Language Selection

English French German Italian Portuguese Spanish

Security wars: Novell SELinux killer rattles Red Hat

Filed under
Linux

Novell Inc. of Provo, Utah, has released the source code for its recently acquired open-source Linux security application, AppArmor, and has also set up a project site in hopes of attracting outside developers to further refine the program. The release of the software has sparked debate in the open-source community, however. Novell stressed that AppArmor is easier to use than another open-source program called SELinux.

First developed by the National Security Agency, SELinux tackles the same job of mandatory access control (MAC) with an unrelenting thoroughness, though it has a reputation for being difficult to manage. "There needs to be a better way to deploy [MAC] so that the average systems administrator doesn't need to go through three weeks of training," said Frank Rego, products manager for Novell. Some observers fear that the AppArmor project will fracture the open-source development community around the demanding science of MAC. "In my opinion, Novell wants to split the market," said Dan Walsh, the principal software engineer of Red Hat Inc. of Raleigh, N.C. Both Red Hat and Novell offer enterprise class Linux distributions. "Rather than working with the open-source community [on SELinux], Novell has thrown out its own competing version." Novell acquired AppArmor last May when it purchased Immunix Inc., which developed the software. Novell has made the application, along with its source code, freely available on the site under the GNU Public License.

Full Story.

More in Tux Machines

35 Open Source Tools for the Internet of Things

In a nutshell, IoT is about using smart devices to collect data that is transmitted via the Internet to other devices. It's closely related to machine-to-machine (M2M) technology. While the concept had been around for some time, the term "Internet of Things" was first used in 1999 by Kevin Ashton, who was a Procter & Gamble employee at the time. Read more

IoT tinkerers get new Linux hub & open platforms

Cloud Media, the maker of entertainment box Popcorn Hour, launched a project on Kickstarter, Inc. that will add to the growing number of smart hubs for people to connect and control smart devices. Called the STACK Box, it features a Cavium ARM11 core processor, 256MB DDR3 RAM, 512MB flash, SD slot, 802.11n WiFi, Bluetooth LE 4.0, Z-Wave, standard 10/100 Ethernet port, optional X10 wired communication, 5 USB 2.0 ports, RS-232 port, 2 optocoupler I/O, Xbee Bus, Raspberry Pi-compatible 26-pin bus and runs Linus Kernel 3.10. IT also features optional wireless communications for Dust Networks and Insteon with RF433/315, EnOcean, ZigBee, XBee, DCLink, RFID, IR coming soon. Read more

Citrix and Google partner to bring native enterprise features to Chromebooks

Chromebooks are making inroads into the education sector, and a push is coming for the enterprise with new native Chrome capabilities from Citrix. Google and Citrix have announced Citrix Receiver for Chrome, a native app for the Chromebook which has direct access to the system resources, including printing, audio, and video. To provide the security needed for the enterprise, the new Citrix app assigns a unique Receiver ID to each device for monitoring, seamless Clipboard integration across remote and local applications, end user experience monitoring with HDX Insight, and direct SSL connections. Read more

Is Open Source an Open Invitation to Hack Webmail Encryption?

While the open source approach to software development has proven its value over and over again, the idea of opening up the code for security features to anyone with eyeballs still creates anxiety in some circles. Such worries are ill-founded, though. One concern about opening up security code to anyone is that anyone will include the NSA, which has a habit of discovering vulnerabilities and sitting on them so it can exploit them at a later time. Such discoveries shouldn't be a cause of concern, argued Phil Zimmermann, creator of PGP, the encryption scheme Yahoo and Google will be using for their webmail. Read more