Small Mosaic




Search Unixdaemon.net (+blog)
Search WWW

Categories:

/books
/career
/cloud
/codinghorrors
/events
/geekstuff
/justdont
/languages
/languages/bash
/linkshot
/magazines
/meta
/misctech
/movies
/nottech
/operatingsystems
/operatingsystems/linux
/operatingsystems/linux/debian
/operatingsystems/solaris
/perl
/presentations
/programming
/python
/ruby
/security
/security/apache
/security/tools
/serversmells
/services
/services/dns
/sites
/specifications
/sysadmin
/testing
/tools
/tools/commandline
/tools/firefox
/tools/gui
/tools/network
/tools/online
/tools/online/greasemonkey
/tools/puppet
/unixdaemon

Archives:

May 20131
April 20131
March 20131
February 20133
January 20135
July 20111
June 20112
May 20113
April 20112
March 20117
January 20111
Full Archives

Tue, 19 Apr 2011

HBGary Open Letter - Air Gap
Our source code has always been air gapped from the Internet. The forensic examination confirmed that software development servers and workstations were not affected by the incident -- from HBGary

Anyone else find it hard to accept that none of the developers, testers, documentation writers or build people ever accessed source code from their Internet connected laptops / workstations? Especially considering the state of their other security measures.

Don't get me wrong, in some cases it's a sensible solution ( off-line key signing for example) but for entire teams working on a shared code base?

Like this post? - Digg Me! | Add to del.icio.us! | reddit this!

Posted: 2011/04/19 13:33 | /security | Permanent link to this entry | This entry and same date

books career cloud codinghorrors events geekstuff justdont magazines meta misctech movies nottech operatingsystems/linux operatingsystems/linux/debian operatingsystems/solaris perl programming python ruby security security/tools serversmells services/dns sites sysadmin testing tools tools/commandline tools/firefox tools/gui tools/network tools/online tools/online/greasemonkey tools/puppet unixdaemon

Copyright © 2000-2010 Dean Wilson XML feed logo