Recently in twit.tv's MacBreak Weekly, they advised about a simple technique to get secure passwords, by using openssl, then in another episode they talked about 1Password.

The advise was to generate a strong password and have your keychain manager remember it! Now, if you do follow that advise, and set up complex passwords, and have your keychain manager remember it, what happens if your keychain becomes corrupted due to any reason (or your hard disk crashes and you don't have a backup), you would be completely locked out of your accounts, because the password was too complex to remember. Or imagine your traveling and get your laptop stolen (happened to a friend recently), there is no way you can login into any service, because you don't remember the passwords any more. So are strong random passwords really a good idea??

I rather think, that phrases, you remember are better as passwords. Or if possible try to use openssl keys for identification. The best methods I've seen so far, and I think its pretty secure from keyloggers as well, is method used by my bank.

The site does not prompt for the entire password, rather, you have to type in certain characters in the password, for instance:

And every time you login the character a different set of characters is asked. This method is secure from keyloggers for sure, because no one will have an idea what character was asked.

I came across this wonderful site which describes how to create firefox extensions.

I finally decided to take the plunge and remove Windows XP completely from my notebook (so far I was dual-booting), however I require certain applications which I need to use as part of my research that's why I have installed VMWare and hosted Windows XP on it, with the software. I'm so far very impressed by the performance, although I only have 512MB RAM, but it doesn't feel as if I'm running an emulated environment. VMWare allows me to stay in Linux and access those application which I require which are not available on Linux yet. Gradually I think virtualization will facilitate Linux in taking over the Desktop J.

However I have come across a problem which has been purely setup by open source "fundamentalists"! As soon as I installed VMWare I tried out various hardware including USB flash drives and USB camera, but they won't work? And upon investigation it was revealed that this was due to a method for accessing the USB port, which was claimed to be insecure, hence support for it was discontinued in openSUSE 10.2, in a heated discussion in the forums, it was very clear who was behind all this, a respected kernel hacker. Greg KH recently jumped the canon and was the one who posted a patch to the LKML, for eliminating binary drivers. I respect him; however he does not seem to have any for users. In a post he said:

"We are not supporting VMWare, because it is closed source and proprietary"

It indeed is, but is there any other open source solution that beats it? Xen requires kernel modification and hence does not work with Windows, the only solution to virtualize windows on Linux computer right now (KVM may change that in future, however it is in the initial stages of development, and runs only on the latest processors) is to use VMWare. In effect VMware is doing us a favour by porting VMWare to Linux at all! I'm 100% certain that the openSuse 10.2 kernel team is doing the right thing by closing a potential exploitable thing, however the approach they have adopted is completely unacceptable! If the concerned methods is indeed exploitable, it is only in the application developers own interest to adopt a more secure method for accessing USB ports, however why can't all Linux distributions follow the same standard then? I can well imagine why VMWare didn't use the openSuse method of 'securely' accessing USB ports, because it would conflict with other popular distributions and if they try to support each method, would result in excessive workload to the company. The best method in this case would be to use something like the OSDL (what's the job of OSDL anyway?) to provide recommendations to the linux distributions in order to standardize kernel level interfaces, so that application developers do not end up supporting dozens of methods for a trivial task as accessing a USB port.

For the time being while Windows runs on more than 90% of the worlds desktops, and is a lucrative market for Independent Software Vendors, we can not ignore users who have applications which are Windows dependant; there are 1,000 times more such applications than Linux dependant apps. And the only way to allows users to run those applications on Linux for the time being is to use virtualization (WINE in my opinion, is progressing nicely, but still has some way to go).

PS. Instead of just ranting here, I will be releasing an openSUSE default kernel with the USB access feature turned on, so that people who need it now can use it

With increasing usage of Linux in various computing environments, a lot of security vulnerabilities are being discovered in GNU/Linux-based systems. Due to the open nature of application development in the Open Source world, a lot of vulnerabilities are being addressed very quickly. But, it may happen that a patch is not addressed in a timely manner, and in the meantime, all the systems running the application are exposed. Malicious users can possibly gain root privileges and wreak havoc with these systems. This is where the Linux Intrusion Detection System (LIDS) comes to the rescue.

Read the full article on Linux Journal