Techrights logo

IRC: #boycottnovell @ FreeNode: July 24th, 2013

Join us now at the IRC channel.

schestowitzThe rest are physical machines.Jul 24 00:00
schestowitz> 2.       Generic perimeter protection (external firewalls etc.)Jul 24 00:07
schestowitz> Jul 24 00:07
schestowitz> Can you provide info firewalls and any other security measures?Jul 24 00:07
schestowitzCurrently, access is limited to a certain range of machines and networks; for insurance, IPSec VPN is set up on UM-SRV-BACKUP1. There is also gating with distinct, long passwords and login credentials that deter intruders. SSH logs suggest that malicious attempts to authenticate are regular, but they fail to bypass the extensive protections. They attempt a variety of usernames. In addition. extra care was recently taken to further Jul 24 00:07
schestowitzharden the systems and more secure (encrypted) forms of communication put in place.Jul 24 00:07
schestowitz> 3.       How security is implemented in the communication between theJul 24 00:12
schestowitz> web service and the database (is SQL injection prevented, how ?)Jul 24 00:12
schestowitz> Jul 24 00:12
schestowitz> I will check if there is anything in the code but is there anything inJul 24 00:12
schestowitz> the hosting environment which manages security between web services andJul 24 00:13
schestowitz> database?Jul 24 00:13
schestowitzThe client side uses JavaScript to invoke commands at the server side, which also interacts with Google. For Google to damage the database would be impossible because it does not write into it, it just gets data from it (vessels) and sends data to the client (overlay of two types of data from two sources). If the client site's user was to craft a malicious command, then he or she would have to have an UltrsaMAP accou8nt to begin Jul 24 00:13
schestowitzwith, i.e. be a registered client. So this is unlikely to be an issue in practice. There are walled gardens protecting from Web service from users who are motivated to harm the system.Jul 24 00:13
schestowitzBackups are retained at the database partition (historical data) and are occasionally dumped outside of it (off site) for peripheral backup in very large files. In addition, there is redundancy (two servers) that protects from  critical failures and RAID for improved resilience. All the backups are done in the UK.Jul 24 00:17
schestowitz[Not sure how other data, such as other servers' full backup, gets stored.]Jul 24 00:17
schestowitzA draft.Jul 24 00:19
schestowitzJust some notes providing information based what what I know or think I know about their systems:Jul 24 00:19
schestowitzhttps://joindiaspora.com/posts/2872661Jul 24 00:20
TechrightsBot@schestowitz@joindiaspora.com: British children slept well last night knowing that they're growing up in a safer country where their government is *banning* Web sites.Jul 24 00:20
schestowitz"Link?"Jul 24 00:20
schestowitzGoogle cameron censorshipJul 24 00:20
*libertyboxes (~liberty@host86-160-199-218.range86-160.btcentralplus.com) has joined #boycottnovellJul 24 09:27
*puppywatch_ (~PuppyWatc@host86-160-199-218.range86-160.btcentralplus.com) has joined #boycottnovellJul 24 09:29
*libertybox_ has quit (Ping timeout: 240 seconds)Jul 24 09:29
*puppywatch has quit (Ping timeout: 240 seconds)Jul 24 09:29
*MinceR_ (~mincer@unaffiliated/mincer) has joined #boycottnovellJul 24 10:50
*MinceR has quit (Ping timeout: 240 seconds)Jul 24 10:53
*MinceR_ is now known as MinceRJul 24 11:59
*ChanServ gives channel operator status to MinceRJul 24 12:03
*cedalion (~cedalion@gateway/tor-sasl/cedalion) has joined #boycottnovellJul 24 18:55
cedalionwhy are we boycotting novell?Jul 24 18:55
MinceRhttp://techrights.org/wiki/index.php/Main_Page#Boycott_NovellJul 24 19:55
TechrightsBotTitle: Main Page - Techrights .::. Size~: 33.15 KBJul 24 19:55
cedaliontyJul 24 20:44
MinceRywJul 24 20:49

Generated by irclog2html.py 2.6 by Marius Gedminas - find it at mg.pov.lt!