Language Selection

English French German Italian Portuguese Spanish

Security

Git 2.2.1 Released To Fix Critical Security Issue

Filed under
Development
OSS
Security

Today's Git vulnerability affects those using the Git client on case-insensitive file-systems. On case-insensitive platforms like Windows and OS X, committing to .Git/config could overwrite the user's .git/config and could lead to arbitrary code execution. Fortunately with most Phoronix readers out there running Linux, this isn't an issue thanks to case-sensitive file-systems.

Read more

How Linux containers can solve a problem for defense virtualization

Filed under
GNU
Linux
Security

As the virtualization of U.S. defense agencies commences, the technology’s many attributes—and drawbacks—are becoming apparent.

Virtualization has enabled users to pack more computing power in a smaller space than ever before. It has also created an abstraction layer between the operating system and hardware, which gives users choice, flexibility, vendor competition and best value for their requirements. But there is a price to be paid in the form of expensive and cumbersome equipment, software licensing and acquisition fees, and long install times and patch cycles.

Read more

Linux Malware vs Phishing Schemes

Filed under
GNU
Linux
Security

For years now, we’ve been told about the dangers of how various types of malware like worms and other threats were going to catch the growing Linux user base off guard. As of the year 2014, nothing remotely close to this has happened. Malware exists, but for desktop Linux users, it’s a non-issue.

Despite this fact, there continues to be rumors that malware "could" affect desktop Linux users. It seems the mere "threat" holds greater proof of concept than the reality that no one is actually seeing malware threats on their Linux desktop.

In this article, I’ll examine current threats to the Linux desktop and explain why I believe phishing is far more dangerous to most Linux users than malware.

Read more

Report: IoT Improving Code Quality in Open Source Java Projects

Filed under
OSS
Security

Mountain View, Calif.-based software testing company Coverity has just released a new Scan report, this one focused on open-source big data projects and the impact of the Internet of Things (IoT) on the quality of those projects. In a nutshell, the report concludes that IoT and the tsunami of data that phenomenon is expected to generate over the next decade is actually having a positive affect on code quality. Among the largest big data projects in this Scan -- Apache Hadoop, Hbase and Cassandra -- quality has improved steadily, the report's authors found.

Read more

Is commercial open source more secure than proprietary alternatives?

Filed under
OSS
Security

In summary, IT professionals are gravitating to commercial open source for security and privacy now more so than ever. Gone are the days when cost considerations led the decision to move to open source; today, IT professionals value commercial open source for business continuity, quality and control. On the horizon, expect to see broader adoption of commercial open source. In fact, the most telling result of the Ponemon Institute survey may be the coming exodus from proprietary to commercial open source software, particularly when it comes to collaboration.

Read more

Docker Updates for Three Security Vulnerabilities

Filed under
OSS
Security

The open-source Docker project has updated the Docker engine for container virtualization to version 1.3.3, fixing a trio of security vulnerabilities. The security advisories for the Docker vulnerabilities were first publicly released on Dec. 11 although not every vendor in the Docker ecosystem has been in a hurry to update. Docker has emerged over the course of 2014 to become a popular technology for application virtualization and now has the support of Amazon, IBM, VMware, Microsoft and Red Hat, among others.

Read more

Antivirus Live CD Will Disinfect Your Windows OS

Filed under
Linux
Security

Antivirus Live CD is a Linux distribution based on 4MLinux that includes the ClamAV scanner. It's built for system admins who need a lightweight live CD with an antivirus scanner. A new versions has been released and is now available for download.

Read more

Using encryption on Android – A rant

Filed under
Android
Security

Not every email client for Android out there supports encryption; and when it does, it does not work like Enigmail: you must first install the email client, set it up; then install an app that enables the use of GPG (APG or GnuPG for Android); then you have supposedly and through a reasonably secure process sent your full GPG keys to your phone (SD card or the internal memory).

Read more

Multiple X.Org Vulnerabilities Found, One Is from 1987

Filed under
Graphics/Benchmarks
Security

One of the most important features of the open source development community is its ability to self-correct, even if it takes a very long time. A number of issues in X servers have been corrected recently, and some of them were actually very old. The record holder is a bug introduced back in 1987.

Read more

Linux Turla Malware Infection? Not Going to Happen.

Filed under
GNU
Linux
Security

This code simply isn't in any Linux repository.

That means one must intentionally deviate and go outside of the keyring-protected repo of applications 'into the wild' to obtain this rogue software.

By definition, a trojan, requires one to install the application and then explicitly run it to have its 'payload' execute.

Read more

Syndicate content

More in Tux Machines

digiKam Software Collection 4.6.0 released...

The digiKam Team is proud to announce the release of digiKam Software Collection 4.6.0. This release includes many bugs fixes in Image Editor and Batch Queue Mananger. Thanks to Maik Qualmann and Jan Wolter to propose patches in KDE bugzilla. See the new list of the issues closed in digiKam 4.6.0 available through the KDE Bugs-tracking System. Read more

What Does It Mean for Your Computer to Be Loyal?

We say that running free software on your computer means that its operation is under your control. Implicitly this presupposes that your computer will do what your programs tell it to do, and no more. In other words, that your computer will be loyal to you. In 1990 we took that for granted; nowadays, many computers are designed to be disloyal to their users. It has become necessary to spell out what it means for your computer to be a loyal platform that obeys your decisions, which you express by telling it to run certain programs. Read more