Security

ID theft, vulnerabilities, privacy issues, etc

Software flaws don't negate "many eyes" in open source

Filed under
OSS
Security

itworld.com: The allegations from Greg Perry regarding backdoors allegedly placed within OpenBSD about a decade ago seem to be shifting more and more into the realm of fantasy as each day goes by.

OpenBSD backdoor claims: bugs found during code audit

Filed under
Security
BSD

itwire.com: The OpenBSD project has found two bugs during an audit of the cryptographic code in which, it has been alleged, the FBI, through former developers, was able to plant backdoors.

OpenBSD backdoor claims denied

Filed under
Security
BSD

itwire.com: Two developers named as having played a role in creating backdoors for the FBI in the open cryptographic framework used in OpenBSD have denied they did so.

Government Backdoors in OpenBSD?

Filed under
Security
BSD

ostatic.com: We've all heard rumors of backdoors for governments or rogue elements of governments in Microsoft Windows systems, but did we ever think we might find it in the Open Source world? Well, according to Theo de Raadt, renowned Open Source developer, that just might be the case.

OOPS - Root privileges under Linux

Filed under
Linux
Security

Back door in ProFTPD FTP server

Filed under
Software
Security

h-online.com: Unknown attackers penetrated the server hosting the open source ProFTPD FTP server project and concealed a back door in the source code.

A history of viruses on Linux

Filed under
Linux
Software
Security

neowin.net: As requested by a user we wanted to give you a history of viruses on Linux. Given the tight security integrated into Linux, it is difficult to take advantage of a vulnerability on the computer, but some programmers have found ways around the security measures.

Android vulnerability permits data theft

Filed under
Security

h-online.com: Security expert Thomas Cannon has discovered a security vulnerability in the Android browser which can be exploited by attackers to read local files when a smartphone user visits a crafted web site.

EFF Tool Offers New Protection Against 'Firesheep'

Filed under
Security

eff.org: The Electronic Frontier Foundation (EFF) has launched a new version of HTTPS Everywhere, a security tool that offers enhanced protection for Firefox browser users against "Firesheep" and other exploits of webpage security flaws.

OpenSSL Issues Fix

Filed under
Software
Security

crn.com: The OpenSSL server has been patched to repair a critical security glitch that could be exploited in remote code execution attacks.

Another Flash update patches multiple vulnerabilities

Filed under
Software
Security

itwire.com: Adobe has released an update for Flash Player to address 18 vulnerabilities, some of which are regarded as critical.

Linux Java-Based Trojan Might Have Been an Accident

Filed under
Security

softpedia.com: A more detailed analysis of the recently discovered cross-platform social networking trojan, suggests that the Linux infection vector might have been an unintended side effect.

New Koobface Variant Infects Linux Systems

Filed under
Linux
Security

softpedia.com: Security researchers warn that a new drive-by download attack is capable of infecting Windows, Mac OS X and Linux systems with a new variant of the notorious Koobface worm.

Two Vulnerabilities Provide Root Access on Linux

Filed under
Linux
Security

pcworld.com: Two new vulnerabilities affecting Linux were uncovered this week that could potentially be used by malicious hackers to gain root privileges.

The Sheer Hypocrisy of Redmond's Stab at Internet Health

Filed under
Microsoft
Security
Web

linuxinsider.com: "Forcing every device to issue a 'health certificate' before being allowed to connect anywhere will restrict the OS market to corporate-backed players only," explained Montreal consultant Gerhard Mack. "No more Linux, *BSD or any experimental OS because they won't be able to generate the certificate."

Thank you, Linux! My Windows computer is infected

Filed under
Linux
Microsoft
Security
Humor

mandrivachronicles.blogspot: That's right. My desktop, which runs Windows, is infected and I blame Linux.

Some Android apps caught covertly sending GPS data to advertisers

Filed under
Security

arstechnica.com: The results of a study conducted by researchers from Duke University, Penn State University, and Intel Labs have revealed that a significant number of popular Android applications transmit private user data to advertising networks without explicitly asking or informing the user.

A Tale of Two Root Exploits, and Why We Shouldn't Panic

Filed under
Security

linuxinsider.com: "The article is alarmist," said Slashdot blogger Barbara Hudson, referring to a warning about a kernel bug. "It was ONE shared-hosting public-facing server at iWeb.com, among their tens of thousands of servers. "Are you running a publicly-facing shared-host server? No? Then don't worry about it."

SCAP: computer security for the rest of us

Filed under
Security

opensource.com: I'm setting up a new computer. I get through the registration screens, install my software, change my wallpaper, and everything's working fine. I'm left, though, with a lingering, uneasy feeling: I don't know if this machine is secure.

Syndicate content