security

The computer security paradox

raiden.net: One of the most prized rights of any American is the right to privacy and security. It's something people in some countries would kill for. Yet now there appears to be a very frightening trend growing. Your privacy and security are being thrown out the window wholesale in favor of easier access by law enforcement.

Multiple Linux flaws show that Linux also has kernel issues

blogs.zdnet.com: Not to defend Microsoft, as kernel exploits that provide privileged access are terrible flaws, but we had an interesting discussion in the talkbacks where several people acted as if Microsoft was the only place that could’ve made such mistakes. Well, this is a common flaw across operating systems that is difficult to catch due to the complexities of kernel code.

Do You Really Need Anti-Virus Software?

maketecheasier.com: When a seasoned Windows user first migrates to Linux, the first question is always “where is the anti-virus?” I have been asked this question countless time and were always given the “you are lying to me” kind of look when I told them that they don’t need anti-virus software in Linux.

Hacker Super Bowl pits Mac OS vs. Linux, Vista

linuxworld.com (IDG): It's the most anticipated matchup in the hacker world: Linux versus Mac OS X versus Vista. Who will get hacked first? That's what organizers of the CanSecWest security conference hope to discover this week.

Good malware hunting for Linux

linux.com: Given all the fuss in the news recently about compromised Linux/Apache servers being responsible for infecting Windows users with malware when they visit those compromised sites, we thought it would be a good time to take a look at three of the best rootkit/malware detection tools available for Linux desktop and SOHO users.

Major Linux security hole found

linux-watch.com: With open source that can be a very good thing since when security problems are found they can be fixed quickly. That's the case over this last weekend, Feb. 9-10, when a security problem was found, and given a hot fix, in the 2.6.17 to the most recent production Linux kernel, 2.6.24.1.

Also: Stable and unstable kernel releases

ASUS Eee PC rooted out of the box

risesecurity.org: We recently acquired an ASUS Eee PC. The first thing we did when we put our hands at the ASUS Eee PC was to test its security.

Mass attack on Apache servers running Linux can be stopped by disabling server's dynamic loading

scmagazineus.com: Security vendor SecureWorks reported this week that the mass attack launched against Apache web servers running on the open-source Linux operating system can be thwarted by disabling dynamic loading in the Apache configuration.

Mozilla says that flaw could lead to data leak

LinuxWorld: Mozilla is working to fix a browser flaw that could give attackers unauthorized access to data on a victim's machine.

Also: Super Techies: Brendan Eich

Cybercriminals moving beyond Microsoft to Apple and Linux

iTWire: A new report reveals that in 2007 organised criminal gangs for the first time started attacking Internet connected Apple products with the intention of stealing money. The report issues a chilling warning that the increased popularity of Mac computers and the enthusiastic take-up of net connected products such as iPhone and iPod Touch has its down side.

lies and statistics.

htmlfixit.com: Secunia have reported that more flaws were found in Redhat Linux (633) than in Windows (123), but even a blind man can see it is nowhere near a fair comparison.

SSH: Best Practices

Are you using SSH in the best way possible? Have you configured it to be as limited and secure as possible? The goal of this document is to kick in the new year with some best practices for SSH: why you should use them, how to set them up, and how to verify that they are in place. All of the examples below assume that you are using EnGarde Secure Linux but any modern Linux distribution will do just fine since, as far as I know, everybody ships OpenSSH.

Red Hat and Firefox more buggy than Microsoft?

techworld.com: Secunia has found that the number of security bugs in the open source Red Hat Linux operating system and Firefox browsers far outstripped comparable products from Microsoft last year.

Top FOSS security vulnerabilities

linux.com: Palamida, the San Francisco company that helps companies to audit their use of open source software, has released a list of what it calls "the top five most overlooked open source vulnerabilities." To this list, Palamida has added an additional five vulnerabilities exclusively for Linux.com.

SourceForge hacked, but not to worry(?)

Matt Asay: Valleywag reports that SourceForge.net was hacked Wednesday, resulting in site downtime while SourceForge tracked down the hacker. SourceForge's Ross Turk confirms the report.

Also: Can Sourceforge marketplace open the cash drawer?

Syndicate content