Language Selection

English French German Italian Portuguese Spanish

Five tips for improving Linux security

Filed under
Linux
Security
HowTos

What’s that you say? You don’t need to do anything about security on your Linux box because it’s Linux? Think again. Linux is an operating system that begs to be online, so it wants to be secure. Sure it’s fairly secure out of the box, but NO operating system is 100% secure if it’s, well, turned on. Here are five crucial Linux security tips.

1: Take advantage of the keyring

To many, this is an annoyance. You log in to your machine, your machine requests a connection to a network (or LDAP server, etc.), and you have to enter your keyring password. The temptation is to disable this feature by giving it an empty password and dismissing the warning that you’ll be transmitting unencrypted information (including passwords). This is not a good idea. Although you might think it a hassle, this feature/functionality is there for a reason — to encrypt sensitive passwords when they are sent over the wire.

2: Enforce user password update




More in Tux Machines

Linux 4.0-rc2

So rc2 missed the usual Sunday afternoon timing, because I spent most of the weekend debugging an issue that happened on an old Mac Mini I have around, and I hate making even early -rc releases with problems on machines that I have direct access to. Even if it only affected old machines that actual developers are unlikely to have or at least use. Today I got the patch from Daniel Vetter to fix it, so instead of doing a Sunday evening rc2, it's a Tuesday morning one. Go get it. It works better for the delay. Other than that little one-liner i915 fix? Not much, actually. It's been a very quiet week, for being this early in the release process. Sure, 3.19-rc2 was even smaller, so it continues a trend, but that was the xmas week. I hope this low volume is just because the 4.0 merge window itself was somewhat calmer than most recent releases. But I suspect the real reason is that the driver and networking trees from GregKH and davem are pending, and didn't make rc2. We'll see. Anyway, the shortlog is appended, and testing is appreciated, Linus Read more

6 Linux-y announcements from Mobile World Congress

I earlier wrote about how Linux invaded CES 2015. The domination continues at Mobile World Congress, which kicked off this week in Barcelona. Here are some of the major announcements from MWC that show that Linux has become an unstoppable force. Read more

Jolla shows off Sailfish tablet, promises ultra-secure phone

Jolla released Sailfish OS 2.0, showed off the first tablet to run the OS, and announced plans with SSH to develop a security-hardened version of Sailfish. Read more

New Ubuntu Phone Separates the App from the Data

As CIO Journal has noted, Mr. Shuttleworth envisions the rise of an Ubuntu-powered phone that runs desktop grade applications and plugs into peripherals such as large displays and keyboards. In other words, he is working to achieve true mobile-desktop-laptop convergence — the only computer you need, in your pocket, all the time. He tried to raise $32 million to fund development of such a phone, known as the Edge, in a widely publicized crowdfunding campaign on Indiegogo. The campaign ended in 2013, short of its goal. Read more