Privacy and security are difficult to come by in our progressively connected world. Advertisers track our browsing habits, employers monitor productivity and government agencies monitor our communications. Most operating systems do not take steps to protect our privacy or our identities, two things which are increasingly difficult to guard. Tails is a Linux distribution that is designed to help us stay anonymous on-line and protect our identity. Tails is a Debian-based live disc that we can use to scrub our files of meta data, browse the web with some degree of anonymity and send private messages. According to the project's website, "Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to: use the Internet anonymously and circumvent censorship; all connections to the Internet are forced to go through the Tor network; leave no trace on the computer you are using unless you ask it explicitly; use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging."
When I began this series of writing about Docker security on Opensource.com, I stated that "containers do not contain."
One of the main goals at both Red Hat and at Docker is to make this statement less true. My team at Red Hat is continuing to try to take advantage of other security mechanisms to make containers more secure. These are a few of the security features we are working at implementing and how they might affect Docker and containers in the future.
Android has been around for years, and it has seen its share of malware, even in Google’s official Play store. Although third-party security vendors had to jump in and come up with a line of defense against ill-intended apps, Google had the inspiration to introduce the Bouncer app-vetting system that kicked malicious apps out of its marketplace.
Increasing demand for new security features encouraged Google to slowly add mechanisms designed to protect against both malicious apps and cybercriminals trying to exploit system vulnerabilities.
OpenSSH 6.8 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
Mozilla has released an open source memory forensics tool that some college students designed and built during the company’s recent Winter of Security event.
The new tool, known as Masche, is designed specifically for investigating server memory and has the advantage of being able to scan running processes without causing any problems with the machine. Masche runs on Linux, OS X and Windows and Mozilla has posted the code on GitHub.
Our GnuPG strategy and code isn't ready. We need to either make all that crypto stuff completely seamless, or improve the tools we expose to the user for manual work. Preferably both.
Of course, the last of those is the big one, and goes back to the discussion around Thunderbird last week. As the Mailpile team emphasised, the project is not being abandoned: the beta-testing did what it was supposed to do - winkle out problems - and the team will now use that feedback to address issues and improve things. But it does show once more that crypto is hard - and that's true not just for open source, but for all kinds of software. The big question remains: is it possible to make it easy enough for many more people to use, or is it doomed to be the preserve of those who really need it, or at least think they do?