The government of Luxembourg aims to make an inventory of policies on IT security and data protection in the EU Member States. The study is one of the priorities of Luxembourg’s presidency of the EUPAN network, an informal network of European public administration representatives.
Starting with Windows Vista, a new AutoUpdate mechanism was added, allowing these trusted root certificates to be seamlessly downloaded on first use.
Why does this matter? Because the incomplete information shown by Windows leads many people (including some security professionals) to believe that Windows trusts only a dozen or two root certificates out of the box, rather than hundreds.
If you're a Linux user, especially a systems administrator, the Linux Foundation has some security tips to share with you, and they're quite good.
Konstantin Ryabitsev, the Foundation's director of collaborative IT services, published the security checklist that the organization uses to harden the laptops of its remote sysadmins against attacks.
The recommendations aim to balance security decisions with usability and are accompanied by explanations of why they were considered. They also have different severity levels: critical, moderate, low and paranoid.
Linux Foundation project director Konstantin Ryabitsev has publicly-released the penguinistas' internal hardening requirements to help sysadmins and other paranoid tech bods and system administrators secure their workstations.
The baseline hardening recommendations are designed that balance security and convenience for its many remote admins, rather than a full-blown security document.
This is a set of recommendations used by the Linux Foundation for their systems administrators. All of LF employees are remote workers and we use this set of guidelines to ensure that a sysadmin's system passes core security requirements in order to reduce the risk of it becoming an attack vector against the rest of our infrastructure.
On April 15, 2015, officials of the Office of Personnel Management realized they had been hacked and the records of 4.2 million of current and former employees had been stolen. Later investigations by OPM determined in early June that the number affected is 21.5 million, for whom sensitive information, including Social Security Numbers (SSNs), was stolen from the background investigation databases.
This was the biggest breach of United States government data in history. Reports point to China as the source of the breach, but the Administration has not formally accused China.
You might think the effort to fortify cars’ cybersecurity could possibly make strange bedfellows out of automakers and safety advocates, what with all the recent reports basically amounting to the conclusion that a whole car can be hacked. But you’d be wrong.
Oracle’s chief security officer, Mary Ann Davidson, recently ticked off almost everyone in the security business. She proclaimed that you had to do security “expertise in-house because security is a core element of software development and you cannot outsource it.” She continued, “Whom do you think is more trustworthy? Who has a greater incentive to do the job right — someone who builds something, or someone who builds FUD around what others build?”
Grsecurity is a well-known set of patches for the Linux kernel, which greatly enhance the ability of the system to withstand various security threats. As you can imagine, there are many companies that want to use Grsecurity, and they need to follow the accompanying GPL license. They are not doing that, and now Grsecurity needs to take some drastic action.
GitHub is under a distributed-denial-of-service attack being perpetrated by unknown actors.
The service's status page reported “a brief capacity overload” early on Tuesday. The site's assessment of the incident was later upgraded to a a DDOS and at the time of writing the site is at code yellow.
32/64 bit versions of LXLE 14.04.3 released
Delays, delays. First with SeaMonkey then Lanshop. Still, moving forward with the release of LXLE 14.04.3 OS for both 32 & 64 bit machines. 12.04.5 32 bit has also been updated to reflect the same changes.
Notable new features in this release includes, 'Xautolock' providing a top left hotcorner that invokes the 'WinPick" script which is an expose like utility and finally 'OpenSnap' added true aerosnap with just a simple drag & drop.
Back to school: 5 open source programs for students and teachers
In September 2013, Opensource.com featured a selection of top-shelf software to help students and teachers ease back into the classroom. Like our students, open source learning software has grown up since that time. Let's take a look at a few affordable and stress-free open source software tools to help students and teachers make learning fun and stress-free... the commercial software bullies will be running off the playground in no time.
LLVM Clang 3.7 vs. GCC Compiler Benchmarks On Linux
Originally I was also going to feature some OpenMP benchmarks in this compiler comparison since LLVM/Clang 3.7 now has OpenMP 3.1 support, but with these tests and using the latest LLVM OpenMP library, I was still running into some issues even when setting the appropriate compiler flag. I'm still investigating the issue so for now all of the tests in this article are not using OpenMP.
As a side note, daily LLVM/Clang SVN benchmarks using the daily LLVM APT snapshot repository continue to be done in a fully-automated manner each morning on multiple systems over at LinuxBenchmarking.com.