Language Selection

English French German Italian Portuguese Spanish

Security

Mitro Releases a New Free & Open Source Password Manager

Filed under
OSS
Security

Today, Twitter acquired a password manager startup called Mitro. As part of the deal, Mitro will be releasing the source to its client and server code under the GPL.

Read more

DHS Wants To Help Developers Secure Open-Source Software

Filed under
OSS
Security

The Department of Homeland Security is funding a project aimed at protecting the nation's critical infrastructure and networks by providing tools that test for defects in open source and commercial software.

Read more

Tor anonymity service says unknown attackers compromised its network

Filed under
Moz/FF
OSS
Security

The Tor encryption service is a high-profile bastion of computer security, but the project appears to have been compromised earlier this year. Today, the Tor Project blog announced that an unknown party likely managed to gather information about people who were looking up hidden services — websites that users can operate and visit anonymously, like Silk Road — and could theoretically have compromised other parts of the network.

Read more

The security flaws in Tails Linux are not its only problem

Filed under
Security
Debian

If you want to use Tor, then Tails is your best friend. Tails is a version of Linux that sends data through the Tor network.

All Internet traffic to/from Tails goes through Tor, making it resistant to end user mistakes. Tails is not normally installed on a computer, instead it's run from a bootable DVD, USB flash drive or flash memory card. Compared to the Tor Browser Bundle, Tails is unquestionably the way to go. Ed Snowden uses it.

Read more

Also related:

Homeland Security gets into software security

Filed under
OSS
Security

Personally, while I still think the DHS is an unlikely sponsor for this project — the National Security Agency (NSA) or NIST seem like its more natural home — I think the SWAMP sounds like a very useful one-stop for anyone wanting to double-check their pre-production code for errors before release.

Read more

The world's most secure OS may have a serious problem

Filed under
GNU
Linux
Security
Debian

The Tails operating system is one of the most trusted platforms in cryptography, favored by Edward Snowden and booted up more than 11,000 times per day in May. But according to the security firm Exodus Intelligence, the program may not be as secure as many thought. The company says they've discovered an undisclosed vulnerability that will let attackers deanonymize Tails computers and even execute code remotely, potentially exposing users to malware attacks. Exodus is currently working with Tails to patch the bug, and expects to hand over a full report on the exploit next week.

Read more

Docker security with SELinux

Filed under
GNU
Linux
Server
Security

This article is based on a talk I gave at DockerCon this year. It will discuss Docker container security, where we are currently, and where we are headed.

Read more

Tor, trust and the NSA

Filed under
OSS
Security

Tor is an anonymizing network that’s designed to protect you by “bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location.”

That’s cool, but does Tor really guarantee you what you think or assume it does? I can’t say for sure, but when facing a state-sponsored entity with time and resources on its side, you cannot be too careful. At least if pays to know what other people think about Tor, especially when what they have to say runs counter to what you know, or what you think you know.

Read more

Avoid the Android vampire apps

Filed under
Android
Security

Some Android applications will drain your smartphone or tablet of battery life, storage or bandwidth like a blood-sucking fiend. Here's what's what with the worst of the worst.

Read more

Snowden on Dropbox: It’s hostile to privacy

Filed under
Software
Security

Dropbox is a very popular Cloud storage services, but is it good for the privacy-conscious?

According to Edward Snowden, it’s not.

In an interviewed published on GuardianNews, Snowden described Dropbox as “hostile to privacy.”

So what are the better alternatives. Snowden recommended Cloud storage services with zero-knowledge as a key feature.

Read more

Syndicate content

More in Tux Machines

LILO Boot-Loader Development To Cease At End Of Year

While most of you probably haven't used the LILO bootloader in years in place of GRUB(2), the developer of "LInux LOader" intends to cease development at the end of the year. This summer's intern, Eric Griffith, pointed out today an undated message on the LILO homepage about the bootloader project planning to end development at the end of 2015. Read more

Systemd Takes Over su, FCC Bans Open Source Firmware

Paul Carroty posted Friday of the news that Lennart Poettering merged an 'su' command replacement into systemd and Fedora Rawhide - coming to a Linux system near you next. Elsewhere, Hackaday.com's Brian Benchoff said new FCC regulations just killed Open Source firmware replacement and Phoronix.com today reported that LILO is being abandoned. Several polls caught my eye today as did the new Linux workstation security checklist. Read more

Accelerating Scientific Analysis with the SciDB Open Source Database System

Science is swimming in data. And, the already daunting task of managing and analyzing this information will only become more difficult as scientific instruments — especially those capable of delivering more than a petabyte (that’s a quadrillion bytes) of information per day — come online. Tackling these extreme data challenges will require a system that is easy enough for any scientist to use, that can effectively harness the power of ever-more-powerful supercomputers, and that is unified and extendable. This is where the Department of Energy’s (DOE) National Energy Research Scientific Computing Center’s (NERSC’s) implementation of SciDB comes in. Read more

Open Source GPU now out

Hoping that MIAOW is not a catastrophe An open saucy general-purpose graphics processor (GPGPU) has been unveiled at the Hot Chips event. The GPGPU is relatively crude and is part of another piece of an emerging open-source hardware platform called MIAOW. Read more Also: Nvidia Linux Video Driver 355.11 Adds Experimental OpenGL Support to EGL