Security

ID theft, vulnerabilities, privacy issues, etc

Google's Nexus devices get stealth Android update

Filed under
Android
Security

Google has quietly begun rolling out a new version of Android to its flagship Nexus devices, but so far it has remained shtum on just what has changed.

Support pages from US wireless player T-Mobile reveal that the Nexus 4 and Nexus 5 handsets and the 2013 version of the Nexus 7 tablet all began receiving over-the-air updates to Android 4.4.3 on Monday.

Read more

Announcing Rapid Progress on Core Infrastructure Initiative

Filed under
OSS
Security

A month ago we announced the Core Infrastructure Initiative, a project to help fund critical open source projects that we all rely upon but that are in need of support. We moved quickly to organize the initiative and the industry reaction was swift and enthusiastic. I am proud to report on significant progress that I believe matches the quality of the reaction to the formation of the project.

First order of business was electing the Advisory Board, which will help the Steering Group (made up of funders and The Linux Foundation) determine which projects to fund. We are fortunate to have assembled many of the brightest minds in open source, web technology and computer security. I am thrilled to work with these individuals.

Read more

Tails 1.1 Beta 1 Secure Distro Now Has Windows 8 Comouflage Mode

Filed under
GNU
Linux
Security
Debian

Tails is a distribution based on Debian and Tor technologies that aims to keep its users as anonymous as possible. It gained a lot more visibility after Edward Snowden said that he used exactly this Linux distribution to hide his tracks. The developers are now implementing more changes and fixes that should ensure it becomes even more secure.

Read more

TrueCrypt Not Dead, Forked and Relocated to Switzerland

Filed under
Security

The development of TrueCrypt, an open source piece of software used for on-the-fly encryption, has been terminated and users have been advised not to use it because it is not secure enough. Now, it seems that another team of developers have forked the software and rebased it in Switzerland.

Read more

Kali Linux 1.0.7 review

Filed under
Reviews
Security

The latest update to Kali Linux was released a few days ago. Kali Linux 1.0.7 review is a summary review of the main features of this latest upgrade to the security distribution from Offensive Security, a security and penetration training outfit based somewhere on this third rock from the Sun.

The main feature introduced in Kali Linux 1.0.7 is the ability to transfer the system to a USB stick with encrypted persistence.

Read more

The Linux Foundation’s Core Infrastructure Initiative Announces New Backers, First Projects to Receive Support and Advisory Board Members

Filed under
Linux
Security

The Core Infrastructure Initiative (CII), a project hosted by The Linux Foundation that enables technology companies, industry stakeholders and esteemed developers to collaboratively identify and fund open source projects that are in need of assistance, today announced five new backers, the first projects to receive funding from the Initiative and the Advisory Board members who will help identify critical infrastructure projects most in need of support.

Read more

Hands-on with Kali Linux 1.0.7

Filed under
Linux
Security

One last thing about booting Kali Linux. The details of this are beyond the scope of this kind of general Linux blog, but one of the major advances in this release is support for Encrypted USB Persistence. This is specifically for people who will be booting Kali from a USB stick, it gives them the possibility to securely save changes to an encrypted partition on the USB drive. I haven't had time to look at this in detail yet, much less actually try it out, but at first glance I think it probably removes one of the major reasons for carrying a dedicated laptop around for security analysis, rather than just a Live USB stick.

So there you have it, short and very sweet. If you are interested in network security, forensic analysis or penetration testing, this is a Linux distribution you need to know about. If you're already using it, just make sure that you pick up the latest updates so that you get the new kernel and tools.

Read more

BackTrack Successor Kali Linux 1.0.7 Arrives with Linux Kernel 3.14

Filed under
Linux
Security

As usually, Kali Linux 1.0.7 features various new tools, updated applications, as well as numerous fixes in order to make Kali Linux a more stable and reliable Linux operating system. This includes a new version of the Linux kernel, among other things.

There are numerous Linux distributions in the open source ecosystem, but there are very few built specifically for penetration testing and digital forensics. The former iteration of this distro, BackTrack, is one of the most downloaded OSes and it's the go-to operating system when you need a professional solution.

Read more

Meet the Man Hired to Make Sure the Snowden Docs Aren't Hacked

Filed under
Linux
Security

When he got to Rio, Lee spent one entire day strengthening Greenwald’s computer, which at that point used Windows 8. Lee was worried spy agencies could break in, so he replaced the operating system with Linux, installed a firewall, disk encryption and miscellaneous software to make it more secure.

Read more

Notable Penetration Test Linux distributions of 2014

Filed under
GNU
Linux
Security

A penetration test, or the short form pentest, is an attack on a computer system with the intention of finding security weaknesses, potentially gaining access to it, its functionality and data. A Penetration Testing Linux is a special built Linux distro that can be used for analyzing and evaluating security measures of a target system.

