Language Selection

English French German Italian Portuguese Spanish

Security

Kickstarter pulls Anonabox, a Tor-enabled router that raised over $585,000

Filed under
Development
Security

The Anonabox, which was created by August Germar, of Chico, California, aimed to be an “open source embedded networking device designed specifically to run Tor.” Its fundraising goal was $7,500, and in five days, it raised $585,549 from nearly 9,000 backers—including three Ars editors.

Germar told Ars that he was not aware that it had been suspended until Ars forwarded him an e-mail from Kickstarter outlining the possible reasons why it could have been cancelled.

Read more

Tor Browser 4.0 is released

Filed under
Security
Web

This release also features an in-browser updater, and a completely reorganized bundle directory structure to make this updater possible. This means that simply extracting a 4.0 Tor Browser over a 3.6.6 Tor Browser will not work. Please also be aware that the security of the updater depends on the specific CA that issued the www.torproject.org HTTPS certificate (Digicert), and so it still must be activated manually through the Help ("?") "about browser" menu option. Very soon, we will support both strong HTTPS site-specific certificate pinning (ticket #11955) and update package signatures (ticket #13379). Until then, we do not recommend using this updater if you need stronger security and normally verify GPG signatures.

Read more

DOCKER 1.3: SIGNED IMAGES, PROCESS INJECTION, SECURITY OPTIONS, MAC SHARED DIRECTORIES

Filed under
Linux
Server
Security

First up, in this release, the Docker Engine will now automatically verify the provenance and integrity of all Official Repos using digital signatures. Official Repos are Docker images curated and optimized by the Docker community to be the best building blocks for assembling distributed applications. A valid signature provides an added level of trust by indicating that the Official Repo image has not been tampered with.

Read more

What you need to know about the SSLv3 “POODLE” flaw (CVE-2014-3566)

Filed under
Red Hat
Security

So, the bottom line is: on servers and clients, disable SSLv3 (and, of course, older). Updates to Fedora packages which make this the default will be forthcoming, but in the meantime, you can do it manually. Red Hat is working on a security blog article explaining the steps to take for different software; we’ll link to that when it becomes available.

Read more

South Korea Faces The Bill For Lock-in To Wintel

Filed under
Microsoft
Security

I expect Korea will have to redo everything and get it right this time. Let’s hope they demand GNU/Linux be used for on-line/financial transactions and to protect data but failing that let’s hope they make GNU/Linux optional and the people can decide. There’s something refreshing about a whole country aroused about insecurity with that other OS on the check-list of things to fix.

Read more

7 free tools every network needs

Filed under
OSS
Security

From device discovery to visibility into systems, networks, and traffic flows, these free open source monitoring tools have you covered

Read more

With This Tiny Box, You Can Anonymize Everything You Do Online

Filed under
OSS
Security

No tool in existence protects your anonymity on the Web better than the software Tor, which encrypts Internet traffic and bounces it through random computers around the world. But for guarding anything other than Web browsing, Tor has required a mixture of finicky technical setup and software tweaks. Now routing all your traffic through Tor may be as simple as putting a portable hardware condom on your ethernet cable.

Read more

SEANux – a version of Linux from the Syrian Electronic Army

Filed under
GNU
Linux
Security

For now, consider me skeptical of SEANux. After all, back in early 2012 the so-called AnonymousOS was released, a purported new operating system from the Anonymous collective – only to reportedly be found ridden with trojan horses.

Read more

Free Linux-Based Firewall Smoothwall Express 3.1 Is One of the Biggest Releases in Years

Filed under
GNU
Linux
Security

Smoothwall Express is a free firewall that is based on a GNU/Linux kernel that comes with an easy to use interface. The latest version available is now 3.1 and its been in the works for a long time.

Read more

BlackPhone Reviewed: Secure OS Inside a Generic Design and Not Quite Cheap

Filed under
Android
Security

“If privacy is important to you, the Blackphone is almost certainly what you’re after in a mobile device. Besides, you don’t have much choice currently. One thing I’m still coming to terms with, however, is the concept of selling peace of mind.

As Edward Snowden continues to leak information about how the NSA and other national government agencies were/are hoovering up every bit of personal data available to them, digital privacy has never been a hotter topic. With people wanting more control over how their data is handled, it was inevitable that products like the Blackphone would appear.”

Read more

Syndicate content

More in Tux Machines

Kodi 14.0 Helix Unwinds

Merry Christmas and happy holidays, everyone! We are proud to announce the release of Kodi 14.0, which comes with a new name, a new logo, and a wide variety of new features, but underneath the new coat of paint remains the same software we all love. A detailed changelog for Kodi 14 can be found under milestones on our code repository, should you be interested. With that said, let’s take a look at some of the features that come with Kodi 14.0. Read more

KaOS ISO 2014.12

KaOS is very proud to announce the availability of the December release of a new stable ISO. This ISO marks two major milestones for this distribution. Since it’s inception almost two years ago, a need to be ready for UEFI installs has always been a priority. That was tied though to getting a modern Qt based installer that could handle such UEFI installs. With this ISO, both are implemented. Read more

Old FOSS Friend & Foe Represents Sony in Hack

Boies, along with three attorneys representing the States, brought Microsoft to it’s knees — or so it seemed at the time. On November 5, 1999, Judge Thomas Penfield Jackson found that Windows dominance on the PC made the company a monopoly and that the company had taken illegal actions against Apple, Java, Netscape, Lotus Notes, RealNetworks, Linux, and others in order to maintain that monopoly. He ordered Microsoft broken in two, with one company producing Windows and another handling all other Microsoft software. As we all know, Judge Jackson’s solution was never implemented. Although an appeals court upheld the verdict against Redmond, the breakup of the company was overturned and sent back to the lower court for a review by a new judge. Two years later, in September, 2001, under the Bush Administration, the DOJ announced that it was no longer seeking the breakup of Microsoft, and in November reached a settlement which California, Connecticut, Iowa, Florida, Kansas, Minnesota, Utah, Virginia and Massachusetts opposed. The settlement basically required Microsoft to share its APIs and appoint a three person panel that would have complete access to Microsoft’s systems, records, and source code for five years. The settlement didn’t require Microsoft to change any code or stop the company from tying additional software with Windows. Additionally, the DOJ did not require Microsoft to change any of its code. Read more

Study: ‘European Parliament should use open source’

The European Parliament should use free software and open standards for all of its ICT systems and data, concludes a study by the EP’s Greens/European Free Alliance: “That is the most appropriate way for the Parliament to meet its own standard of ‘utmost transparency’.” Read more