Language Selection

English French German Italian Portuguese Spanish

Security

How Linux containers can solve a problem for defense virtualization

Filed under
GNU
Linux
Security

As the virtualization of U.S. defense agencies commences, the technology’s many attributes—and drawbacks—are becoming apparent.

Virtualization has enabled users to pack more computing power in a smaller space than ever before. It has also created an abstraction layer between the operating system and hardware, which gives users choice, flexibility, vendor competition and best value for their requirements. But there is a price to be paid in the form of expensive and cumbersome equipment, software licensing and acquisition fees, and long install times and patch cycles.

Read more

Linux Malware vs Phishing Schemes

Filed under
GNU
Linux
Security

For years now, we’ve been told about the dangers of how various types of malware like worms and other threats were going to catch the growing Linux user base off guard. As of the year 2014, nothing remotely close to this has happened. Malware exists, but for desktop Linux users, it’s a non-issue.

Despite this fact, there continues to be rumors that malware "could" affect desktop Linux users. It seems the mere "threat" holds greater proof of concept than the reality that no one is actually seeing malware threats on their Linux desktop.

In this article, I’ll examine current threats to the Linux desktop and explain why I believe phishing is far more dangerous to most Linux users than malware.

Read more

Report: IoT Improving Code Quality in Open Source Java Projects

Filed under
OSS
Security

Mountain View, Calif.-based software testing company Coverity has just released a new Scan report, this one focused on open-source big data projects and the impact of the Internet of Things (IoT) on the quality of those projects. In a nutshell, the report concludes that IoT and the tsunami of data that phenomenon is expected to generate over the next decade is actually having a positive affect on code quality. Among the largest big data projects in this Scan -- Apache Hadoop, Hbase and Cassandra -- quality has improved steadily, the report's authors found.

Read more

Is commercial open source more secure than proprietary alternatives?

Filed under
OSS
Security

In summary, IT professionals are gravitating to commercial open source for security and privacy now more so than ever. Gone are the days when cost considerations led the decision to move to open source; today, IT professionals value commercial open source for business continuity, quality and control. On the horizon, expect to see broader adoption of commercial open source. In fact, the most telling result of the Ponemon Institute survey may be the coming exodus from proprietary to commercial open source software, particularly when it comes to collaboration.

Read more

Docker Updates for Three Security Vulnerabilities

Filed under
OSS
Security

The open-source Docker project has updated the Docker engine for container virtualization to version 1.3.3, fixing a trio of security vulnerabilities. The security advisories for the Docker vulnerabilities were first publicly released on Dec. 11 although not every vendor in the Docker ecosystem has been in a hurry to update. Docker has emerged over the course of 2014 to become a popular technology for application virtualization and now has the support of Amazon, IBM, VMware, Microsoft and Red Hat, among others.

Read more

Antivirus Live CD Will Disinfect Your Windows OS

Filed under
Linux
Security

Antivirus Live CD is a Linux distribution based on 4MLinux that includes the ClamAV scanner. It's built for system admins who need a lightweight live CD with an antivirus scanner. A new versions has been released and is now available for download.

Read more

Using encryption on Android – A rant

Filed under
Android
Security

Not every email client for Android out there supports encryption; and when it does, it does not work like Enigmail: you must first install the email client, set it up; then install an app that enables the use of GPG (APG or GnuPG for Android); then you have supposedly and through a reasonably secure process sent your full GPG keys to your phone (SD card or the internal memory).

Read more

Multiple X.Org Vulnerabilities Found, One Is from 1987

Filed under
Graphics/Benchmarks
Security

One of the most important features of the open source development community is its ability to self-correct, even if it takes a very long time. A number of issues in X servers have been corrected recently, and some of them were actually very old. The record holder is a bug introduced back in 1987.

Read more

Linux Turla Malware Infection? Not Going to Happen.

Filed under
GNU
Linux
Security

This code simply isn't in any Linux repository.

That means one must intentionally deviate and go outside of the keyring-protected repo of applications 'into the wild' to obtain this rogue software.

By definition, a trojan, requires one to install the application and then explicitly run it to have its 'payload' execute.

Read more

Video: Security Features in systemd

Filed under
Linux
Red Hat
Security

Lennart Poettering gave a presentation for NLUUG on Nov. 20th, 2014 entitled, "Security Features in systemd".