Read more

Silent Circle secures $30 million in funding to expand Blackphone production

Filed under
Android
Security

Private communications firm Silent Circle has secured $30 million in funding to cope with demand for the privacy-based Blackphone, as well as expand operations globally.

Read more

Security's future belongs to open source

Filed under
OSS
Security

The proof that open source, properly applied, is available. Studies, such as the one recently done by Coverity, have found that open-source programs have fewer errors per thousand lines of code than its proprietary brothers. And, it's hard to ignore the Communications-Electronics Security Group (CESG), the group within the UK Government Communications Headquarters (GCHQ) that assesses operating systems and software for security issues, when they said that that while no end-user operating system is as secure as they'd like it to be, Ubuntu 12.04 is the most secure desktop.

On the other hand, the mere existence of Microsoft's monthly Patch Tuesday says everything most of us need to know about how "secure" proprietary software is. I also can't help noticing how every time Microsoft releases a new version of Internet Explorer (IE), they always claim it's the most secure ever. And, then, a new hole is found, and guess what, that same security hole is in every version of IE from IE 6 to IE 11. If IE really were being rewritten to make it secure why are the same holes showing up In Every Version??

Read more

Spyware Driver Notification in Ubuntu Shows Just How Vulnerable Windows Really Is

Filed under
Microsoft
Security
Ubuntu

The biggest problem with any Windows operating system is the security, whether it's about viruses or back doors, and this spyware “message” in a Linux system about Windows drivers shows just how much of a problem security is for Microsoft's OS.

Read more

Tails 1.0 review – total privacy

Filed under
Reviews
Security
Debian

Tails has been a curiosity to us for a while now, long before Snowden made it known to the mainstream. Cropping up every now and then on Distrowatch, we acknowledged that it existed and its list of features seemed to convey that the team knew what they were doing in constructing an ultra-secure and privacy-driven Linux distro. Now post-Snowden and Heartbleed, with the need for journalists and whistleblowers to have true internet privacy, we’ve come to see Tails as a necessity in the changing tech world.

Read more

Tails: An essential distro or an accessory to compliment a tin foil hat for the average user?

Filed under
Security
Debian

For those that don’t know, Tails offers complete privacy (or close to) by way of Tor, its a Debian based distro provided as a bootable image and the idea is you place it on a USB or DVD so that when you turn off the machine, no data is stored locally. Whilst the distro is aimed at the “mainstream average user” I cannot see any other user having issues configuring or indeed using any other distro (with the correctly installed tools) to do exactly the same thing.

You’ve got OpenOffice, GIMP, Audacity included for your other needs and they don’t need any further explanation.

Read more

Our privacy is interdependent

Filed under
Android
Security

Last week I gave a presentation at CommonsFest in the spirit of my Free Your Android post, trying to educate people on simple steps they can make to have better privacy on their mobile devices.

A couple of days before my presentation I watched this great speech from Jillian York and Jacob Appelbaum (please go and watch this). At some point Jacob mentions that "our security is interdependent".

Read more

Is Desktop Linux Secure?

Filed under
GNU
Linux
Security

Considering that security suites aren’t commonly used with Linux on the desktop, this is a legitimate question and worthy of being answered in depth. In this article, I’ll look at how malware affects the Linux community, what vulnerabilities often get ignored and what you should do about it.

Read more

Security pioneer Alan Solomon uses Linux to avoid viruses

Filed under
GNU
Linux
Security

Alan Solomon, creator of Dr Soloman's Antivirus, has admitted to using Linux to avoid viruses rather than try to combat them on Windows.

His comments come after Symantec's Brian Dye estimated that antivirus systems do not even catch half of cyber attacks.

Writing of his decision on his blog, Solomon said: "There doesn't seem to be much malware for Linux. I don't know why. Some say it's because Linux's security is better, some say it's because fewer people use it. I'm not really bothered."

Read more

Open Source Android ALYT Security And Smart Home Manager (video)

Filed under
Android
Security

ALYT is a smart home manager that runs Google’s Android operating system and is completely open source allowing you to tailor it to your exact requirements.

ALYT has been designed to allow users to control home security systems as well as energy usage, entertainment systems as well as providing home automation via an Android powered smartphone or tablet device. Check out the video after the jump to learn more about this new and innovative smart home management system.

Read more

OpenBSD Affirms That LibreSSL Will Be Portable

Filed under
Security
BSD

In the fallout from the OpenSSL heartbleed bug, OpenBSD developers forked OpenSSL into LibreSSL. Initially the only supported platform for LibreSSL was OpenBSD, but the BSD developers are pushing harder now for platform portability.

Read more

Syndicate content