Security Leftovers
-
Security advisories for Tuesday
-
SELinux insides – Part2: Neverallow assertions
-
Researchers have disclosed severe security flaws within the firm's products over the holiday weekend.
Ormandy's disclosures were made at the same time another researcher's findings, Kristian Erik Hermansen, were posted online. Hermansen publicly disclosed a zero-day vulnerability within cyberforensics firm FireEye's security product, complete with proof-of-concept code.
-
Seagate drives at risk of data theft over hidden 'root' account
A public vulnerability disclosure warns that an attacker could remotely download files from an affected hard drive, thanks to the hard-coded default password.
-
HP Drops Support For Hacking Competition As Wassenaar Arrangement Continues To Make Computing Less Safe
An international agreement to treat certain software as weaponized is well on its way towards making computing less safe. Recent changes to the Wassenaar Arrangement -- originally crafted to regulate the sale of actual weapons -- have targeted exploits and malware. The US's proposed adoption of the Arrangement expands on the definitions of targeted "weapons," threatening to criminalize the work done by security researchers. While the Arrangement will likely have little effect on keeping weaponized software out of the hands of blacklisted entities, it could easily result in a laptop full of security research being treated like a footlocker full of assault weapons.
-
Duo Security Research Reveals Half of Apple iPhones on Corporate Networks Run Out-of-Date Versions of iOS
Duo Security, a cloud-based access security provider protecting the world's largest and fastest growing companies, today announced results from a Duo Labs research study focusing on mobile devices on corporate networks. Unpatched and end-of-life devices that are no longer supported by the manufacturer are much more prevalent than expected and create significant risk for corporate networks. The Duo Labs research draws on data gathered from thousands of customer deployments in more than 150 countries worldwide.
-
TSA Master Keys
Someone recently noticed a Washington Post story on the TSA that originally contained a detailed photograph of all the TSA master keys. It's now blurred out of the Washington Post story, but the image is still floating around the Internet. The whole thing neatly illustrates one of the main problems with backdoors, whether in cryptographic systems or physical systems: they're fragile.
-
A Tale of Three Backdoors
The tale of three backdoors: TSA locks, the CALEA interface, and the Dual_EC PRNG, all amply illustrate the dangers posed by backdoors in systems. For backdoors may fail catastrophically, degrade national security, and can potentially be used against those who demanded the backdoors in the first place. The scars born by the security field in dealing with failed backdoors provides ample illustration why we find the idea of backdoors troubling and dangerous.
- Login or register to post comments
- Printer-friendly version
- 1658 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago