Security and latency
The downside of things like OpenSSH certificates, Kerberos, and SSL is that the connection setup time will take longer; so, in most cases, you'll want to establish a connection and hold it open before you actually need it. That way you aren't constantly handling the cost of setup and teardown. Although this approach is suitable for things like connecting to remote message queues and file servers, it can pose a problem if you need a large number of clients to connect to a large number of servers. In that case, you might want to investigate hardening the perimeter and removing authentication entirely to speed things up.
September 2013 Issue 154 linux-magazine.com | Linuxpromagazine.com
Kurt Seifried is an Information Security Consultant specializing in Linux and networks since 1996. He often wonders how it is that technology works on a large scale but often fails on a small scale.
Buy this article as PDF
HP's annual Cyber Risk report offers a bleak look at the state of IT.
But what do the big numbers really mean?
.NET Core execution engine is the basis for cross-platform .NET implementations.
The Xnote trojan hides itself on the target system and will launch a variety of attacks on command.
Spammers go low-volume, and 90% of IE browsers are unpatched.
Adobe scrambles to release patches for vulnerable Flash Player.
Four-inch-long computer on a stick lets you boot a full Linux system from any HDMI display device.
New statute would require companies to report break-ins to consumers.
Weird data transfer technique avoids all standard security measures.
FIDO alliance declares the beginning of the end for old-style login authentication.