version 1.152, 2000/11/10 21:24:16 |
version 1.153, 2000/11/23 19:06:20 |
|
|
turnaround is possible. Thus we think that full disclosure helps the |
turnaround is possible. Thus we think that full disclosure helps the |
people who really care about security.<p> |
people who really care about security.<p> |
|
|
<a name=process> |
<a name=process></a> |
<li><h3><font color=#e00000>Audit Process</font></h3><p> |
<li><h3><font color=#e00000>Audit Process</font></h3><p> |
|
|
Our security auditing team typically has between six and twelve |
Our security auditing team typically has between six and twelve |
|
|
by default, creating instantaneous security problems for their users |
by default, creating instantaneous security problems for their users |
within minutes after their first install.<p> |
within minutes after their first install.<p> |
|
|
<a name=crypto> |
<a name=crypto></a> |
<li><h3><font color=#e00000>Cryptography</font></h3><p> |
<li><h3><font color=#e00000>Cryptography</font></h3><p> |
|
|
And of course, since the OpenBSD project is based in Canada, it is possible |
And of course, since the OpenBSD project is based in Canada, it is possible |
|
|
</ul> |
</ul> |
|
|
<p> |
<p> |
<a name=reporting> |
<a name=reporting></a> |
<li><h3><font color=#e00000>Reporting problems</font></h3><p> |
<li><h3><font color=#e00000>Reporting problems</font></h3><p> |
|
|
<p> If you find a new security problem, you can mail it to |
<p> If you find a new security problem, you can mail it to |
|
|
<ul> |
<ul> |
<li>A Future-Adaptable Password Scheme.<br> |
<li>A Future-Adaptable Password Scheme.<br> |
<a href=events.html#usenix99>Usenix 1999</a>, |
<a href=events.html#usenix99>Usenix 1999</a>, |
by <a href=mailto:provos@openbsd.org>Niels Provos<a/>, |
by <a href=mailto:provos@openbsd.org>Niels Provos</a>, |
<a href=mailto:dm@openbsd.org>David Mazieres</a>.<br> |
<a href=mailto:dm@openbsd.org>David Mazieres</a>.<br> |
<a href=papers/bcrypt-paper.ps>paper</a> and |
<a href=papers/bcrypt-paper.ps>paper</a> and |
<a href=papers/bcrypt-slides.ps>slides</a>. |
<a href=papers/bcrypt-slides.ps>slides</a>. |
|
|
<a href=papers/authgw-paper.ps>paper</a> and |
<a href=papers/authgw-paper.ps>paper</a> and |
<a href=papers/authgw-slides.ps>slides</a>. |
<a href=papers/authgw-slides.ps>slides</a>. |
<p> |
<p> |
<li>Encrypting Virtual Memory</a><br> |
<li>Encrypting Virtual Memory<br> |
<a href=events.html#sec2000>Usenix Security 2000</a>, |
<a href=events.html#sec2000>Usenix Security 2000</a>, |
<a href=mailto:provos@openbsd.org>Niels Provos</a>.<br> |
<a href=mailto:provos@openbsd.org>Niels Provos</a>.<br> |
<a href=papers/swapencrypt.ps>paper</a> and |
<a href=papers/swapencrypt.ps>paper</a> and |