Security News
-
Security advisories for Friday
-
surveillance, whistleblowing, and security engineering
Imagine for a moment that you are a security engineer who discovers a backdoor that your company execs have been trying to hide from your team. Would you quit on ethical grounds or stay so that you can prevent this from happening again? I don’t think there is one right answer. Personally I am grateful both for those who left and blew the whistle, and for those who stayed to protect Yahoo’s 800 million users.
Part of the job function of security engineers and pen testers is being ready for the moment you encounter something that you think should be disclosed but your company wants to keep secret. Think about what you would be willing to lose. Be prepared to escalate internally. Know the terms of your NDA and your exit agreement; try your best to honor them. Most of all, keep pushing for end-to-end encryption.
-
Digital Vigilantes Want to Shame DDoS Attackers And Their Corporate Enablers
Hacker attacks that try to take down websites with a flood of bogus traffic, technically known as Distributed Denial of Service (DDoS) attacks, have become a daily occurrence on the internet. The rise of DDoS has created a cottage industry of companies dedicated to mitigating the attacks, and, on the flip side, professional DDoS-for-hire services and gangs.
Now, a group of security researchers wants to name and shame not only the hackers responsible for such crippling attacks, but also the internet providers and traffic carriers that enable them by turning a blind eye to their actions, with a project called SpoofIT.
-
Russia Drafting Law to Favor Open Source
I wrote the original cyber-vulnerability letter to the White House in 1994, and instead of acting responsibly, the US Government allowed NSA -- with the active complicty of US communicaitons and computing provider CEOs -- to compromise all US offerings. Not only are the communications and computing devices and related consulting compromised, but so are larger offerings (e.g. Boeing aircraft, which come with a computer system pre-configured for US Government remote control take-over -- Lufthansa is reported to have discovered this and at great expense removed all US computers from every aircraft). NOTE: I am quite certain about both of the above indictments, but only a proper European Commission investigation can satisfy the public interest; I believe that the same problems infect C4I systems from China, France, Israel, and Russia, and I do not believe most people are aware that the electrical system is now easily used to enter computers that are nominally disconnected from the Internet.
-
Systemd vulnerability crashes Linux systems
A new vulnerability has been discovered that could shut down most Linux systems using a command short enough to fit in a tweet.
- Login or register to post comments
- Printer-friendly version
- 2283 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago