Language Selection

English French German Italian Portuguese Spanish

Security

Nigori: Storing Secrets in the Cloud

Filed under
Software
Security

links.org: Nigori is a protocol for storing secrets in the cloud such that the storage need not be trusted and only a single password is required to access secrets.

It's called sudo

Filed under
Security

linuxinexile.blogspot: Organizations can no longer tolerate the security risks posed by intentional, accidental or indirect misuse of privileges. You will learn how to securely delegate privileges and authorization without disclosing the root password.

Web Browsers Leave 'Fingerprints' Behind as You Surf the Net

Filed under
Software
Security
Web

eff.org: New research by the Electronic Frontier Foundation (EFF) has found that an overwhelming majority of web browsers have unique signatures -- creating identifiable "fingerprints" that could be used to track you as you surf the Internet.

Open MySQL security holes

Filed under
Software
Security

h-online.com: Oracle's forthcoming version 5.1.47 of MySQL is said to contain several important security patches. The changelog states that the developers have closed three security holes which allow attackers to cause a server crash, obtain unauthorised database access or, in the worst case, inject arbitrary code and execute it on the server.

Botnets exploit Linux owners' ignorance

Filed under
Linux
Security

securecomputing.net: A lack of knowledge and awareness about how to use Linux mail servers could be contributing to the disproportionately large number of Linux machines being exploited to send spam, according to new Symantec Hosted Services research.

Good Security Practices On Linux

Filed under
Security

ghabuntu.com: Some time ago, the open source world was caught by surprise by the announcement of a malware for Linux, hidden in a screensaver for Gnome in gnome.look.org. Security in Linux (as with any operating system) is a matter of habit, then we will list some tips.

Apache.org hit by targeted XSS attack, passwords compromised

Filed under
Software
Security
Web

blogs.zdnet.com: Combining a cross-site scripting (XSS) vulnerability with a TinyURL redirect, hackers successfully broke into the infrastructure for the open-source Apache Foundation in what is being described as a “direct, targeted attack.”

KDE KDM Vulnerability Elevation of Privilage

Filed under
KDE
Security

freetechie.com: Sebastian Krahmer from the SUSE Security team has found a vulnerability in KDM which will allow a local user to elevate their privileges to root access.

A word (or two) about Linux desktop security

Filed under
Linux
Security

cristalinux.blogspot: When I wrote my Windows 7 vs. Ubuntu 10.04 Beta ARTICLE several days ago, I rated Ubuntu higher than Windows in terms of security. In hindsight, I think I was perhaps assuming certain bits and pieces, as well as maybe not thoroughly explaining why I thought that was the case.

OS of the Future: Built for Security

Filed under
OS
Software
Security

eweek.com: Led, somewhat ironically, by Microsoft Windows, operating system vendors and some other software vendors have been making their products more secure by default. They also have been providing tools and best-practice guidelines for application developers to improve security.

Syndicate content

More in Tux Machines

Cumulus Linux 2.5 adds mainstream L2 features to bare-metal switching

As Cumulus Networks attempts to expand beyond the early adopters of its Cumulus Linux bare-metal switch operating system, it is adding Layer 2 networking features aimed at making it easier for enterprises to make the transition from legacy environments to the IP fabrics that most cloud computing customers operate. Read more

SimplyTapp launches open source tokenization project

“We don’t want to put any hindrance in the way of a bank launching cloud-based payments because they have to buy or rely on another ecosystem player for new technology and so we thought it was a perfect use case for an open source project. Open source allows a perfect line of audit where you can actually see the source code, modify the source code and make updates to the source code for your environment before you’re running it. Read more

Google’s Nest buys Linux automation firm, adds five partners

Google’s Nest Labs acquired Revolv, a maker of Linux-based home automation devices, and announced five new Nest-compatible devices. including the Pebble. After Google acquired Nest Labs in January $3.2 billion, placing a stake in the fast-growing home automation business, Nest acquired home surveillance camera maker Dropcam in June for $555 million. Now Nest announced it has acquired another major home automation company in its purchase of Revolv. The acquisition, which was announced with no dollar amount, came shortly after the Boulder, Colo. based company announced compatibility with the Nest Learning Thermostat and Nest Protect CO/smoke detector. Read more

MozFest 2014 begins today

More than 1,600 participants from countries around the globe will gather at Ravensbourne in East London for a weekend of collaborating, building prototypes, designing innovative web literacy curricula and discussing how the ethos of the open web can contribute to the fields of science, journalism, advocacy and more. Read more