Language Selection

English French German Italian Portuguese Spanish

Security

Nude photos, phone records, NSA data offer essential lessons for admins

Filed under
Server
Security

As to that NSA data, a great deal of confusion about "surveillance" seems to be floating around. In the United Kingdom, questions are being asked about all the data-gathering by the British equivalent of the NSA, GCHQ. In response, Secretary of State Theresa May has responded that "there is no programme of mass surveillance and there is no surveillance state" and labels claims that GCHQ engages in unlawful hacking as "nonsense." Yet clearly, a lot of data is being gathered.

GCHQ, the NSA, and probably every other intelligence agency worth the name is actively gathering data from the Internet. Everything on the Internet is transient, with different decay periods, so gathering information is a constant process. They believe everything that can be gathered without illegal action is fair game, so they gather anything and everything they can, storing it just in case.

They are without doubt capturing and recording all and any email, instant messages, Web pages, social media traffic, and so on. Recent disclosures reveal that the NSA collects "nearly everything a user does on the Internet," then offers analysts tools to search that data. The NSA has a variety of explanations why it's all legally gathered.

Read more

Firewall detects rogue cell towers that try to intercept your calls

Filed under
Android
Security

Most people know to turn off GPS on their mobiles if they are bothered about being tracked however fewer people know not to leave on Wi-Fi & call service as these also can be used to track you.

A CryptoPhone maker, GSMK, has developed a firewall that tells you if rogue cell towers are trying to connect to your phone. This is the first phone to protects against these attacks but it’s only compatible with one device, a modded Galaxy S3.

Read more

HardenedBSD: The Latest BSD Project That Aims To Boost Security

Filed under
Security
BSD

HardenedBSD is the latest BSD distribution writing into Phoronix to share its work.

HardenedBSD isn't some radical new BSD operating system but rather it's working on being a security-enhanced version of FreeBSD. HardenedBSD is just about providing security enhancements on top of the FreeBSD code-base. This initiative just started this summer by Oliver Pinter and Shawn Webb.

Read more

Out in the Open: Take Back Your Privacy With This Open Source WhatsApp

Filed under
OSS
Security

Private messaging apps like SnapChat and WhatsApp aren’t as private as you might think.

SnapChat settled with the Federal Trade Commission earlier this month over a complaint that its privacy claims were misleading, as reported by USA Today, and last week, the Electronic Frontier Foundation published a report listing the company as the least privacy-friendly tech outfit it reviewed, including Comcast, Facebook, and Google. Last year, WhatsApp faced privacy complaints from the Canadian and Dutch governments, and like Snapchat, its security has been an issue as well.

Read more

Bringing new security features to Docker

Filed under
Red Hat
Server
Security

In the first of this series on Docker security, I wrote "containers do not contain." In this second article, I'll cover why and what we're doing about it.

Docker, Red Hat, and the open source community are working together to make Docker more secure. When I look at security containers, I am looking to protect the host from the processes within the container, and I'm also looking to protect containers from each other. With Docker we are using the layered security approach, which is "the practice of combining multiple mitigating security controls to protect resources and data."

Basically, we want to put in as many security barriers as possible to prevent a break out. If a privileged process can break out of one containment mechanism, we want to block them with the next. With Docker, we want to take advantage of as many security mechanisms of Linux as possible.

Luckily, with Red Hat Enterprise Linux (RHEL) 7, we get a plethora of security features.

Read more

Open source needs more than the Open Crypto Audit Project

Filed under
OSS
Security

But open source tends to be something of an agglomeration of programmers -- some brilliant, some boneheaded -- around a core developer or two. I think it just might be possible to influence the small group of programmers at the core of each open source project to create a culture that develops secure code. In fact, in some ways it might even be easier to do with open source projects because they, for the most part, don't face the arbitrary deadlines of the commercial world.

Read more

Open source software security: Who can you trust?

Filed under
OSS
Security

Fears of backdoors and heightened concerns about encryption software are running rampant.

Read more

Red Hat: Open source "more secure" than proprietary

Filed under
Red Hat
Security

Open source technologies are "more secure" than software that is developed in a proprietary way, Red Hat's JBoss middleware business unit general manager, Mike Piech, said in a meeting with journalists.

On the one hand, open source software code is freely available, which means that hackers will see how to hack it. But, on the other, there is also a vast community of people working to maintain open source software security.

Read more

Tails 1.1.1 is out

Filed under
GNU
Linux
Security
Debian

The next Tails release is scheduled for October 14.

Have a look to our roadmap to see where we are heading to.

Read more

Healthdirect Australia sees value in open source for security solution

Filed under
OSS
Security

Commonwealth and state/territory government funded public company, Healthdirect Australia, has used open source software to build an identity and access management (IAM) solution.

The IAM solution allows users to have one identity across all of its websites and applications. For example, users can sign in using their Facebook, LinkedIn or Gmail account.

Read more

Syndicate content

More in Tux Machines

KWayland Server Component Coming For KDE Plasma 5.2

KWayland was introduced last month with the KDE Plasma 5.1 release but it lacked the server-side code. With the upcoming release of Plasma 5.2, that will change with the server component to KWayland having been merged. Readreactor'smore

Where is M13? Review – A Simple and Powerful Galactic Atlas

Where is M13? is a planetarium application that allows users to view details about distant objects in the sky, covering a very large number of items ranging from stars to other galaxies. There are not many apps that can do this, so most of the shortcomings could be forgotten. Read more

Raspberry Pi and Coder by Google for beginners and kids

Coder is a fantastic resource for learning programming. It simplifies the process of getting started, requires very inexpensive components, and provides fun and engaging activities. If you are planning on gettting a Raspberry Pi for the holidays, (or already have one), Coder is a great addition to get extra fun and learning from that little board. Read more

‘Where is the nearest?’: Spain shares code for web map-tool

The government of Spain is making available as open source the code for Ciudadania Europea, a web site that pointed citizens to the nearest embassies and consular services in European countries. That service was closed this summer, but the code is now freely available for other similar projects. Read more