Language Selection

English French German Italian Portuguese Spanish

Security

Red Hat: Open source "more secure" than proprietary

Filed under
Red Hat
Security

Open source technologies are "more secure" than software that is developed in a proprietary way, Red Hat's JBoss middleware business unit general manager, Mike Piech, said in a meeting with journalists.

On the one hand, open source software code is freely available, which means that hackers will see how to hack it. But, on the other, there is also a vast community of people working to maintain open source software security.

Read more

Tails 1.1.1 is out

Filed under
GNU
Linux
Security
Debian

The next Tails release is scheduled for October 14.

Have a look to our roadmap to see where we are heading to.

Read more

Healthdirect Australia sees value in open source for security solution

Filed under
OSS
Security

Commonwealth and state/territory government funded public company, Healthdirect Australia, has used open source software to build an identity and access management (IAM) solution.

The IAM solution allows users to have one identity across all of its websites and applications. For example, users can sign in using their Facebook, LinkedIn or Gmail account.

Read more

Kali Tools Website Launched, 1.0.9 Released

Filed under
GNU
Linux
Security

Now that we have caught our breath after the Black Hat and DEF CON conferences, we have put aside some time to fix an annoying bug in our 1.0.8 ISO releases related to outdated firmware as well as regenerate fresh new ARM and VMware images (courtesy of Offensive Security) for our new 1.0.9 release.

Read more

Is Open Source an Open Invitation to Hack Webmail Encryption?

Filed under
OSS
Security

While the open source approach to software development has proven its value over and over again, the idea of opening up the code for security features to anyone with eyeballs still creates anxiety in some circles. Such worries are ill-founded, though.

One concern about opening up security code to anyone is that anyone will include the NSA, which has a habit of discovering vulnerabilities and sitting on them so it can exploit them at a later time. Such discoveries shouldn't be a cause of concern, argued Phil Zimmermann, creator of PGP, the encryption scheme Yahoo and Google will be using for their webmail.

Read more

Open source software: The question of security

Filed under
OSS
Security

The logic is understandable - how can a software with source code that can easily be viewed, accessed and changed have even a modicum of security?

opensource-security-question
Open source software is safer than many believe.
But with organizations around the globe deploying open source solutions in even some of the most mission-critical and security-sensitive environments, there is clearly something unaccounted for by that logic. According to a November 28 2013 Financial News article, some of the world's largest banks and exchanges, including Deutsche Bank and the New York Stock Exchange, have been active in open source projects and are operating their infrastructure on Linux, Apache and similar systems.

Read more

GNU hackers discover HACIENDA government surveillance and give us a way to fight back

Filed under
GNU
Security

GNU community members and collaborators have discovered threatening details about a five-country government surveillance program codenamed HACIENDA. The good news? Those same hackers have already worked out a free software countermeasure to thwart the program.

According to Heise newspaper, the intelligence agencies of the United States, Canada, United Kingdom, Australia, and New Zealand, have used HACIENDA to map every server in twenty-seven countries, employing a technique known as port scanning. The agencies have shared this map and use it to plan intrusions into the servers. Disturbingly, the HACIENDA system actually hijacks civilian computers to do some of its dirty work, allowing it to leach computing resources and cover its tracks.

Read more

Black Hat 2014: Open Source Could Solve Medical Device Security

Filed under
OSS
Security

On the topic of source code liability, Greer suggests that eventually software developers, including medical device development companies, will be responsible for the trouble their software causes (or fails to prevent). I think it’s fair to say that it is impossible to guarantee a totally secure system. You cannot prove a negative statement after all. Given enough time, most systems can be breached. So where does this potential liability end? What if my company has sloppy coding standards, no code reviews, or I use a third-party software library that has a vulnerability? Should hacking be considered foreseeable misuse?

Read more

Linux kernel devs made to finger their dongles before contributing code

Filed under
Development
Linux
Security

Beginning on Monday, the security of the Linux kernel source code has become a little bit tighter with the addition of two-factor authentication for the kernel's Git code repositories.

Contributing code changes to the Linux kernel sources at Kernel.org already required more than just a password, even before the change. Developers must use their own unique SSH public keys to login to the Git repositories. But not even this added security layer was truly failsafe – as the software's maintainers found out in 2011 when their servers were rooted.

Read more

We still believe in Linus’ law after Heartbleed bug, says Elie Auvray of Jahia

Filed under
Interviews
OSS
Security

Jahia was incepted in 2002 in Switzerland – the name comes from the contraction of Java (our core language) and Bahia (which means “bay” in Brazil). To support the international growth of the project, Jahia Solutions Group was later formed (in 2005) with offices throughout Europe and Jahia Inc. (the US subsidiary) was created in 2008. Jahia has now offices in Geneva, Paris, Toronto, Chicago, Washington, DC, Dusseldorf and Klagenfurt – and outsourced support centers in Australia and Nicaragua.

Read more

Syndicate content

More in Tux Machines

OpenSUSE 13.2 Beta

Migrating From Windows 7 To Ubuntu: The Ultimate Guide

Despite what all the Linux haters say, choosing Ubuntu is logical and migrating from Windows 7 to Ubuntu is a breeze. This article summarizes the process and provides solutions to some of the most common beginner hiccups. The Windows Vs Mac Vs Linux debate has been going on for years and doesn’t look to be settled anytime soon. If you are a Windows 7 user and still haven’t made the switch to Windows 8, you may want to consider migrating to Ubuntu 14.04, the latest Linux distro from Ubuntu. In addition to strong support from developers and a massive software repository, it’s free, faster and safer than Windows. Read more

7 killer open source monitoring tools

Network and system monitoring is a broad category. There are solutions that monitor for the proper operation of servers, network gear, and applications, and there are solutions that track the performance of those systems and devices, providing trending and analysis. Some tools will sound alarms and notifications when problems are detected, while others will even trigger actions to run when alarms sound. Here is a collection of open source solutions that aim to provide some or all of these capabilities. Read more

Reader Forum: Accelerating ‘IoT’ with an open-source, embedded platform for connected applications

Providing an end-to-end solution for building and deploying new connected applications extremely quickly, at scale, and at a fraction of the cost compared to conventional processes is key to streamlining M2M development. And, using an open-source, Linux-based platform, companies can run applications on any vendor’s hardware and use any cloud management platform. Read more