The Linux Foundation has released the first round of CII Best Practices badges as part of a program designed to improve the quality and security of open-source software.
Announced on Tuesday, the non-profit said the Core Infrastructure Initiative (CII), a project which brings tech firms, developers and stakeholders together to create best practice specifications and improve the security of critical open-source projects, has now entered a new stage with the issue of CII badges to a select number of open-source software.
The best way to establish how vulnerable your network is to a hacker attack is to subject it to a penetration test carried out by outside experts. (You must get a qualified third party to help with penetration testing, of course, and eSecurity Planet recently published an article on finding the right penetration testing company.)
In May last year, a new attack on the Diffie Hellman algorithm was released, called Logjam. At the time, I was working on a security team, so it was our responsiblity to check that none of our servers would be affected. We ran through our TLS config and decided it was safe, but also needed to check that our SSH config was too. That confused me – where in SSH is Diffie Hellman? In fact, come to think of it, how does SSH work at all? As a fun side project, I decided to answer that question by writing a very basic SSH client of my own.
The International Open Data Day brings together citizens and developers in major cities around the world to develop tools and applications based on Open Data. In 2016, Open Data Day took place on the 5-6 March.
Dutch government organisations are generally unable to process requests under the new 'Law for re-use of government information' in a timely and correct manner. According to inventories made by the Open State Foundation and Open Archives, government at all levels took months to decide on the requests, had problems providing the information in an open and machine-readable format, and failed to forward requests that should be handled by other organisations.
The issue was brought before Péterfalvi Attila, President of the National Authority for Data Protection and Freedom of Information, by Tóth Bertalan, Deputy Faction Leader for the Hungarian Socialist Party (MSZP). Tóth argued that citizens are restricted in exercising their right of access to public information if an agency asks that much money for its data.
No Ubuntu Back Doors, Windows and Mac Migrations
Today in Linux news Microsoft's market share has dipped below 90% and Mac is disappearing from Linux conventions. Ubuntu founder Mark Shuttleworth said in an interview today that security and encryption are a commitment of Ubuntu's. Jesse Smith reviewed the latest version of Ubuntu and OMG!Ubuntu! shared some glimpses of Ubuntu in the wild. Bryan Lunduke listed 12 "Linux geeks" all users should follow on social media and Sandra Gittlen highlighted six colleges that "immerse students in Open Source."
pfSense developer Chris Buechler announced the availability of a small update for the stable pfSense 2.3 open-source firewall platform based on the FreeBSD operating system.
Introduced as pfSense 2.3 Update 1, this is a small patch that only fixes the recently discovered security issues in the Network Time Protocol (NTP) packages, upgrading them from version 4.2.8p6 to 4.2.8p7, and it shouldn't be confused with pfSense 2.3.1, which will be released in the coming weeks as the first maintenance build.