Security Leftovers
-
Security updates for Monday
Security updates have been issued by Debian (aspell, intel-microcode, krb5, rabbitmq-server, and ruby-actionpack-page-caching), Fedora (chromium, containernetworking-plugins, containers-common, crun, fossil, podman, skopeo, varnish-modules, and vmod-uuid), Gentoo (leptonica, libsdl2, and libyang), Mageia (golang, lib3mf, nodejs, python-pip, redis, and xstream), openSUSE (containerd, crmsh, curl, icinga2, and systemd), Oracle (containerd), and Red Hat (thunderbird).
-
Running FIPS 140 workloads on Ubuntu | Ubuntu
Even though cryptography is used by almost every application today, the implementation of it is usually delegated to specialized cryptographic libraries. There are multiple reasons for that, including that implementing cryptography is not easy, and in fact it is easy to get wrong. Small mistakes–such as reusing a nonce–may render the data encrypted by an application recognizable. At the same time, the security landscape changes so fast that secure software of 10 years ago can no longer withstand attacks that exploit newly discovered vulnerabilities. For instance, algorithms like RC4 that were dominant in the early days of Internet commerce are today considered broken.
How can we be assured that these cryptographic applications and libraries implement cryptography correctly and follow best practices such as not using legacy cryptography? As cryptography is sensitive to governments around the world, there is no universally accepted answer yet. To address this problem in the U.S., NIST developed FIPS 140, a data protection standard that is our focus in this article.
FIPS 140 defines security requirements related to the design and implementation of a cryptographic module, or in software terms, for an application or library implementing cryptography. The standard has multiple levels of security, from levels 1 to 4, with level 1 applying to software implementations, while level 2 and further applying to specialized hardware alongside its software. On level 1, the standard requires the use of known, secure cryptographic algorithms and modes for data protection and requires their logical separation from the application. It further includes a certification process that ensures that the claims are tested and attested by an accredited lab by NIST.
In essence the FIPS 140 standard ensures that cryptography is implemented using well known secure designs, follows certain best practices, does not involve obscure algorithms, and that there is a due process in attestation.
-
Renewed FIPS 140-2 Validation For Red Hat Enterprise Linux 8.2 | TFiR: Interviews, News & Analysis by Swapnil Bhartiya
Red Hat has announced the renewal of the Federal Information Processing Standard 140-2 (FIPS 140-2) security validation for Red Hat Enterprise Linux 8.2. The second FIPS certification for the Red Hat Enterprise Linux 8 platform, this validation indicates Red Hat’s leadership and commitment to providing a more secure backbone for the innovation of open hybrid cloud.
With this validation for Red Hat Enterprise Linux 8.2, many of Red Hat’s open hybrid cloud offerings also retain the FIPS 140-2 certification as layered products building on Red Hat Enterprise Linux 8.2’s cryptography modules. These include but are not limited to: Red Hat Ceph Storage, Red Hat Gluster Storage, Red Hat OpenShift, Red Hat OpenStack Platform, Red Hat Satellite, and Red Hat Virtualization.
-
The 10 Best Tools to Scan Your Linux Server for Malware and Security Flaws
Linux is downright one of the most popular and secure operating systems for large-scale servers. Despite its widespread usage, it remains vulnerable to cyberattacks. Hackers target servers to either shut them down or steal valuable information.
There is a pressing need to develop counter-hacking methods to brace security breaches and malware attacks. This is possible by hiring cybersecurity professionals; unfortunately, this can prove to be a costly affair. The next best solution is to install scanning tools that fit like a hand in glove for your Linux systems.
- Login or register to post comments
- Printer-friendly version
- 2306 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago