#spectrum on 2021-01-10

2019-08-29 20:55 qyliss changed the topic of #spectrum to: A compartmentalized operating system | https://spectrum-os.org/ | Logs: https://logs.spectrum-os.org/spectrum/

00:10 jpds has quit [Remote host closed the connection]

00:10 jpds has joined #spectrum

00:44 pie__ has joined #spectrum

00:44 <pie__> https://www.usenix.org/legacy/event/sec02/full_papers/shapiro/shapiro.pdf Access and Integrity Control in a Public-Access,High-Assurance Configuration Management System

00:44 <pie__> did not read

00:44 <pie__> cc IdleBot_4fae1f80

00:44 <pie__> https://dwheeler.com/essays/scm-security.html Software Configuration Management (SCM) Security

00:45 <pie__> via https://lobste.rs/s/mxgypj/what_are_you_reading_this_month#c_mgvy7h

00:45 <pie__> (nickpsecurity)

00:47 <pie__> for todays "random" post, also did not read: www.knosof.co.uk/ESEUR/ Evidence-based Software Engineering via https://lobste.rs/s/cts6ww/evidence_based_software_engineering

00:49 <pie__> what kicked this off: https://fas.org/irp/nsa/rainbow.htm via https://en.wikipedia.org/wiki/Rainbow_Series via https://en.wikipedia.org/wiki/Trusted_Computer_System_Evaluation_Criteria (orange book)

00:49 <pie__> (not sure how i ened up on the orange book)

00:50 <pie__> last one, this has some good stuff in it, so it cant be bad https://github.com/veeral-patel/how-to-secure-anything

00:51 * pie__ tries to get back to studying after getting some ADD out of his system

00:52 <pie__> I dont know how outdated it really is, but apparently the orange book is the main one of the rainbow series and then theres a ton of explanatory material?

01:01 <pie__> hm. dunno about pib

01:02 <pie__> *public/private divide but all these rainbow books are pre-l0phy congress hearing, not that i have any idea of the history of infosec or if that had any particular impact

01:04 <pie__> hm. https://en.wikipedia.org/wiki/Buffer_overflow#History

01:31 <pie__> well i guess what id really want to know if the common criteria is watered down

01:35 <V> wait are we talking the CD books

01:35 <V> or a different kind of rainbow book

01:40 <pie__> is this the cd format specification per my googlin? because no its not that :P

01:40 <pie__> also i continue to remind myself that really i should start with ross andersons security engineering because it probably has everything...

01:44 <V> yes, that

01:44 <V> I have no idea who ross anderson is

01:44 <V> I don't know any ross' any more

01:45 <pie__> id say its worth its weight in gold (probably) but the 2nd edition i have is actually pretty light, idk, light paper? (not thin though) https://www.cl.cam.ac.uk/~rja14/book.html

01:48 pie__ has quit [Changing host]

01:48 pie__ has joined #spectrum

02:23 <pie__> oh wow i just realized the shapiro paper is from 2002

02:28 <pie__> some more shapiro stuff for completeness i guess ; http://www.usenix.org/events/usenix03/tech/freenix03/shapiro.html "OpenCM: Early Experiences and Lessons Learned" via web.fdn.fr/~lcourtes/ludo-12.html

03:08 <pie__> god im finding so much awesome stuff today

04:00 jpds has quit [Remote host closed the connection]

06:28 cole-h has quit [Ping timeout: 264 seconds]

06:36 pie__ has quit [Ping timeout: 245 seconds]

06:47 TheJollyRoger has quit [Remote host closed the connection]

07:46 tilpner has quit [Remote host closed the connection]

07:47 tilpner has joined #spectrum

08:07 jpds has joined #spectrum

08:08 TheJollyRoger has joined #spectrum

09:51 tilpner_ has joined #spectrum

09:53 tilpner has quit [Ping timeout: 264 seconds]

09:53 tilpner_ is now known as tilpner

10:36 jpds has quit [Ping timeout: 240 seconds]

10:37 jpds has joined #spectrum

11:06 TheJollyRoger has quit [Ping timeout: 240 seconds]

11:08 TheJollyRoger has joined #spectrum

11:30 <IdleBot_4fae1f80> Yeah, looks like a lot of OpenCM things were incorporated in Monotone. And _of course_ lost on Git,

11:37 <IdleBot_4fae1f80> Looking at the «practical software updates for integrity-protected systems». Ah, so their assumption is that the package management stays unfixably broken, OK, next.

11:40 qyliss has quit [Quit: bye]

11:43 qyliss has joined #spectrum

11:53 qyliss has quit [Quit: bye]

11:56 qyliss has joined #spectrum

11:59 tilpner has quit [Remote host closed the connection]

11:59 tilpner has joined #spectrum

12:01 <qyliss> mailing lists are down due to server upgrade but should be back shortly

12:02 qyliss has quit [Quit: bye]

12:05 qyliss has joined #spectrum

12:43 qyliss has quit [Quit: bye]

12:46 qyliss has joined #spectrum

14:47 cole-h has joined #spectrum

15:20 cole-h has quit [Quit: Goodbye]

15:22 cole-h has joined #spectrum

16:08 pie__ has joined #spectrum

16:08 <pie__> bridge[evilred]1 jpo forgot to hihglight you on https://github.com/veeral-patel/how-to-secure-anything yesterday, hope you like it (a bibliography)

16:09 <pie__> also, really, probably the bibliography in andersons book

16:09 <pie__> note to self: i should do an experiment of checking how many papers you would link are in those bibliographies

16:12 <pie__> bridge[evilred]1 if you have any record/memory of papers youve gotten recommended by your friend, id be curious to know how many intersect, re: the above

16:13 <pie__> (random https://www.sri.com/case-studies/spotting-audio-visual-inconsistencies/ )

16:16 pie__ has joined #spectrum

16:16 pie__ has quit [Changing host]

16:47 bridge[evilred]1 has quit [Remote host closed the connection]

16:47 bridge[evilred] has joined #spectrum

16:52 edadqr has quit [Remote host closed the connection]

16:52 jb55 has quit [Read error: Connection reset by peer]

16:52 nicoo has quit [Write error: Connection reset by peer]

16:52 TheJollyRoger has quit [Write error: Connection reset by peer]

16:52 jpds has quit [Write error: Connection reset by peer]

17:05 pie__ has quit [Ping timeout: 248 seconds]

17:10 jb55 has joined #spectrum

17:17 nicoo has joined #spectrum

17:19 edadqr has joined #spectrum

18:03 TheJollyRoger has joined #spectrum

22:10 hooway has joined #spectrum

22:12 hooway has quit [Client Quit]