Language Selection

English French German Italian Portuguese Spanish

Security News

Filed under
Security
  • OpenSSL project releases patch to fix critical bug
  • Microsoft's monthlong patch delay could pose risks [Ed: Microsoft is in no hurry because there are back doors it knows about but keeps secret anyway]

    Microsoft has decided to bundle its February patches together with those scheduled for March, a move that at least some security experts disagree with.

    "I was surprised to learn that Microsoft wants to postpone by a full month," said Carsten Eiram, the chief research officer at vulnerability intelligence firm Risk Based Security, via email. "Even without knowing all the details, I find such a decision very hard to justify. They are aware of vulnerabilities in their products and have developed fixes; those should always be made available to customers in a timely fashion."

    Microsoft took everyone by surprise on Tuesday when it announced that this month's patches had to be delayed because of a "last minute issue" that could have had an impact on customers. The company did not initially specify for how long the patches will be postponed, which likely threw a wre

  • Zero-day flaw around, but Microsoft updates delayed by a month
  • Microsoft misses regular security fix date

    Microsoft has delayed the release of a security update that would have fixed a vulnerability cyber thieves are known to be exploiting.

    The fix was to be released as part of Microsoft's regular monthly security update for its Windows software.

  • How Google reinvented security and eliminated the need for firewalls

    In some ways, Google is like every other large enterprise. It had the typical defensive security posture based on the concept that the enterprise is your castle and security involves building moats and walls to protect the perimeter.

    Over time, however, that perimeter developed holes as Google’s increasingly mobile workforce, scattered around the world, demanded access to the network. And employees complained about having to go through a sometimes slow, unreliable VPN. On top of that, Google, like everyone else, was moving to the cloud, which was also outside of the castle.

  • No Firewalls, No Problem for Google

    On Tuesday at RSA Conference, Google shared the seven-year journey of its internal BeyondCorp rollout where it affirms trust based on what it knows about its users and devices connecting to its networks. And all of this is done at the expense—or lack thereof—of firewalls and traditional network security gear.

  • Android Phone Hacks Could Unlock Millions of Cars

More in Tux Machines

OSS Leftovers

  • Nextcloud 12 Officially Released, Adds New Architecture for Massive Scalability
    Nextcloud informs Softpedia today about the official availability of the final release of Nextcloud 12, a major milestone of the self-hosting cloud server technology that introduces numerous new features and improvements. The biggest new feature of the Nextcloud 12 release appears to be the introduction of a new architecture for massive scalability, called Global Scale, which is a next-generation open-source technology for syncing and sharing files. Global Scale increases scalability from tens of thousands of users to hundreds of millions on a single instance, while helping universities and other institutions significantly reduce the costs of their existing large installations.
  • ReactOS 0.4.5 Open-Source Windows-Compatible OS Launches with Many Improvements
    ReactOS 0.4.5 is a maintenance update that adds numerous changes and improvements over the previous point release. The kernel has been updated in this version to improve the FreeLoader and UEFI booting, as well as the Plug and Play modules, adding support for more computers to boot ReactOS without issues.
  • Sprint Debuts Open Source NFV/SDN Platform Developed with Intel Labs
    AT&T has been the headliner in the carrier race to software defined networking (SDN) and network function virtualization (NFV). But Sprint is putting its own stamp on the space this week with its debut of a new open source SDN/NFV mobile core solution.
  • Google’s New Home for All Things Open Source Runs Deep
    Google is not only one of the biggest contributors to the open source community but also has a strong track record of delivering open source tools and platforms that give birth to robust technology ecosystems. Just witness the momentum that Android and Kubernetes now have. Recently, Google launched a new home for its open source projects, processes, and initiatives. The site runs deep and has several avenues worth investigating. Here is a tour and some highlights worth noting.
  • Making your first open source contribution
  • Simplify expense reports with Smart Receipts
    The app is called Smart Receipts, it's licensed AGPL 3.0, and the source code is available on GitHub for Android and iOS.
  • How the TensorFlow team handles open source support
    Open-sourcing is more than throwing code over the wall and hoping somebody uses it. I knew this in theory, but being part of the TensorFlow team at Google has opened my eyes to how many different elements you need to build a community around a piece of software.
  • IRC for the 21st Century: Introducing Riot
    Internet relay chat (IRC) is one of the oldest chat protocols around and still popular in many open source communities. IRC's best strengths are as a decentralized and open communication method, making it easy for anyone to participate by running a network of their own. There are also a variety of clients and bots available for IRC.

Tizen News: Phones and TVs

  • Tizen 3.0-powered Samsung Z4 now available with offline retailers in india
    The Samsung Z4, the fourth smartphone in Samsung’s Z series and a successor to the Z2 (and not the Z3, as many would assume), has been formally announced and made an appearance at the Tizen Developer Conference (TDC 2017) this past week. The Z4 was rumoured to make its way to India on May 19th (Friday) and it did – arriving with offline retailers after launching in the country last Monday (one week ago).
  • Samsung 2017 QLED TVs World First to support autocalibration for HDR
  • Samsung approves You.i TV video platform for Tizen TV app development
    While Samsung has developed Tizen TV apps using JavaScript, You.i TV’s Engine Video app runs on Native Client (NACL), a web technology that does not only allows C++ applications to run in a standard browser but is said to be 24 times faster than JavaScript. Now that Samsung has approved You.i TV’s video engine platform, developers can craft more video content for Tizen Smart TV owners.
  • Samsung Smart TV gets a new Glympse app that enables location sharing on the TV
    Samsung Smart TV, powered by the intuitive, self-developed Tizen operating system, has gotten a cool new app which enables consumers to view the location of their friends, loved ones or even a pizza delivery or cable technician in real-time directly from their home’s largest screen. The new app is developed by Glympse, the leading real-time location services platform.

How To Encrypt DNS Traffic In Linux Using DNSCrypt

​Dnscrypt is a protocol that is used to improve DNS security by authenticating communications between a DNS client and a DNS resolver. DNSCrypt prevents DNS spoofing. It uses cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven’t been tampered with. DNSCrypt is available for multi-platforms including Windows, MacOS, Unix, Android, iOS, Linux and even routers. Read
more

Debian-Based Untangle 13.0 Linux Firewall Tackles Bufferbloat, Adds New Features

Untangle NG Firewall, the open-source and powerful Debian-based network security platform featuring pluggable modules for network apps, has been updated to version 13.0, a major release adding new features and numerous improvements. The biggest improvement brought by the Untangle NG Firewall 13.0 release is to the poor latency generated by excess buffering in networking equipment, called bufferbloat, by supporting a queueing algorithm designed to optimize QoS and bandwidth to enforce a controlled delay. Read more