Language Selection

English French German Italian Portuguese Spanish

Security

Evolution vs sha256, or why my new key is useless

Filed under
Software
Security

ubuntu-nl.org/dennis: There’s one problem though: even when you generate a new gpg key that supports better hashing, your applications will still need to support the better hashing for it to be effective.

They Came a Knockin and Webmin Let Them In

Filed under
Software
Security

thelinuxlink.net: Today was a sad day. I found out my streaming mirror/microblog server had been cracked. They exploited webmin and set up shop. Alas, there is no one to blame but myself. This is how I believe it went down.

10 Steps for Basic Linux Desktop Security

Filed under
Linux
Security
HowTos

linuxsysconfig.com: I agree that Linux is less vulnerable than Windows, but that doesn’t make it immune to attackers. It’s not always about security flaws, buffer overflows or denial of service attacks. I came up with a list of 10 basic rules that should reduce the security risk.

Do you need to worry about the new /dev/mem rootkit problem?

Filed under
Security

blog.ibeentoubuntu.com: A new paper was presented in late March about using /dev/mem to inject and hide a rootkit (PDF), and the method has been getting some press, leading to a little concern.

Synchronizing UNIX files with optimized security

Filed under
Security

This article covers cp, tar, and rsync, that can aid with the security of the synchronization of UNIX files

How To Chroot Apache 2 Web Server Under Red Hat / CentOS Linux

Filed under
Linux
Software
Security

A chroot on Red Hat / CentOS / Fedora Linux operating changes the apparent disk root directory for the Apache process and its children. Once this is done attacker or other php / perl / python scripts cannot access or name files outside that directory. This is called a "chroot jail" for Apache. You should never ever run a web server without jail. There should be privilege separation between web server and rest of the system.

Newly Discovered Kernel Vulnerabilities Affect All Ubuntu Users

Filed under
Security

news.softpedia.com: Yesterday, November 27th, the Ubuntu developers discovered yet another security issue (actually, more than one) in the Linux kernel packages. These vulnerabilities affect the following Ubuntu distributions: 6.06 LTS, 7.10, 8.04 LTS and 8.10 (also applies to Kubuntu, Edubuntu and Xubuntu).

Linux Virus: A False Sense Of Security

Filed under
Linux
Security

linuxhaxor.net: There seems to be a false sense of security among some Linux users. The number of malicious programs specifically written for GNU/Linux has been on the increase in recent years and in the year of 2005 alone has more than doubled: from 422 to 863.

Remote buffer overflow bug bites Linux Kernel

Filed under
Linux
Security

blogs.zdnet: A remote buffer overflow vulnerability in the Linux Kernel could be exploited by attackers to execute code or cripple affected systems, according to a Gentoo bug report that just became public.

Mac, Linux, BSD open for attack: Kaspersky

Filed under
Security

computerworld.com.au: Looming attacks will soon pop the security bubble enjoyed by Linux and Macintosh users, according to Russian security expert Eugene Kaspersky.

Syndicate content

More in Tux Machines

Beer and open source with Untappd

Greg Avola loves beer and coding. He loves beer so much that he made an app, Untappd, where users track their favorite brews. He loves coding so much that he wrote a book about mobile web development. According to him, if it weren't for open source software, his app—and the projects of many other developers—simply wouldn't exist. Read more in my interview with Greg about his open source journey, his favorite beer, and why check-in apps are still relevant. Read more

What is Docker, Really? Founder Solomon Hykes Explains

Docker has quickly become one of the most popular open source projects in cloud computing. With millions of Docker Engine downloads, hundreds of meetup groups in 40 countries and dozens upon dozens of companies announcing Docker integration, it's no wonder the less-than-two-year-old project ranked No. 2 overall behind OpenStack in Linux.com and The New Stack's top open cloud project survey. This meteoric rise is still puzzling, and somewhat problematic, however, for Docker, which is “just trying to keep up” with all of the attention and contributions it's receiving, said founder Solomon Hykes in his keynote at LinuxCon and CloudOpen on Thursday. Most people today who are aware of Docker don't necessarily understand how it works or even why it exists, he said, because they haven't actually used it. “Docker is very popular, it became popular very fast, and we're not really sure why,” Hykes said. “My personal theory … is that it was in the right place at the right time for a trend that's much bigger than Docker, and that is very important for all of us, that has to do with how applications are built.” Read more

LinuxCon and CloudOpen 2014 Keynote Videos Available

Video recordings of the LinuxCon and CloudOpen North America keynotes are now available on the Linux Foundation YouTube channel, and are embedded below, here. The event started Wednesday with Executive Director Jim Zemlin's “State of Linux” keynote at 9 a.m. Central, followed by a panel discussion of Linux kernel developers that included Linux Creator Linus Torvalds. Tomorrow morning keynotes will be streamed live (live video available here with login) and will be available later on in the day. You'll also find live updates on Linux Foundation Twitter,Facebook and Google+ channels and at the #LinuxCon and #CloudOpen hash tags, as well as more in-depth keynote coverage here on Linux.com. Read more

Another great experience in Fedora bug reporting: Wine font fix solves my web-browsing problem

Fedora‘s motto is “Freedom. Friends. Features. First.” I’m here to tell you Fedora lives up to that billing. Why do I say this now? I’ve just had another positive experience with Fedora, this time in finding a bug in my system, adding my information to an existing bug report and now seeing updated packages pushed to the Fedora 20 stable repositories and onto my system, where the problem has been fixed. Read more