Language Selection

English French German Italian Portuguese Spanish

Security

Debian 8 Gets New Kernel Update, Five Vulnerabilities and a Regression Patched

Filed under
Security
Debian

Exactly one week after the release of the major kernel update for the Debian GNU/Linux 8 "Jessie" operating system on June 28, the Debian Project, through Salvatore Bonaccorso, has released a new Linux kernel security update.

Read more

Parsix GNU/Linux 8.10 and 8.5 Get the Latest Debian Security Fixes, Update Now

Filed under
GNU
Linux
Security
Debian

A few hours ago, the development team behind Parsix GNU/Linux, a Debian-based computer operating system sporting the modern GNOME 3 desktop environment, has announced that new security fixes are available for the stable Parsix GNU/Linux 8.5 "Atticus" distribution, and upcoming Parsix GNU/Linux 8.10 "Erik" release.

Read more

Security Leftovers

Filed under
Security

Network Security Toolkit (NST) Linux OS Released Based on Fedora 24, Linux 4.6

Filed under
Red Hat
Security

Today, July 4, 2016, Ronald Henderson has announced the release of a new version of the Fedora-based Network Security Toolkit (NST) Linux distribution for network security analysis and monitoring.

Read more

Security Leftovers

Filed under
Security
  • Progress Towards 100% HTTPS, June 2016
  • Exploiting Recursion in the Linux Kernel
  • Home Computers Connected to the Internet Aren't Private, Court Rules [iophk: "MS Windows == insecure, therefore all computer are game"]

    A judge in Virginia rules that people should have no expectation of privacy on their home PCs because no connected computer "is immune from invasion."
    A federal judge for the Eastern District of Virginia has ruled that the user of any computer that connects to the Internet should not have an expectation of privacy because computer security is ineffectual at stopping hackers.

    The June 23 ruling came in one of the many cases resulting from the FBI's infiltration of PlayPen, a hidden service on the Tor network that acted as a hub for child exploitation, and the subsequent prosecution of hundreds of individuals. To identify suspects, the FBI took control of PlayPen for two weeks and used, what it calls, a "network investigative technique," or NIT—a program that runs on a visitor's computer and identifies their Internet address.

Security Leftovers

Filed under
Security
  • 11 essential data security tips for travelers [iophk: "unfortunately VPNs have dated crypto"]

    I travel all over the world for my job, and for my hobbies. Although there are still plenty of places I haven't been, I've visited enough foreign countries that I don't deny it when someone calls me a world traveler. Over the years, I've experienced my fair share of foreign spying. I know what it's like to be snooped on.

    I'm no longer surprised when I suddenly get gobs of spam from a country I've visited. My best guess is that someone in the country intercepted my email and recorded my email address. I still get porn spam in Arabic and ads for weight loss products in Mandarin. I've had my laptop and USB keys searched at countless borders.

  • Yet another letsencrypt (ACME) client

    Well, I apparently joined the hordes of people writing ACME (the Protocol behind Let’s Encrypt) clients.

    Like the fairy tale Goldilocks, I couldn’t find a client in the right spot between minimalistic and full-featured for my needs: acme-tiny was too bare-bones; the official letsencrypt client (now called certbot) too huge; and simp_le came very close, but it’s support for pluggable certificate formats made it just a bit too big for me.

  • Keynote - Complexity: The Enemy of Security
  • Security Holes Found in Widely-Used File Compression Library, Leaving Other Products Dangerously Exposed
  • StartEncrypt considered harmful today

    Recently, one of our hackers (Thijs Alkemade) found a critical vulnerability in StartCom’s new StartEncrypt tool, that allows an attacker to gain valid SSL certificates for domains he does not control. While there are some restrictions on what domains the attack can be applied to, domains where the attack will work include google.com, facebook.com, live.com, dropbox.com and others.

  • Unikernels Will Create More Security Problems Than They Solve

    Unikernels, the most recent overhyped technology in search of a problem to solve, have a number of claimed attributes that make them a “better choice.” One most often claimed is that they are “more secure.” This is the first in a series of articles bringing some light to the reality of unikernels so that you can think about them properly, employ them for what they are good for, and avoid the hype.

  • The Python security response team

    As the final presentation of the 2016 Python Language Summit—though it was followed by a few lightning talks that we are not covering—Christian Heimes led a discussion on the Python security response team. There have been some problems along the way that generally boil down to a need for more people working on the team.

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security

Debian Pushes Major Kernel Update to Debian Jessie, Fixes Over 20 Security Flaws

Filed under
Security
Debian

Today, June 28, 2016, Debian Project, through Salvatore Bonaccorso, published details about a major Linux kernel security update for the Debian GNU/Linux 8 "Jessie" operating system.

