Language Selection

English French German Italian Portuguese Spanish

Security

Critical 0-days in open source? The problem isn't code, it's CASH

Filed under
OSS
Security

Linux Foundation Executive Director Jim Zemlin thinks the information security world needs fewer surgeons and more personal trainers, and he's putting his organization's money where his mouth is.

Speaking at this year's Linux Foundation Collaboration Summit, an invite-only event taking place this week in Santa Rosa, California, Zemlin took a break from his customary Linux and open source cheerleading to stress that the open source community needs to do more to address security.

Read more

Hostkey rotation, redux

Filed under
Security
BSD

A couple of weeks ago I described the host key rotation support forthcoming in OpenSSH 6.8. Almost immediately after smugly declaring "mission accomplished", the bug reports started rolling in. First Mike Larkin noticed an interaction with ssh's CheckHostIP option that would cause host key warnings, then Theo de Raadt complained about the new code unnecessarily rewriting known_hosts when no changes needed to be made, finally Philipp Kern and Jann Horn pointed out a way for a hostile server to abuse the extension.

Read more

Multiple PostgreSQL Vulnerabilities Corrected in All Supported Ubuntu OSes

Filed under
Security
Ubuntu

Ubuntu 14.10, Ubuntu 14.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems have been updated in order to fix a number of PostgreSQL vulnerabilities discovered to affect them.

Read more

End of the m0n0wall project

Filed under
Security
BSD

on this day 12 years ago, I have released the first version of m0n0wall to the public. In theory, one could still run that version - pb1 it was called - on a suitably old PC and use it to control the Internet access of a small LAN (not that it would be recommended security-wise). However, the world keeps turning, and while m0n0wall has made an effort to keep up, there are now better solutions available and under active development.

Read more

NSA approves Samsung and Boeing mobile devices for employee use

Filed under
Android
Security

Samsung’s products include the Galaxy S4/S5, Galaxy S5 with KNOX, Galaxy Note 3, Galaxy Note 10.1 2014 Edition, Galaxy Note 10.1 2014 Edition with KNOX 2, Galaxy Note Edge with KNOX 2, Galaxy Tab S 8.4 and 10.5 LTE with KNOX 2, and the Galaxy Alpha with KNOX 2. For Samsung, Knox provides the added security features key to making the grade in the CSfC program.

Read more

Tails 1.3 RC1 Out Now, Edward Snowden’s Favorite Incognito Live CD

Filed under
Security

The first Release Candidate (RC) version of the forthcoming Tails 1.3 amnesic incognito live system has been officially released for testing, bringing three major new features and four minor improvements that are described for your reading pleasure in the next paragraphs.

Read more

The Open-Source Question

Filed under
OSS
Security

You’d be forgiven for thinking that the tech world is a loathsome hotbed of rapacious venture capitalists, airheaded trend-riders, and publicity hounds. That’s the image presented by much of the tech press, which prizes stories about the Montgomery Burnses of the tech world over ones about its more idealistic denizens.

Read more

Security Onion: A Linux Distro For IDS, NSM, And Log Management

Filed under
GNU
Linux
Security

Security Onion is a Linux distribution for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, Sguil, Squert, Snorby, ELSA, Xplico, Network Miner, and many other security tools. Security Onion is a platform that allows you to monitor your network for security alerts. It’s simple enough to run in small environments without many issues and allows advanced users to deploy distributed systems that can be used in network enterprise type environments.

Read more

Network Security Toolkit Is Based on Fedora 20 Using Linux Kernel 3.18.5

Filed under
Linux
Red Hat
Security

The famous Network Security Toolkit (NST) computer operating system used by many network administrators and security specialists to analyze and monitor networks, as well as to tighten the security of computer networks, received an update on February 9, 2015. The version is now Network Security Toolkit 20 SVN 6535.

Read more

Answering the Call for Werner Koch’s Everywhere

Filed under
GNU
Security

This past week the person who manages one of the world’s most important cryptography projects, Werner Koch, went from going broke to raising more than $100,000 for his project, GNU Privacy Guard. This is in addition to the $60,000 The Linux Foundation’s Core Infrastructure Initiative (CII) dedicated to Werner last month. GnuPG is used not just to encrypt and authenticate email but provides the confirmation that software packages and releases are what they claim to be. Facebook, Stripe and others are answering the calls to support the individuals who are developing the world’s most critical digital infrastructure.

Read more

Syndicate content

More in Tux Machines

Leftovers: Gaming

Fedora: The Latest

Leftovers: KDE

  • ocs-client GSoC
    So my GSoC is coming to its end. I have no cool screenshots to upload this time and I have no new great features to talk about, in fact Caludio and I manly focused on bugfixing and testing. We have spent time also discussing about possible changes and improvements to the current OCS protocol. So is the client ready do be lunched? In short I would say that no, not yet.. although most of its features are implemented and it is usable, it is still an “under construction” project, we both still have to make some important decisions to make it usable to everyone.
  • The Fiber Engine Poll, Updates, and Breeze
  • Bringing Akonadi Next up to speed
    and refactoring it again, to make sure the codebase remains as clean as possible. The result of that is that an implementation of a simple resource only takes a couple of template instantiations, apart from code that interacts with the datasource (e.g. your IMAP Server) which I obviously can’t do for the resource.
  • New linter integration plugins for KDevelop
  • Artikulate Plans for Randa
    Language learning is often considered as the task of memorizing new vocabulary and understanding the new grammar rules. Yet for most, the most challenging part is to actually get used to speak the new language. This is a problem that Artikulate approaches with a simple idea: to learn the correct pronunciation of a word or even a longer phrase, the learner listens to a native speaker recording, repeats and recordings it, and finally compares both recordings to improve herself/himself with the next try.

Tails 1.5.1 is out

Tails, The Amnesic Incognito Live System, version 1.5.1, is out. This is an emergency release, triggered by an unscheduled Firefox release meant to fix critical security issues. Read more