Language Selection

English French German Italian Portuguese Spanish

Security

Linux 101: Best practice for security integrity auditing and recovery

Filed under
Security

Two critical security considerations that are closely related to one another are ignored all too often: integrity auditing and recovery. This document is an overview of good security integrity auditing and recovery practices using a Linux operating system.

Preventing Buffer Overflow Exploits

Filed under
Security

Internet servers, including Web, e-mail, and FTP servers have long been a target of different kinds of attacks aiming to disable them from providing services to their respective users. One particular exploit, which has become almost ubiquitous in the last several years, is the buffer overflow exploit.

How Relevant is the Homeland Security Grant?

Filed under
Security

Three organizations--Stanford University, Coverity, and Symantec--recently received a Department of Homeland Security grant to assist open source projects in tightening their code with automated code-checking. The question is, will this help be welcome? LinuxPlanet speaks with Coverity's CTO and founder as well as Linus Torvalds to see just how useful Coverity's defect reports have been.

Users get to the root of Linux security holes

Filed under
Security

"I believe that Linux needs to get rid of 'root.' Root is not a user; root is a capability to surpass security. As long as that capability exists, there will be ways to hack it."

Linux Kernel SEARCH_BINARY_HANDLER Local Denial of Service Vulnerability

Filed under
Security

Linux kernel is susceptible to a local denial of service vulnerability. Linux kernel 2.4 versions on 64-bit x86 architectures prior to 2.4.33-pre1 are affected.

U.S. government wrestles Google for search records

Filed under
Security

The U.S. government is asking a California court to force Google Inc. to turn over information about usage of the company's search engine for finding pornography on the Internet.

Linux vendors stepping up their focus on security

Filed under
Security

Customers should expect to see enhanced, easier-to-use security tools from leading Linux distributors in the coming months as vendors focus on making the platform tough enough to support even the most critical business applications.

Bug Bounty Hunters Spot Flaw In Linux AV

Filed under
Security

3Com has identified a vulnerability in a popular Linux anti-virus program, the fourth time bug bounty hunters have cashed in on the reward the company's TippingPoint division pays for digging up software flaws.

Developer.com's Security Product of the Year Award

Filed under
Security

With the rising importance of implementing solid information security, one can imagine the proliferation of security products. Which one should you choose? What are your peers using, and why? Let me review the top five finalists for security products based on Developer.com's year-end product reviews. I'll end the discussion with 2005's winner. Here's what the industry is saying about five solid security products!

Syndicate content

More in Tux Machines

LAS 2018

  • LAS 2018
    This month I was at my second Libre Application Summit in Denver. A smaller event than GUADEC but personally was my favorite conference so far. One of the main goals of LAS has been to be a place for multiple platforms to discuss the desktop space and not just be a GNOME event. This year two KDE members, @aleixpol and Albert Astals Cid, who spoke about release cycle of KDE Applications, Plasma, and the history of Qt. It is always interesting to see how another project solves the same problems and where there is overlap. The elementary folks were there since this is @cassidyjames home turf who had a great “It’s Not Always Techincal” talk as well as a talk with @danrabbit about AppCenter which are both very important areas the GNOME Project needs to improve in. I also enjoyed meeting a few other community members such as @Philip-Scott and talk about their use of elementary’s platform.
  • Developer Center Initiative – Meeting Summary 21st September
    Since last blog post there’s been two Developer Center meetings held in coordination with LAS GNOME Sunday the 9th September and again Friday the 21st September. Unfortunately I couldn’t attend the LAS GNOME meeting, but I’ll cover the general progress made here.

The "Chinese EPYC" Hygon Dhyana CPU Support Still Getting Squared Away For Linux

Back in June is when the Linux kernel patches appeared for the Hygon Dhyana, the new x86 processors based on AMD Zen/EPYC technology licensed by Chengdu Haiguang IC Design Co for use in Chinese data-centers. While the patches have been out for months, they haven't reached the mainline kernel quite yet but that might change next cycle. The Hygon Dyhana Linux kernel patches have gone through several revisions and the code is mostly adapting existing AMD Linux kernel code paths for Zen/EPYC to do the same on these new processors. While these initial Hygon CPUs appear to basically be re-branded EPYC CPUs, the identifiers are different as rather than AMD Family 17h, it's now Family 18h and the CPU Vendor ID is "HygonGenuine" and carries a new PCI Express device vendor ID, etc. So the different areas of the kernel from CPUFreq to KVM/Xen virtualization to Spectre V2 mitigations had to be updated for the correct behavior. Read more

Good Support For Wayland Remote Desktop Handling On Track For KDE Plasma 5.15

The KDE Plasma 5.15 release due out next year will likely be in good shape for Wayland remote desktop handling. The KDE Plasma/KWin developers have been pursuing Wayland remote desktop support along a similar route to the GNOME Shell camp by making use of PipeWire and the XDG-Desktop-Portal. Bits are already in place for KDE Plasma 5.13 and the upcoming 5.14 release, but for the 5.15 release is now where it sounds like the support may be in good shape for end-users. Read more

Linux developers threaten to pull “kill switch”

Linux powers the internet, the Android in your pocket, and perhaps even some of your household appliances. A controversy over politics is now seeing some of its developers threatening to withdraw the license to all of their code, potentially destroying or making the whole Linux kernel unusable for a very long time. Read more