monthly Archives: September 2014

Passwords’14 in Trondheim

Call for papers

Passwords^14 is part of a lively and entertaining conference series started by password hacker Per Thorsheim in 2010 and devoted solely to passwords.

Up to now it was mostly invited talks and hacks but this year we’re also having scientific papers, which will be peer-reviewed. Proceedings will be published in Springer LNCS. Submission deadline 27 October 2014.

Call for papers: http://passwords14.com/cfp.pdf

Conference site: https://passwordscon.org/

See you in Trondheim, Norway, 8-10 December 2014.

Design and Implementation of the FreeBSD Operating System, Second Edition now shipping

Open-source security, Operating systems

Kirk McKusick, George Neville-Neil, and I are pleased to announce that The Design and Implementation of the FreeBSD Operating System, Second Edition is now available from Pearson Education (Amazon link for non-US folk). Light Blue Touchpaper readers might be particularly interested in the new chapter on FreeBSD’s kernel security features including:

  • Process Credentials
  • Users and Groups
  • Privilege Model
  • Interprocess Access Control
  • Discretionary Access Control
  • Capsicum Capability Model
  • Jails
  • Mandatory Access-Control Framework
  • Security Event Auditing
  • Cryptographic Services
  • GELI Full-Disk Encryption

There is detailed coverage of the FreeBSD TCB, POSIX.1e and NFSv4 ACLs, OS sandboxing features, the Mandatory Access Control Framework used not just in FreeBSD but also Junos/Mac OS X/iOS, the FreeBSD kernel’s Yarrow-based pseudo-random number generator, and both confidentiality and integrity cryptographic protection for filesystems, and the kernel’s IPsec implementation. Other new content in this edition of the book includes ZFS, paravirtualised device drivers, DTrace, NFSv4, network-stack virtualisation, and much more.

We will be using this book as one of the core texts for our new masters-level operating-system course at Cambridge, L41, in spring 2015.