Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Thursday
  • SHA-1 Deprecation: Pro, Con, or Extend?

    I read Ryan's article about why SHA-1 should be deprecated faster and why we should veto the proposed extensions. It is an excellent explanation of what's going on. I highly recommend it (and look forward to the complete series when he publishes it):

  • Legacy Verified: Legacy Solutions

    While the previous post explored the historical context in which the SHA-1 deprecation fits, and in the many failures to respond adequately to known risks, it didn’t really address the actual Legacy Verified proposal made by CloudFlare and Facebook, and subsequently endorsed by Twitter, nor how it attempts to mitigate the concerns with continuing SHA-1 allocation.

  • Let’s Encrypt Now Being Abused By Malvertisers

    Encrypting all HTTP traffic has long been considered a key security goal, but there have been two key obstacles to this. First, certificates are not free and many owners are unwilling to pay; secondly the certificates themselves are not always something that could be set up by a site owner.

  • Security Guide: How to Protect Your Infrastructure Against the Basic Attacker
  • Linux.Encoder Authors Couldn’t Correctly Disguise Encryption Key

    Renowned Security Software Company in Russia named Doctor Web happened to be first to detect as well as report one wholly working ransomware Trojan created to infect Linux computers. A sample named Linux.Encoder.1 recently showed quite resembling activity with the notorious CryptoWall ransomware. Fifty percent of the widely used AV engines of VirusTotal could not recognize the sample which broke new ground during the Linux domain. The malware chiefly concentrated on hijacking computers using Web servers as also encrypted critical folders utilized during Web-hosting as well as within Web-development ambience.

More in Tux Machines

Games for GNU/Linux

Qubes OS 3.2 has been released!

I’m happy to announce that today we’re releasing Qubes OS 3.2! This is an incremental improvement over the 3.1 version that we released earlier this year. A lot of work went into making this release more polished, more stable and easier to use than our previous releases. One major feature that we’ve improved upon in this release is our integrated management infrastructure, which was introduced in Qubes 3.1. Whereas before it was only possible to manage whole VMs, it is now possible to manage the insides of VMs as well. Read more

Red Hat claims headway in Asia, bets big on container and hybrid cloud

While the smallest in terms of revenue contribution, Asia is Red Hat's fastest growing region and is likely to continue its upwards trajectory as emerging markets roll out new infrastructure. Developing nations in the region were embarking on many net new infrastructure projects, rather than replacement for existing technology, and open source would be involved in a large share of such projects. The decisions on which technology to deploy would rarely be between proprietary or open source, but rather on which open source vendor to go with or to do so internally, said Red Hat President and CEO Jim Whitehurst. Read more

LibreOffice Office Suite Celebrates 6 Years of Activity with LibreOffice 5.2.2

Today, September 29, 2016, Italo Vignoli from The Document Foundation informs Softpedia via an email announcement about the general availability of the first point release of the LibreOffice 5.2 open-source and cross-platform office suite. On September 28, the LibreOffice project celebrated its 6th anniversary, and what better way to celebrate than to push a new update of the popular open source and cross-platform office suite used by millions of computer users worldwide. Therefore, we would like to inform our readers about the general availability of LibreOffice 5.2.2, which comes just three weeks after the release of LibreOffice 5.2.1. "Just one day after the project 6th anniversary, The Document Foundation (TDF) announces the availability of LibreOffice 5.2.2, the second minor release of the LibreOffice 5.2 family," says Italo Vignoli. "LibreOffice 5.2.2, targeted at technology enthusiasts, early adopters and power users, provides a number of fixes over the major release announced in August." Read more