Security Leftovers
-
Security updates for Friday
-
Understanding SELinux Roles
I received a container bugzilla today for someone who was attempting to assign a container process to the object_r role. Hopefully this blog will help explain how roles work with SELinux.
When we describe SELinux we often concentrate on Type Enforcement, which is the most important and most used feature of SELinux. This is what describe in the SELinux Coloring book as Dogs and Cats. We also describe MLS/MCS Separation in the coloring book.
-
The Internet Society is unhappy about security – pretty much all of it
The Internet Society (ISOC) is the latest organisation saying, in essence, “security is rubbish – fix it”.
Years of big data breaches are having their impact, it seems: in its report released last week, it quotes a 54-country, 24,000-respondent survey reporting a long-term end user trend to become more fearful in using the Internet (by Ipsos on behalf of the Centre for International Governance Innovation).
Report author, economist and ISOC fellow Michael Kende, reckons companies aren't doing enough to control breaches.
“According to the Online Trust Alliance, 93 per cent of breaches are preventable” he said, but “steps to mitigate the cost of breaches that do occur are not taken – attackers cannot steal data that is not stored, and cannot use data that is encrypted.”
-
UK's new Snoopers' Charter just passed an encryption backdoor law by the backdoor
Among the many unpleasant things in the Investigatory Powers Act that was officially signed into law this week, one that has not gained as much attention is the apparent ability for the UK government to undermine encryption and demand surveillance backdoors.
As the bill was passing through Parliament, several organizations noted their alarm at section 217 which obliged ISPs, telcos and other communications providers to let the government know in advance of any new products and services being deployed and allow the government to demand "technical" changes to software and systems.
-
EU budget creates bug bounty programme to improve cybersecurity
Today the European Parliament approved the EU Budget for 2017. The budget sets aside 1.9 million euros in order to improve the EU's IT infrastructure by extending the free software audit programme (FOSSA) that MEPs Max Anderson and Julia Reda initiated two years ago, and by including a bug bounty approach in the programme that was proposed by MEP Marietje Schaake.
-
Qubes OS Begins Commercialization and Community Funding Efforts
Since the initial launch of Qubes OS back in April 2010, work on Qubes has been funded in several different ways. Originally a pet project, it was first supported by Invisible Things Lab (ITL) out of the money we earned on various R&D and consulting contracts. Later, we decided that we should try to commercialize it. Our idea, back then, was to commercialize Windows AppVM support. Unlike the rest of Qubes OS, which is licensed under GPLv2, we thought we would offer Windows AppVM support under a proprietary license. Even though we made a lot of progress on both the business and technical sides of this endeavor, it ultimately failed.
Luckily, we got a helping hand from the Open Technology Fund (OTF), which has supported the project for the past two years. While not a large sum of money in itself, it did help us a lot, especially with all the work necessary to improve Qubes’ user interface, documentation, and outreach to new communities. Indeed, the (estimated) Qubes user base has grown significantly over that period. Thank you, OTF!
-
Linux Security Basics: What System Administrators Need to Know
Every new Linux system administrator needs to learn a few core concepts before delving into the operating system and its applications. This short guide gives a summary of some of the essential security measures that every root user must know. All advice given follows the best security practices that are mandated by the community and the industry.
-
BitUnmap: Attacking Android Ashmem
The law of leaky abstractions states that “all non-trivial abstractions, to some degree, are leaky”. In this blog post we’ll explore the ashmem shared memory interface provided by Android and see how false assumptions about its internal operation can result in security vulnerabilities affecting core system code.
- Login or register to post comments
- Printer-friendly version
- 1706 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago