Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security

Tor 0.3.0.6 is released: a new series is stable!

Filed under
Security

Tor 0.3.0.6 is the first stable release of the Tor 0.3.0 series.

With the 0.3.0 series, clients and relays now use Ed25519 keys to authenticate their link connections to relays, rather than the old RSA1024 keys that they used before. (Circuit crypto has been Curve25519-authenticated since 0.2.4.8-alpha.) We have also replaced the guard selection and replacement algorithm to behave more robustly in the presence of unreliable networks, and to resist guard- capture attacks.

Read more

Easy ways to make your Android device more secure

Filed under
Android
Security

How secure is your data on that Android smartphone? On a scale of "Alcatraz" to "open field of flowers," where does yours rank? If you're truly concerned about the security of your mobile device (which you should be), you know there are always steps to take to further clamp it down. Because some of these steps a bit more complicated, they are often overlooked by the average user. That's why I want to offer up a few easy ways anyone can bring a bit more security to their Android device.

Read more

Security Leftovers

Filed under
Security

Microsoft Begs, Bugs, and Bug Doors

Filed under
Microsoft
Security
  • Don't install our buggy Windows 10 Creators Update, begs Microsoft

    Microsoft has urged non-tech-savvy people – or anyone who just wants a stable computer – to not download and install this year's biggest revision to Windows by hand. And that's because it may well bork your machine.

    It's been two weeks since Microsoft made its Creators Update available, and we were previously warned it will be a trickle-out rather than a massive rollout. Now, Redmond has urged users to stop manually fetching and installing the code, and instead wait for it to be automatically offered to your computer when it's ready.

  • Microsoft Word flaw took so long to fix that hackers used it to send fraud software to millions of computers

    A flaw in Microsoft Word took the tech giant so long to fix that hackers were able to use it to send fraud software to millions of computers, it has been revealed.

    The security flaw, officially known as CVE-2017-0199, could allow a hacker to seize control of a personal computer with little trace, and was fixed on April 11 in Microsoft's regular monthly security update - nine months after it was discovered.

Security Leftovers

Filed under
Security

Security updates and no more patches from grsecurity (without a fee)

Filed under
Security
  • Security updates for Wednesday
  • GrSecurity Kernel Patches Will No Longer Be Free To The Public

    The GrSecurity initiative that hosts various out-of-tree patches to the mainline Linux kernel in order to enhance the security will no longer be available to non-paying users.

    GrSecurity has been around for the better part of two decades and going back to the 2.4 kernel days. In 2015 the stable GrSecurity patches became available to only commercial customers while the testing patches had still been public. That's now changing with all GrSecurity users needing to be customers.

  • Passing the Baton: FAQ

    This change is effective today, April 26th 2017. Public test patches have been removed from the download area. 4.9 was specifically chosen as the last public release as being the latest upstream LTS kernel will help ease the community transition.

  • grsecurity - Passing the Baton

    Anyone here use grsecurity and have any thoughts about this?

More Coverage of Kali Linux 2017.1 Release

Filed under
GNU
Linux
Security
  • Kali Linux 2017.1 Security OS Brings Wireless Injection Attacks to 802.11 AC

    Offensive Security, the developers of the BackTrack-derived Kali Linux open-source, security-oriented operating system announced the availability of the Kali Linux 2017.1 rolling release.

    Since Kali Linux become a rolling distro, the importance of such updated images was never the same, but Kali Linux 2017.1 appears to be a major release of the ethical hacking distro, adding a bunch of exciting new features and improvements to the Debian-based operating system.

  • Kali Linux 2017.1 Released With New Features | Download ISO Files And Torrents Here

    Offensive Security has updated the Kali Linux images with new features and changes. Termed Kali Linux 2017.1, this release comes with support for wireless injection attacks to 802.11ac and Nvidia CUDA GPU. You can simply update your existing installation by running few commands if you don’t wish to download the updated images from Kali repos.

Security Leftovers

Filed under
Security
  • NSA backdoor detected on >55,000 Windows boxes can now be remotely removed

    After Microsoft officials dismissed evidence that more than 10,000 Windows machines on the Internet were infected by a highly advanced National Security Agency backdoor, private researchers are stepping in to fill the void. The latest example of this open source self-help came on Tuesday with the release of a tool that can remotely uninstall the DoublePulsar implant.

  • Turns out, pacemaker security is terrifying

    Ultimately, St. Jude Medical's stock plunged as much as 10 percent in the aftermath. The company launched a lawsuit against MedSec and Muddy Waters, and the three firms skirmished in the press again when MedSec's findings were allegedly reproduced by security firm Bishop Fox. What's more, the second set of researchers claimed they could take over the pacemakers at a distance of around 10 feet.

  • Chrome, Firefox, and Opera users beware: This isn’t the apple.com you want
  • [Older] Phishing with Unicode Domains

    From a security perspective, Unicode domains can be problematic because many Unicode characters are difficult to distinguish from common ASCII characters. It is possible to register domains such as "xn--pple-43d.com", which is equivalent to "аpple.com". It may not be obvious at first glance, but "аpple.com" uses the Cyrillic "а" (U+0430) rather than the ASCII "a" (U+0061). This is known as a homograph attack.

  • New Strain of Linux Malware Could Get Serious [Ed: ECT thinks that people having default username+password is a "Linux" issue? Seriously?

    A new strain of malware targeting Linux systems, dubbed "Linux/Shishiga," could morph into a dangerous security threat.

    Eset on Tuesday disclosed the threat, which represents a new Lua family unrelated to previously seen LuaBot malware.

Kali Linux 2017.1 Release

Filed under
GNU
Linux
Security

Finally, it’s here! We’re happy to announce the availability of the Kali Linux 2017.1 rolling release, which brings with it a bunch of exciting updates and features. As with all new releases, you have the common denominator of updated packages, an updated kernel that provides more and better hardware support, as well as a slew of updated tools – but this release has a few more surprises up its sleeve.

Read more

Also: Kali Linux repository HTTPS support

Syndicate content

More in Tux Machines

today's howtos

Tizen News

Mozilla Firefox Quantum

  • Can the new Firefox Quantum regain its web browser market share?
    When Firefox was introduced in 2004, it was designed to be a lean and optimized web browser, based on the bloated code from the Mozilla Suite. Between 2004 and 2009, many considered Firefox to be the best web browser, since it was faster, more secure, offered tabbed browsing and was more customizable through extensions than Microsoft’s Internet Explorer. When Chrome was introduced in 2008, it took many of Firefox’s best ideas and improved on them. Since 2010, Chrome has eaten away at Firefox’s market share, relegating Firefox to a tiny niche of free software enthusiasts and tinkerers who like the customization of its XUL extensions. According to StatCounter, Firefox’s market share of web browsers has fallen from 31.8% in December 2009 to just 6.1% today. Firefox can take comfort in the fact that it is now virtually tied with its former arch-nemesis, Internet Explorer and its variants. All of Microsoft’s browsers only account for 6.2% of current web browsing according to StatCounter. Microsoft has largely been replaced by Google, whose web browsers now controls 56.5% of the market. Even worse, is the fact that the WebKit engine used by Google now represents over 83% of web browsing, so web sites are increasingly focusing on compatibility with just one web engine. While Google and Apple are more supportive of W3C and open standards than Microsoft was in the late 90s, the web is increasingly being monopolized by one web engine and two companies, whose business models are not always based on the best interests of users or their rights.
  • Firefox Nightly Adds CSD Option
    I’ve said it before and I’ll say it again: Firefox 57 is awesome — so awesome that I’m finally using it as my default browser again. But there is one thing it the Linux version of Firefox sorely needs: client-side decoration.

First Renesas based Raspberry Pi clone runs Linux

iWave’s “iW-RainboW-G23S” SBC runs Linux on a Renesas RZ/G1C, and offers -20 to 85°C support and expansion headers including a RPi-compatible 40-pin link. iWave’s iW-RainboW-G23S is the first board we’ve seen to tap the Renesas RZ/G1C SoC, which debuted earlier this year. It’s also the first Renesas based SBC we’ve seen that features the increasingly ubiquitous Raspberry Pi 85 x 56mm footprint, layout, and RPi-compatible 40-pin expansion connector. The board is also notable for providing -20 to 85°C temperature support. Read more Also: GameShell Is An Open Source And Linux-powered Retro Game Console That You’ll Love