Language Selection

English French German Italian Portuguese Spanish

Security

Open source software security: Who can you trust?

Filed under
OSS
Security

Fears of backdoors and heightened concerns about encryption software are running rampant.

Read more

Red Hat: Open source "more secure" than proprietary

Filed under
Red Hat
Security

Open source technologies are "more secure" than software that is developed in a proprietary way, Red Hat's JBoss middleware business unit general manager, Mike Piech, said in a meeting with journalists.

On the one hand, open source software code is freely available, which means that hackers will see how to hack it. But, on the other, there is also a vast community of people working to maintain open source software security.

Read more

Tails 1.1.1 is out

Filed under
GNU
Linux
Security
Debian

The next Tails release is scheduled for October 14.

Have a look to our roadmap to see where we are heading to.

Read more

Healthdirect Australia sees value in open source for security solution

Filed under
OSS
Security

Commonwealth and state/territory government funded public company, Healthdirect Australia, has used open source software to build an identity and access management (IAM) solution.

The IAM solution allows users to have one identity across all of its websites and applications. For example, users can sign in using their Facebook, LinkedIn or Gmail account.

Read more

Kali Tools Website Launched, 1.0.9 Released

Filed under
GNU
Linux
Security

Now that we have caught our breath after the Black Hat and DEF CON conferences, we have put aside some time to fix an annoying bug in our 1.0.8 ISO releases related to outdated firmware as well as regenerate fresh new ARM and VMware images (courtesy of Offensive Security) for our new 1.0.9 release.

Read more

Is Open Source an Open Invitation to Hack Webmail Encryption?

Filed under
OSS
Security

While the open source approach to software development has proven its value over and over again, the idea of opening up the code for security features to anyone with eyeballs still creates anxiety in some circles. Such worries are ill-founded, though.

One concern about opening up security code to anyone is that anyone will include the NSA, which has a habit of discovering vulnerabilities and sitting on them so it can exploit them at a later time. Such discoveries shouldn't be a cause of concern, argued Phil Zimmermann, creator of PGP, the encryption scheme Yahoo and Google will be using for their webmail.

Read more

Open source software: The question of security

Filed under
OSS
Security

The logic is understandable - how can a software with source code that can easily be viewed, accessed and changed have even a modicum of security?

opensource-security-question
Open source software is safer than many believe.
But with organizations around the globe deploying open source solutions in even some of the most mission-critical and security-sensitive environments, there is clearly something unaccounted for by that logic. According to a November 28 2013 Financial News article, some of the world's largest banks and exchanges, including Deutsche Bank and the New York Stock Exchange, have been active in open source projects and are operating their infrastructure on Linux, Apache and similar systems.

Read more

GNU hackers discover HACIENDA government surveillance and give us a way to fight back

Filed under
GNU
Security

GNU community members and collaborators have discovered threatening details about a five-country government surveillance program codenamed HACIENDA. The good news? Those same hackers have already worked out a free software countermeasure to thwart the program.

According to Heise newspaper, the intelligence agencies of the United States, Canada, United Kingdom, Australia, and New Zealand, have used HACIENDA to map every server in twenty-seven countries, employing a technique known as port scanning. The agencies have shared this map and use it to plan intrusions into the servers. Disturbingly, the HACIENDA system actually hijacks civilian computers to do some of its dirty work, allowing it to leach computing resources and cover its tracks.

Read more

Black Hat 2014: Open Source Could Solve Medical Device Security

Filed under
OSS
Security

On the topic of source code liability, Greer suggests that eventually software developers, including medical device development companies, will be responsible for the trouble their software causes (or fails to prevent). I think it’s fair to say that it is impossible to guarantee a totally secure system. You cannot prove a negative statement after all. Given enough time, most systems can be breached. So where does this potential liability end? What if my company has sloppy coding standards, no code reviews, or I use a third-party software library that has a vulnerability? Should hacking be considered foreseeable misuse?

Read more

Linux kernel devs made to finger their dongles before contributing code

Filed under
Development
Linux
Security

Beginning on Monday, the security of the Linux kernel source code has become a little bit tighter with the addition of two-factor authentication for the kernel's Git code repositories.

Contributing code changes to the Linux kernel sources at Kernel.org already required more than just a password, even before the change. Developers must use their own unique SSH public keys to login to the Git repositories. But not even this added security layer was truly failsafe – as the software's maintainers found out in 2011 when their servers were rooted.

Read more

Syndicate content

More in Tux Machines

Review: Simplicity Linux 15.4 alpha

Overall I give it 2 Thumbs Up on speed and layout of OS. If you have a computer with low resources, then this is an OS for you to try. Read more

Eurostat continues to share and use open source

Eurostat, the statistical office of the European Communities, continues to release as open source its ICT solutions. To date, Eurostat has shared 102 solutions on the European Commission’s Joinup platform. The statistical office has been using and sharing open source for more than a decade. Already in 2004 Eurostat’s ICT policy stipulated to consider open source software for all new projects. Read more

Excellent: Android Ecosystem is Low-Margin, Fragmenting

What the figures really show is that Apple is price-gouging its customers, extracting unreasonable levels of profit by virtue of its monopoly. In the world of Android, by contrast, the fierce competition that exists between fungible manufacturers has driven down profit margins to razor-thin levels. Open source, and the level playing field that it creates, is a great way for maximising the benefits to customers, rather than companies. Read more

Open source empowers Sintra health centre

Open source tools used by ACES Sintra include content management system Wordpress, combined with the usual LAMP stack: the MySQL database management system, the Apache web server, Linux for the server host and the PHP web development scripting language. The combination is used for the public website, but also for several internal Intranet project and team sites. The organisation implements Wiki websites, mainly for the IT department but also to maintain a list of frequently asked questions and their answers. Read more