Capabilities Digest

Computer security is a mess, and to fix it, I believe that Linux, and indeed the entire open source stack, needs to get forked , I humbly su...

This is a cut/paste of a comment I posted to /. The root cause of all of these security problems has been in plain sight since 1970 or so,...

I've just come across Genode  which looks like it may offer a reasonably quick route to capability based security for all of us. They ar...

I wrote this on Slashdot in reply to comments about the relative security of Windows vs Linux. This is like arguing about the odds of an...

Eric Drexler asks some interesting questions , and has points for discussion... here are my answers. Quiz - 1. Because traditionally t...

I'm putting together a project to implement CABsec on a small scale. I find myself wanting to play with an idea that doesn't seem ha...

I read this comment to a question about spam on Metafilter, and have been inspired. He uses unique email addresses in a way that is pretty ...

There is a fun game called Bubble Breaker ... I like to play it while I'm waiting for things to compile, format, etc.. but it has one b...

So, the Obama administration has declassified part of the "cybersecurity" planning of the Bush administration.... the story hit sl...

I recently posted a comment on the Slashdot story You won't recognize the internet in 2020 , which said: It's not the Internet swit...

The form below uses a capability (the string in the Token field) to replace the last data entry in The world's simplest capability demo ...

I can blog and talk for the rest of my life, and I doubt it would matter much. The fact is that it's very hard to wrap your mind around ...

I've watched the demo videos (the second video gets closest to capabilities), and it appears that The Mine! Project is going to be bui...

I highly recommend you watch http://www.youtube.com/watch?v=EGX2I31OhBE which is a Google tech talk video about Object Capabilities, heavy ...

Slashdot gets close to the truth... and then totally blows it, as usual.  A recent story pointed out that there will be funding for Minix, ...

One of the things about digging up information about Capabilities based security is trying to find Google terms that have value. It's li...

This video at YouTube looks very interesting... I hope to be able to watch the whole thing later today. As an educational resource it's...

AppArmor is a least-privilege system for Linux which uses the Linux Security Modules interface. Every "armored" application has a...

I came across BeyondTrust , which might be useful for people in a Windows Environment, because it helps lean towards a least privilege confi...

The Persevere project is an open source set of tools for persistence and distributed computing using intuitive standards-based JSON interfa...

Thomas Hawk recently tweeted : I wish Blogger's moderate comments system was smart enough to whitelist people. I hate having to reappro...

OATH - initiative for open authentication | All users, all devices, all networks. Ok, this one creeps me out a bit... they really, REALLY, ...

Here's an interested article about Object Capability Systems, which they call ocaps from LBNL. They argue that the need to have a user...

OAuth is: An open protocol to allow secure API authentication in a simple and standard method from desktop and web applications. OAuth is a...

I'm pushing an agenda, Capabilities as a means of fixing a lot of the problems with computer security. The most effective way to push an...