Language Selection

English French German Italian Portuguese Spanish

Security

Out in the Open: Take Back Your Privacy With This Open Source WhatsApp

Filed under
OSS
Security

Private messaging apps like SnapChat and WhatsApp aren’t as private as you might think.

SnapChat settled with the Federal Trade Commission earlier this month over a complaint that its privacy claims were misleading, as reported by USA Today, and last week, the Electronic Frontier Foundation published a report listing the company as the least privacy-friendly tech outfit it reviewed, including Comcast, Facebook, and Google. Last year, WhatsApp faced privacy complaints from the Canadian and Dutch governments, and like Snapchat, its security has been an issue as well.

Read more

Bringing new security features to Docker

Filed under
Red Hat
Server
Security

In the first of this series on Docker security, I wrote "containers do not contain." In this second article, I'll cover why and what we're doing about it.

Docker, Red Hat, and the open source community are working together to make Docker more secure. When I look at security containers, I am looking to protect the host from the processes within the container, and I'm also looking to protect containers from each other. With Docker we are using the layered security approach, which is "the practice of combining multiple mitigating security controls to protect resources and data."

Basically, we want to put in as many security barriers as possible to prevent a break out. If a privileged process can break out of one containment mechanism, we want to block them with the next. With Docker, we want to take advantage of as many security mechanisms of Linux as possible.

Luckily, with Red Hat Enterprise Linux (RHEL) 7, we get a plethora of security features.

Read more

Open source needs more than the Open Crypto Audit Project

Filed under
OSS
Security

But open source tends to be something of an agglomeration of programmers -- some brilliant, some boneheaded -- around a core developer or two. I think it just might be possible to influence the small group of programmers at the core of each open source project to create a culture that develops secure code. In fact, in some ways it might even be easier to do with open source projects because they, for the most part, don't face the arbitrary deadlines of the commercial world.

Read more

Open source software security: Who can you trust?

Filed under
OSS
Security

Fears of backdoors and heightened concerns about encryption software are running rampant.

Read more

Red Hat: Open source "more secure" than proprietary

Filed under
Red Hat
Security

Open source technologies are "more secure" than software that is developed in a proprietary way, Red Hat's JBoss middleware business unit general manager, Mike Piech, said in a meeting with journalists.

On the one hand, open source software code is freely available, which means that hackers will see how to hack it. But, on the other, there is also a vast community of people working to maintain open source software security.

Read more

Tails 1.1.1 is out

Filed under
GNU
Linux
Security
Debian

The next Tails release is scheduled for October 14.

Have a look to our roadmap to see where we are heading to.

Read more

Healthdirect Australia sees value in open source for security solution

Filed under
OSS
Security

Commonwealth and state/territory government funded public company, Healthdirect Australia, has used open source software to build an identity and access management (IAM) solution.

The IAM solution allows users to have one identity across all of its websites and applications. For example, users can sign in using their Facebook, LinkedIn or Gmail account.

Read more

Kali Tools Website Launched, 1.0.9 Released

Filed under
GNU
Linux
Security

Now that we have caught our breath after the Black Hat and DEF CON conferences, we have put aside some time to fix an annoying bug in our 1.0.8 ISO releases related to outdated firmware as well as regenerate fresh new ARM and VMware images (courtesy of Offensive Security) for our new 1.0.9 release.

Read more

Is Open Source an Open Invitation to Hack Webmail Encryption?

Filed under
OSS
Security

While the open source approach to software development has proven its value over and over again, the idea of opening up the code for security features to anyone with eyeballs still creates anxiety in some circles. Such worries are ill-founded, though.

One concern about opening up security code to anyone is that anyone will include the NSA, which has a habit of discovering vulnerabilities and sitting on them so it can exploit them at a later time. Such discoveries shouldn't be a cause of concern, argued Phil Zimmermann, creator of PGP, the encryption scheme Yahoo and Google will be using for their webmail.

Read more

Open source software: The question of security

Filed under
OSS
Security

The logic is understandable - how can a software with source code that can easily be viewed, accessed and changed have even a modicum of security?

opensource-security-question
Open source software is safer than many believe.
But with organizations around the globe deploying open source solutions in even some of the most mission-critical and security-sensitive environments, there is clearly something unaccounted for by that logic. According to a November 28 2013 Financial News article, some of the world's largest banks and exchanges, including Deutsche Bank and the New York Stock Exchange, have been active in open source projects and are operating their infrastructure on Linux, Apache and similar systems.

Read more

Syndicate content

More in Tux Machines

Open-source project promises easy-to-use encryption for email, instant messaging and more

Called "Pretty Easy Privacy" (PEP), the project's goal is to integrate the technology with existing communication tools on different desktop and mobile platforms. The development team launched a preview PEP implementation Monday for the Microsoft Outlook email client, but plans to build similar products to encrypt communications in Android, iOS, Firefox OS, Thunderbird, Apple Mail, Jabber, IRC (Internet Relay Chat), WhatsApp, Facebook Messenger, Snapchat and Twitter. Read more

Samsung Open Source Group’s Linux Kernel Updates and More from LinuxCon

This year's LinuxCon & Kernel Summit North America were notable for several reasons, not the least of which included being able to see the scenic views of downtown Chicago through the hotel lobby windows! Below, the Samsung Open Source Group will share our top highlights of the conferences, as well as look forward to what we can expect from LinuxCon Europe next month in Germany. Read more

Open source all the tasks

During the rise of Windows, I was using a desktop composed of a Conectiva Linux (now Mandriva), a window manager called Window Maker, and a Netscape browser. I connected to the Internet using my modem and PPP. Not bad for those who like alternatives. It so happens that at that time the maturity of the software we were using freely and openly was questionable. Furthermore, we didn't have a lot of options when it came to the tools we used to perform our daily tasks. Recently, I was invited to talk at the Firebird Developers Day about Firebird. Firebird is a completely mature open source database management system and is used by companies worldwide. My presentation was about the launch of the FireServer Project, previously covered on Opensource.com: Migration to open source tool inspires new Linux distributiont. It's a Linux distribution based on CentOS and dedicated exclusively to providing a high performance environment to a Firebird database server. It also boasts an ecosystem of value-added services. Read more

Petition Started for 64-bit and Linux Support on Intel Atom Bay Trail Tablets

The Intel Atom Bay Trail tablets have been out for a few months already, but none of the hardware vendors is providing 64-bit firmware builds for them, which means that you can't install any Linux distros. Read more