security

id theft, vulnerabilities, privacy issues, etc

NSA Has Legitimate Code Running in Linux

softpedia.com: The National Security Agency or NSA is now in the public eye for some nefarious surveillance, but Linux users should know that the agency also had an active role the Linux kernel development, with the addition of SELinux.

some odds & ends:

  • Mozilla launches massive campaign on digital surveillance
  • Got a PRISM and Boundless Informant problem? Whisper and Tor can help
  • Berlin rejects open source plan, looks to open standards instead
  • TuxRadar Open Ballot: Big Brother

Why we need an Anti-Virus in Linux?

worldofgnome.org: For Free Software fans, malware is considered any non-open source software, like your nVidia or Catalyst proprietary drivers. So for this post I tried Avira Antivirus which isn’t free, to fight the fire with fire, or in my case to fight a malware with a malware Wink

Critical Linux vulnerability imperils users, even after “silent” fix

arstechnica.com: A month after critical bug was quietly fixed, "root" vulnerability persists.

Linux still "benchmark of quality" in this year's Coverity Scan

h-online.com: Coverity has called Linux the "benchmark of quality" in its newly published 2012 Coverity Scan Open Source report. Linux 3.8's 7.6 million lines of code has a defect density of .59.

Symantec finds Linux wiper malware

itworld.com: Security vendors analyzing the code used in the cyberattacks against South Korea are finding nasty components designed to wreck infected computers. Tucked inside a piece of Windows malware used in the attacks is a component that erases Linux machines.

Taking Stock of Linux Security and Antivirus Needs

thevarguy.com: Open source fans like to brag that Linux needs no antivirus software. Yet as executives at security vendor ESET were keen to remind me in a recent interview, that truism holds true only to a certain extent.

25 Years of vulnerabilities - Linux has the most

itwire.com: Researchers at Sourcefire have analysed 25 years of vulnerabilities that were reported to CVE and NVD databases and found some interesting results.

Putting enterprise security in place with open source tools

What's the best way to secure an enterprise network, including both communications and data? No single solution fits all situations, but the practices outlined here mark a solid starting point on which IT departments can build.

Desktop Linux needs anti-virus like a fish needs a bicycle

dontsurfinthenude.blogspot: You don't need an anti-virus program on Linux: I've said it before, but Don't Surf in the Nude started because of an interest in internet security, so I can't resist trying out anti-virus programs in Linux.

Linux users targeted by mystery drive-by rootkit

techworld.com: Security researchers have discovered what appears to be an experimental Linux rootkit designed to infect its highly select victims during a classic drive-by website attack.

Why Linux Will Never Suffer From Viruses Like Windows

hothardware.com: There seems to be a recurring phenomenon in the technology press, where any trojan that affects Linux or Macs becomes front page news. On the other hand, trojans that affect Windows are mostly ignored.

'FIRST ever' Linux, Mac OS X-only password sniffing Trojan spotted

theregister.co.uk: Security researchers have discovered a potential dangerous Linux and Mac OS X cross-platform trojan.

Emergency Patches Pushed for Flash, PHP

pcworld.com: The Adobe fix aims to cure an "object confusion vulnerability" discovered in all versions of the player -- Windows, Macintosh, Linux, and Android -- but thus far has only been used to attack Windows systems using Microsoft's browser software.

Student stiffs penetration tool BackTrack Linux with 0-day

theregister.co.uk: A student has discovered a critical vulnerability in BackTrack, a flavour of Linux that's a favourite among security pros.

Syndicate content