Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Thursday
  • SHA-1 Deprecation: Pro, Con, or Extend?

    I read Ryan's article about why SHA-1 should be deprecated faster and why we should veto the proposed extensions. It is an excellent explanation of what's going on. I highly recommend it (and look forward to the complete series when he publishes it):

  • Legacy Verified: Legacy Solutions

    While the previous post explored the historical context in which the SHA-1 deprecation fits, and in the many failures to respond adequately to known risks, it didn’t really address the actual Legacy Verified proposal made by CloudFlare and Facebook, and subsequently endorsed by Twitter, nor how it attempts to mitigate the concerns with continuing SHA-1 allocation.

  • Let’s Encrypt Now Being Abused By Malvertisers

    Encrypting all HTTP traffic has long been considered a key security goal, but there have been two key obstacles to this. First, certificates are not free and many owners are unwilling to pay; secondly the certificates themselves are not always something that could be set up by a site owner.

  • Security Guide: How to Protect Your Infrastructure Against the Basic Attacker
  • Linux.Encoder Authors Couldn’t Correctly Disguise Encryption Key

    Renowned Security Software Company in Russia named Doctor Web happened to be first to detect as well as report one wholly working ransomware Trojan created to infect Linux computers. A sample named Linux.Encoder.1 recently showed quite resembling activity with the notorious CryptoWall ransomware. Fifty percent of the widely used AV engines of VirusTotal could not recognize the sample which broke new ground during the Linux domain. The malware chiefly concentrated on hijacking computers using Web servers as also encrypted critical folders utilized during Web-hosting as well as within Web-development ambience.

More in Tux Machines

today's leftovers

today's leftovers

  • Why leading DevOps may get you a promotion
    Gene Kim, author of The Phoenix Project and leading DevOps proponent, seems to think so. In a recent interview with TechBeacon's Mike Perrow, Kim notes that of "the nearly 100 speakers at DevOps Enterprise Summits over the last two years, about one in three have been promoted."
  • Cloud Vendors, The Great Disruptors, Face Disruption From Blockchain
  • SWORDY, a local party brawler could come to Linux if Microsoft allow it
    SWORDY is a rather fun looking local party brawler that has just released on Steam in Early Access. It could see a Linux release too, if Microsoft allow it.
  • System Shock remake has blasted past the Linux stretch goal, officially coming to Linux
    The Linux stretch goal was $1.1 million and it's pleasing to see it hit the goal, so we won't miss out now. I am hoping they don't let anyone down, as they have shown they can do it already by providing the demo. There should be no reason to see a delay with Linux now.
  • GammaRay 2.5 release
    GammaRay 2.5 has been released, the biggest feature release yet of our Qt introspection tool. Besides support for Qt 5.7 and in particular the newly added Qt 3D module a slew of new features awaits you, such as access to QML context property chains and type information, object instance statistics, support for inspecting networking and SSL classes, and runtime switchable logging categories.
  • GammaRay 2.5 Released For Qt Introspection
    KDAB has announced the release of GammaRay 2.5, what they say is their "biggest feature release yet", the popular introspection tool for Qt developers.
  • The new Keyboard panel
    After implementing the new redesigned Shell of GNOME Control Center, it’s now time to move the panels to a bright new future. And the Keyboard panel just walked this step.
  • Debian on Seagate Personal Cloud and Seagate NAS
    The majority of NAS devices supported in Debian are based on Debian's Kirkwood platform. This platform is quite dated now and can only run Debian's armel port. Debian now supports the Seagate Personal Cloud and Seagate NAS devices. They are based on Marvell's Armada 370, a platform which can run Debian's armhf port. Unfortunately, even the Armada 370 is a bit dated now, so I would not recommend these devices for new purchases. If you have one already, however, you now have the option to run native Debian.

OSS Leftovers