Language Selection

English French German Italian Portuguese Spanish

Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping

Filed under
GNU
Linux

The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates included in Internet discussions such as this one indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn't be surprising if the actual number is much higher. Web applications, e-mail programs, and other code that use the library are vulnerable to exploits that allow attackers monitoring connections to silently decode encrypted traffic passing between end users and servers.

Read more ►

More in Tux Machines

Linux Mint 18 Final

Red Hat News

Is Canonical the Victim of High Expectations?

When Ubuntu was new, those who questioned it were mostly Debian developers, disgruntled because they were not hired or because Ubuntu failed to acknowledge its debt to Debian. Today, however, a vocal minority seems to view Canonical Software, the company behind Ubuntu, as a Microsoft in the making. From being the uncritical darling of open source, Canonical is closely and cynically scrutinized, and its motives constantly questioned. So how did this transformation happen? Suspicion about corporations is hardly new in open source, yet Canonical seems singled out in a way that SUSE or Red Hat only occasionally are. Read more

Permabit offers deduplication to Linux masses – almost

Permabit has moved beyond OEMs, making the latest release of its dedupe technology available as a Linux software package so that ISVs, professional services folks and systems integrators in its Hybrid Cloud Professional Services partners programme can use it. Previously it was available to OEMs in Albireo (dedupe) and Virtual Data Optimizer or Virtual Data Optimizer, VDO (dedupe+compression+thin provisioning) form. VDO v6 is designed for the cloud service provider market, Permabit says, and the VDO for Hybrid Cloud package simplifies VDO installation and configuration in Red Hat Enterprise Linux (RHEL) data centres. Read more