Language Selection

English French German Italian Portuguese Spanish

Security News

Filed under
Security
  • OpenSSL project releases patch to fix critical bug
  • Microsoft's monthlong patch delay could pose risks [Ed: Microsoft is in no hurry because there are back doors it knows about but keeps secret anyway]

    Microsoft has decided to bundle its February patches together with those scheduled for March, a move that at least some security experts disagree with.

    "I was surprised to learn that Microsoft wants to postpone by a full month," said Carsten Eiram, the chief research officer at vulnerability intelligence firm Risk Based Security, via email. "Even without knowing all the details, I find such a decision very hard to justify. They are aware of vulnerabilities in their products and have developed fixes; those should always be made available to customers in a timely fashion."

    Microsoft took everyone by surprise on Tuesday when it announced that this month's patches had to be delayed because of a "last minute issue" that could have had an impact on customers. The company did not initially specify for how long the patches will be postponed, which likely threw a wre

  • Zero-day flaw around, but Microsoft updates delayed by a month
  • Microsoft misses regular security fix date

    Microsoft has delayed the release of a security update that would have fixed a vulnerability cyber thieves are known to be exploiting.

    The fix was to be released as part of Microsoft's regular monthly security update for its Windows software.

  • How Google reinvented security and eliminated the need for firewalls

    In some ways, Google is like every other large enterprise. It had the typical defensive security posture based on the concept that the enterprise is your castle and security involves building moats and walls to protect the perimeter.

    Over time, however, that perimeter developed holes as Google’s increasingly mobile workforce, scattered around the world, demanded access to the network. And employees complained about having to go through a sometimes slow, unreliable VPN. On top of that, Google, like everyone else, was moving to the cloud, which was also outside of the castle.

  • No Firewalls, No Problem for Google

    On Tuesday at RSA Conference, Google shared the seven-year journey of its internal BeyondCorp rollout where it affirms trust based on what it knows about its users and devices connecting to its networks. And all of this is done at the expense—or lack thereof—of firewalls and traditional network security gear.

  • Android Phone Hacks Could Unlock Millions of Cars

More in Tux Machines

Debian GNU/Linux 10 "Buster" Installer Updated with Linux Kernel 4.16 Support

Developed under the Debian Testing umbrella, the forthcoming Debian GNU/Linux 10 "Buster" operating system series just received today the third alpha milestone of its installer, which lets people install the Linux-based operating system on their personal computers, servers, and IoT devices, such as the Raspberry Pi. One of the most interesting changes that caught out eyes is the bump of the kernel support from Linux kernel 4.13, which was used in the second alpha build, to Linux kernel 4.16. Of course, this means that there's better hardware support, so chances are you'll be able to install the development version of Debian GNU/Linux 10 "Buster" on newer machines or if you have some exotic components on your PC. Read more

The New Microsoft

  • Microsoft ICE Contract Draws Fire

    “ICE’s decision to accelerate IT modernization using Azure Government will help them innovate faster while reducing the burden of legacy IT. The agency is currently implementing transformative technologies for homeland security and public safety, and we’re proud to support this work with our mission-critical cloud,” he wrote.

  • Microsoft faces outrage for blog post touting ICE contract

    As outrage grew online, a Microsoft employee quietly removed mention of ICE from the January press release this morning. Social media users noticed that, too. The company has since restored the press release's original language, and called its removal a "mistake."

  • Microsoft Removes Mention of ICE Cloud Work After Protests

    Microsoft Corp. scrubbed an online reference to its work for U.S. Immigration and Customs Enforcement as the agency faces criticism for its role in separating families at the U.S.-Mexican border.

  • Microsoft briefly removes blog post mentioning ICE contract after backlash
  • Microsoft's Ethical Reckoning Is Here

    Tech Workers Coalition, a labor group for tech industry employees, urged Microsoft employees to coordinate their opposition. “If you are a worker building these tools or others at Microsoft, decide now that you will not be complicit,” the group tweeted.

Android Leftovers

First Ubuntu Touch OTA-4 Release Candidate Based on Ubuntu 16.04 LTS Is Here

The latest Ubuntu Touch update from UBports, OTA-3, was released last year near the Christmas holidays, but it was still based on Ubuntu 15.04 (Vivid Vervet), so if you though Ubuntu Phones are dead, think again, because the UBports team has been hard at work to bring you the OTA-4, which will be the first to rebase the operating system on Ubuntu 16.04 LTS (Xenial Xerus). "The main reason why the arrival of OTA-4 seemed to take so long is because Ubuntu Touch switched its base to Ubuntu 16.04 LTS Xenial Xerus. This is a mammoth milestone for the project, because it allowed us to transition from the unsupported Ubuntu 15.04 Vivid Vervet to a Long Term Support (LTS) base," reads today's announcement. Read more Also: UBports' Ubuntu Touch OTA-4 RC Released, Upgrades To Ubuntu 16.04 LTS