Language Selection

English French German Italian Portuguese Spanish

Security

Linux Security Distros Compared: Tails vs. Kali vs. Qubes

Filed under
GNU
Linux
Security

If you're interested in security, you've probably already heard of security-focused Linux distros like Tails, Kali, and Qubes. They're really useful for browsing anonymously, penetration testing, and tightening down your system so it's secure from would-be hackers. Here are the strengths and weaknesses of all three.

It seems like every other day we hear about another hack, browser exploit, or nasty bit of malware. If you do a lot of your browsing on public Wi-Fi networks, you're a lot more susceptible to these types of hacks. A security-focused distribution of Linux can help. For most of us, the use cases here are pretty simple.

Read more

Enterprise Linux 6.5 to 6.6 risk report

Filed under
Red Hat
Security

Red Hat Enterprise Linux 6.6 was released the 14th of October, 2014, eleven months since the release of 6.5 in November 2013. So lets use this opportunity to take a quick look back over the vulnerabilities and security updates made in that time, specifically for Red Hat Enterprise Linux 6 Server.

Read more

Google Open Sources Sophisticated Network Security Tool

Filed under
Google
OSS
Security

Google has announced an open source tool for testing network traffic security called Nogotofail. The project is now available on GitHub, and Google is inviting the community to work with it and help improve the security of networks and the Internet.

Many people are familiar with the “HTTPS everywhere” tool, and a related Firefox add-on, which protect online security. Nogotofail is a roughly similar tool, but is more robust. Here are the details.

Read more

Also: Google Releases Nogotofail Tool to Test Network Security

You Can't Trust Closed-Source Code - Germany Agrees

Filed under
OSS
Security

Similarly, moves by both Microsoft and Amazon, among others, to set up local data centres in the EU will not on their own protect European data unless that is encrypted by the companies themselves, and the cloud computing providers do *not* have access to the keys. Indeed, if the data is encrypted in this way, local storage is not so important, since the NSA will have an equally hard time decrypting it wherever it is held - as far as we know, that is.

Because of that recent US court judgment ordering Microsoft to hand over emails held in Ireland, many people are now aware of the dangers of cloud computing in the absence of encryption under the control of the customer. But very few seem to have woken up to the problems of backdoors in proprietary software that I mentioned at the start of this post. One important exception is the German government, which according to Sky News is working on an extremely significant law in this area

Read more

OpenSSL, Bash bugs show why firms should back FOSS projects

Filed under
OSS
Security

This year has been an unusual one for free software in that two popular projects have been hit by vulnerabilities that have had wide ramifications for all classes of software. And that is one good reason why the big proprietary software firms should look to support such projects financially.

Read more

[Announce] GnuPG 2.1.0 "modern" released

Filed under
GNU
Security

GnuPG, also known as GPG, allows to encrypt and sign data and
communication, features a versatile key management system as well as
access modules for public key directories. GnuPG itself is a command
line tool with features for easy integration with other applications.
A wealth of frontend applications and libraries making use of GnuPG
are available. Since version 2 GnuPG provides support for S/MIME and
Secure Shell in addition to OpenPGP.

Read more

Top tips for making your Embedded Linux device secure

Filed under
Linux
Security

The internet of things (IoT) offers endless possibilities for smart devices and their applications. So it’s no wonder that the IoT is as equally tempting to hackers, as it is to developers, keen to showcase their latest developments.

A lack of security issues doesn’t mean you’re OK – you’re probably just not being targeted yet.

This paper is designed to help anyone who is developing an internet-enabled Linux device for personal or business use. It highlights the main areas to consider and provides a practical checklist for developing applications for Embedded Linux.

Read more

New OpenBSD version includes fork of OpenSSL

Filed under
Security
BSD

The OpenBSD project has released version 5.6 of its operating system. It includes LibreSSL, the fork of the OpenSSL cryptographic library in which a serious vulnerability was discovered earlier this year.

Read more

LastPass releases Open Source command line client

Filed under
OSS
Security

LastPass has published an open source command line application to provide terminal-loving devs with alternative access to their passwords and login data.

The outfit says the app improves user security, with a growing list of commands that lets users edit their LastPass data. It also supports functions such as regular automated password changes and the ability to generate and store passwords for servers.

LastPass community manager Amber Gott said it welcomed community pull requests.

Read more

Syndicate content

More in Tux Machines

Arch Linux 2015.03.01 Is Now Available for Download

A brand-new ISO image of the lightweight, highly customizable and powerful Arch Linux computer operating system has been released today, March 1, 2015, for those who want to deploy the acclaimed distribution on new computers. Read more

Cuberox, App-Driven Linux-Based Cube, Has Six Touch Screens

Vancouver-based startup Cuberox launched a new Kickstarter campaign on Tuesday to raise funds for a Linux-based cube of the same name. This gadget sports a touch-enabled screen on each side and is capable of running six apps simultaneously. The campaign is shooting to acquire $150,000 in funding before the March 29, 2015 deadline. Read more

Rancher Labs builds Linux system for Docker

As Docker continues to gain popularity, more and more minimalist operating systems are emerging to run the platform in production and at scale. Rancher Labs recently announced a new open-source operating system designed explicitly for Docker. While Docker is able run on almost any Linux distribution, RancherOS was conceptualized out of the company’s own needs, according to Sheng Liang, founder and CEO of Rancher Labs. Read more

The state of Linux gaming in the SteamOS era

For decades after Linux's early '90s debut, even the hardest of hardcore boosters for the open source operating system had to admit that it couldn't really compete in one important area of software: gaming. "Back in around 2010 you only had two choices for gaming on Linux," Che Dean, editor of Linux gaming news site Rootgamer recalls. "Play the few open source titles, Super Tux Kart and so on, or use WINE to play your Windows titles." Read more