Language Selection

English French German Italian Portuguese Spanish

Red Hat Risk Reflex (The Linux Security Flaw That Isn't)

Filed under
Red Hat
Security

News headlines screaming that yet another Microsoft Windows vulnerability has been discovered, is in the wild or has just been patched are two a penny. Such has it ever been. News headlines declaring that a 'major security problem' has been found with Linux are a different kettle of fish. So when reports of an attack that could circumvent verification of X.509 security certificates, and by so doing bypass both secure sockets layer (SSL) and Transport Layer Security (TLS) website protection, people sat up and took notice. Warnings have appeared that recount how the vulnerability can impact upon Debian, Red Hat and Ubuntu distributions. Red Hat itself issued an advisory warning that "GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification... An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid." In all, at least 200 operating systems actually use GnuTLS when it comes to implementing SSL and TLS and the knock-on effect could mean that web applications and email alike are vulnerable to attack. And it's all Linux's fault. Or is it?

Read more ►

More in Tux Machines

Portugal engineering lab: facts favour open source

Open source should win. This type of software is more reliable, more stable and provides more flexibility than proprietary software, says João Marcelino, an engineer working for Laboratório Nacional de Engenharia Civil (National Laboratory for Civil Engineering, LNEC), a state-owned research and development institution. On top of that, the software lets organisations inspect and audit the code without restriction. Read more

Redmond’s ‘Free’ Gambit

Last week, I had to laugh aloud at Microsoft’s announcement that Windows 10 would be offered as a free upgrade for users of both Windows 7 and Windows 8. This was a strange synchronicity, as I’d wondered allowed in an article earlier in the week, “If Microsoft can’t give Windows away for free on the laptop, how long will it be able to continue selling it on the desktop?” It was a rhetorical question, with no answer expected, but I got one anyway: Not too long. Read more

Open source empowers city archive Hospitalet

Open source has modernised the archive of the Catalan city of Hospitalet de Llobregat (Spain). The software helps manage the administrative records, but also allows easy access to historical records. This facilitates research and education, and enables public information dissemination. For its historical records, the Hospitalet city archive implements ICA-Atom, a web-based and open source archive solution. Read more

2015 X.Org Elections Get Underway For Board Members, SPI Merger

The election process is beginning for selecting new X.Org Foundation board members and for allowing X.Org members to vote on whether they would like to proceed with joining SPI to become a sub-project of that organization so that they'll take care of the business and administrative tasks. Read more