Read more

Syndicate content

More in Tux Machines

Getting started with Raspberry Pi

So you have a Raspberry Pi, or you’re thinking of getting one, and you want to know how to get started and how to become a master user of one. The Raspberry Pi is a single board computer, meaning that in many ways it's a regular PC, except that everything that makes up the computer is on a single board rather than a traditional PC, which has a motherboard and requires a number of additional daughterboards to make a whole unit. Read more

Games for GNU/Linux

  • Shadow Tactics: Blades of the Shogun Hardcore Tactical Stealth Game Out on Linux
    More and more AAA games are coming to our beloved Linux platform, and nothing makes us happier than to see Daedalic Entertainment's Shadow Tactics: Blades of the Shogun title launching today on Steam for Linux, Mac, and Windows. If you're not familiar with Daedalic Entertainment's work, they are the creators of the superb and fun Deponia series, but Shadow Tactics: Blades of the Shogun is something different, a tactical stealth-strategy game in the style of the Commandos stealth-oriented real-time tactics video game series.
  • Shadow Tactics: Blades of the Shogun, the top-down stealth game is now out
    Shadow Tactics: Blades of the Shogun [GOG, Steam, Official Site] is the rather good top-down stealth game from Mimimi Productions. It's now out way a day-1 Linux release and it has a demo. I played the demo and I was massively impressed, so impressed that I would very much like to cover the game properly. So I will be reaching out to the developer for a key.
  • The Keeper, a promising looking side-scrolling survival action game with plenty of action is coming to Linux
    The Keeper side-scrolling survival action game full of boss battles, a combo system for combat and a day and night cycle will come to Linux.
  • Editorial: A chat about asking developers for a Linux port
    It has come to my attention recently that some people have been taking a really hard stance against developers who want to gauge interest for a Linux port. I want to talk about it for a bit. [...] Be the Linux community I know and love, be helpful to developers, get in on beta testing when you can (I’ve seen plenty of developers give out free keys for this too!) and appreciate the good games we get. We are a smaller market in most people’s eyes, so let’s not turn away anything that could help us grow even a little. The fact is, I’ve seen multiple games only come to Linux because Linux fans showed actual interest in it. One such example is Nightside, which I discovered on Steam. After a quick chat with the developer, I was able to convince them to do a Linux build and after a short test they then decided to do support a Linux build. There’s many such examples like this, but due to the amount of games I cover that’s one I could quickly pull up (without having to sift through hundreds of articles).
  • Dawn of War II has a minor patch to fix a few issues
  • Khronos are working on an open standard for VR, Valve will use it
  • BOOR, a new puzzle platformer will arrive with Linux support next year
    BOOR [Official Site] is a new puzzle platformer from developer Dazlog Studio and publisher BadLand Games that will have Linux support. We have many puzzle platformers now, so I do hope BOOR has something to set itself apart from the rest of them. I haven't seen anything in the trailer or the feature list that really jumps out at me. I am hoping when they reveal more gameplay it will look more enticing.
  • The developers of 'EVERSPACE' are still working on the Linux version, seeking help from Epic Games
    EVERSPACE [Steam, Official Site] is the fantastic looking UE4 space shooter that's being ported to Linux, but the developers have encountered a problem with lighting bugs. I follow the topic on Steam, but a user also emailed this in to ask me to highlight it. I would have anyway since I'm interested in it.
  • Total War: WARHAMMER - Realm of The Wood Elves DLC will come to Linux soon
    Total War: WARHAMMER - Realm of The Wood Elves [Steam] is the next DLC that introduces an exciting race into this strategy game. Feral have confirmed it will be on Linux soon with the quick tweet they sent out.
  • DoomRL or 'DRL' as it's now called has gone open source
    After ZeniMax sent the lawyers knocking, the developer of what was called DoomRL (Doom Roguelike) has changed it's name to 'DRL' [Github, Official Site] and it's now open source. ZeniMax are well within their rights to "protect" the Doom brand, but I still think their lawyers are idiotic for doing this. It's not like small-time roguelike was actually competing with the real Doom.

High School's Help Desk Teaches Open Source IT Skills

The following is an adapted excerpt from chapter six of The Open Schoolhouse: Building a Technology Program to Transform Learning and Empower Students, a new book written by Charlie Reisinger, Technology Director for Penn Manor School District in Lancaster County, Pennsylvania. In the book, Reisinger recounts more than 16 years of Linux and open source education success stories. Penn Manor schools saved over a million dollars by trading proprietary software for open source counterparts with its student laptop program. The budget is only part of the story. As Linux moved out of the server room and onto thousands of student laptops, a new learning community emerged. Read more

What’s New with Xen Project Hypervisor 4.8?

I’m pleased to announce the release of the Xen Project Hypervisor 4.8. As always, we focused on improving code quality, security hardening as well as enabling new features. One area of interest and particular focus is new feature support for ARM servers. Over the last few months, we’ve seen a surge of patches from various ARM vendors that have collaborated on a wide range of updates from new drivers to architecture to security. Read more