Read more

Syndicate content

More in Tux Machines

today's howtos

Leftovers: Software

  • SOGo v3.0.0 released
    After about 1.5 year of development, Inverse is extremely happy to announce the immediate availability of SOGo v3.0! This release is considered ready for production use.
  • Tupi 0.2 revision git06 (Kunumi)
    After a year without significant activity, this release has an special meaning not only because it represents the continuity of the project but our strong intention of making of Tupi a professional tool for educational and young artists communities around the world.
  • [RetroShare] Release notes for final 0.6.0
    v0.6.0 is now considered final. This post summarizes the main lines of work since the release of 0.6.0-RC2 (last june).
  • OpenShot 2.0.6 (Beta 3) Released!
  • OpenShot 2.0 Beta Is Now Available for Public Testing
    The update is the third full beta release of the revamped video editor but only the first to made available for public testing. Backers of the OpenShot crowdfunding campaign have been able to use beta builds of the hugely revamped non-linear video editor since January.
  • Atom 1.5.0 Has Been Released
    Atom is an open-source, multi-platform text editor developed by GitHub, having a simple and intuitive graphical user interface and a bunch of interesting features for writing: CSS, HTML, JavaScript and other web programming languages. Among others, it has support for macros, auto-completion a split screen feature and it integrates with the file manager.
  • HPLIP 3.16.2 Brings Support For Debian 8.3, Linux Mint 17.3 And New Printers
    As you may know, HP Linux Imaging and Printing (HPLIP) is a tool for printing, scanning and faxing for the HP printers.
  • Ixion 0.11.0
    Version 0.11.0 of the Ixion library has been just released. You can download it from the project’s home page.
  • Now You Can Use uTorrent Without Ads, Thanks To New Subscription Model
    In the past, the parent company Bittorrent Inc. has relied on an ad-based revenue model to keep uTorrent up and running, but now they have realized the need for a premium experience for the users by charging a nominal amount. Until now, bundled software that hides inside the uTorrent installation package has only consumed space on your computer. The development team is well aware of this issue and that’s why they have come up with the ad-free uTorrent.

Kernel Space: Linux, Graphics

  • Linux kernel bug delivers corrupt TCP/IP data to Mesos, Kubernetes, Docker containers
    The Linux Kernel has a bug that causes containers that use veth devices for network routing (such as Docker on IPv6, Kubernetes, Google Container Engine, and Mesos) to not check TCP checksums. This results in applications incorrectly receiving corrupt data in a number of situations, such as with bad networking hardware. The bug dates back at least three years and is present in kernels as far back as we’ve tested. Our patch has been reviewed and accepted into the kernel, and is currently being backported to -stable releases back to 3.14 in different distributions (such as Suse, and Canonical). If you use containers in your setup, I recommend you apply this patch or deploy a kernel with this patch when it becomes available. Note: Docker’s default NAT networking is not affected and, in practice, Google Container Engine is likely protected from hardware errors by its virtualized network.
  • Performance problems
    Just over a year ago I implemented an optimization to the SPI core code in Linux that avoids some needless context switches to a worker thread in the main data path that most clients use. This was really nice, it was simple to do but saved a bunch of work for most drivers using SPI and made things noticeably faster. The code got merged in v4.0 and that was that, I kept on kicking a few more ideas for optimizations in this area around but that was that until the past month.
  • Compute Shader Code Begins Landing For Gallium3D
    Samuel Pitoiset began pushing his Gallium3D Mesa state tracker changes this morning for supporting compute shaders via the GL_ARB_compute_shader extension. Before getting too excited, the hardware drivers haven't yet implemented the support. It was back in December that core Mesa received its treatment for compute shader support and came with Intel's i965 driver implementing CS.
  • Libav Finally Lands VDPAU Support For Accelerated HEVC Decoding
    While FFmpeg has offered hardware-accelerated HEVC decoding using NVIDIA's VDPAU API since last summer, this support for the FFmpeg-forked libav landed just today. In June was when FFmpeg added support to its libavcodec for handling HEVC/H.265 video decoding via NVIDIA's Video Decode and Presentation API for Unix interface. Around that same time, developer Philip Langdale who had done the FFmpeg patch, also submitted the patch for Libav for decoding HEVC content through VDPAU where supported.

Unixstickers, Linux goes to Washington, Why Linux?

  • Unixstickers sent me a package!
    There's an old, popular saying, beware geeks bearing gifts. But in this case, I was pleased to see an email in my inbox, from unixstickers.com, asking me if I was interested in reviewing their products. I said ye, and a quick few days later, there was a surprise courier-delivered envelope waiting for me in the post. Coincidentally - or not - the whole thing happened close enough to the 2015 end-of-the-year holidays to classify as poetic justice. On a slightly more serious note, Unixstickers is a company shipping T-shirts, hoodies, mugs, posters, pins, and stickers to UNIX and Linux aficionados worldwide. Having been identified one and acquired on the company's PR radar, I am now doing a first-of-a-kind Dedoimedo non-technical technical review of merchandise related to our favorite software. So not sure how it's gonna work out, but let's see.
  • Linux goes to Washington: How the White House/Linux Foundation collaboration will work
    No doubt by now you've heard about the Obama Administration's newly announced Cybersecurity National Action Plan (CNAP). You can read more about it on CIO.com here and here. But what you may not know is that the White House is actively working with the Linux and open source community for CNAP. In a blog post Jim Zemlin, the executive director of the Linux Foundation said, “In the proposal, the White House announced collaboration with The Linux Foundation’s Core Infrastructure Initiative (CII) to better secure Internet 'utilities' such as open-source software, protocols and standards.”
  • Why Linux?
    Linux may inspire you to think of coders hunched over their desks (that are littered with Mountain Dew cans) while looking at lines of codes, faintly lit by the yellow glow of old CRT monitors. Maybe Linux sounds like some kind of a wild cat and you have never heard the term before. Maybe you have use it every day. It is an operating system loved by a few and misrepresented to many.