Security

ID theft, vulnerabilities, privacy issues, etc

Linux and the sheer utter misery of viruses

Filed under
Linux
Security

computerworlduk.com: In our cosy *nix world we don't suffer from viruses, or rather we didn't. But thanks to an amazing piece of reverse engineering we have SAMBA. What this means is that we can have viruses by proxy if any Linux network we deploy has Windows workstations...

Security in Linux

Filed under
Linux
Security

linuxuser.co.uk: Over the last few years, system security has gained a lot of momentum and software professionals are focusing heavily on this aspect. Linux is often treated as a highly secure operating system. However, the reality is that Linux too has its own share of security flaws.

Developer Ponders Release of Linux Malware

Filed under
Linux
Security

eweekeurope.co.uk: The lack of malware on Linux may be about to change after a developer admitted he has developed a 'package of malware for Unix/Linux'

FreeBSD bug gives untrusted root access

Filed under
Security
BSD

theregister.co.uk: A security bug in the latest version of the FreeBSD can be exploited to grant unprivileged users complete control over the operating system, a German researcher said Monday.

Advisory Against WiFi Drivers in Linux Staging Tree

Filed under
Linux
Software
Security

ubuntu-user.com: Dan Williams, Red Hat collaborator and NetworkManager developer, might be upset but doesn't let it get to him. In the GNOME blog, he advises "just say no" to WiFi drivers in the linux-staging tree and recommends changes.

NSA helps Apple, Sun and Red Hat harden their systems

Filed under
Linux
Software
Security

h-online.com: That the American National Security Agency has previously helped Microsoft harden various Windows versions is old hat, but what is news is that the NSA now also assists Apple, Sun and Red Hat with increasing the security of their operating systems.

HookSafe Protects Kernel from Rootkits

Filed under
Linux
Security

linux-magazine.com: A research group in the computer sciences faculty at the North Carolina State University has written a prototype for a rootkit protector that uses kernel object hooks.

Vulnerability in the GIMP image editing tool

Filed under
Security
GIMP

h-online.com: According to security services provide Secunia, a vulnerability in the free image editing tool GIMP (GNU Image Manipulation Program) can potentially be exploited to compromise a users system.

A strangely compromised Linux box

Filed under
Linux
Security

aplawrence.com: A customer reported that a Linux machine used for ssh access (to in turn give telnet access to an ancient SCO machine) was refusing logins. I asked him to try logging in as root at the console; he was unable to do so.

Another Protocol Bites The Dust

Filed under
Security

links.org: For the last 6 weeks or so, a bunch of us have been working on a really serious issue in SSL. In short, a man-in-the-middle can use SSL renegotiation to inject an arbitrary prefix into any SSL session, undetected by either end.

GNOME Keyring

Filed under
Software
Security

mdeslaur.blogspot: For the past week or so, people have been talking about a “security issue” in Seahorse. This sums up my opinion on the matter: This isn't a security issue, and there is no good way to fix it.

Bug in latest Linux gives untrusted users root access

Filed under
Linux
Security

theregister.co.uk: A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open-source operating system.

GNOME Cleartext Passwords: Bug or Feature?

Filed under
Software
Security

ubuntu-user.com: The current discussion in the Ubuntu forums is about a possible security hole in GNOME, specifically about GNOME registered users having their passwords appear as cleartext on the keyring. Not a bug, say its defenders, but the security concept behind the GNOME keyring.

Gnome Lets Anyone See Your Keyring Passwords

Filed under
Software
Security

omgubuntu.co.uk: A security hole in Gnome allows anyone to see your keyring passwords without needing to enter so much as a password.

Vulnerabilities in several PDF applications

Filed under
Security

h-online.com: Security holes in numerous PDF applications allow attackers to infect systems with malware. Linux distributor Red Hat has already released new packages for these applications, and other distributors are likely to follow soon.

FreeBSD Local Root Escalation Vulnerability

Filed under
Security
BSD

darknet.org.uk: It’s been a long time since we’ve heard about a problem with FreeBSD, partially because the mass of people using it isn’t that large and secondly because BSD tends to be pretty secure as operating systems go.

Bug exposes eight years of Linux kernel

Filed under
Linux
Security

theregister.co.uk: Linux developers have issued a critical update for the open-source OS after researchers uncovered a vulnerability in its kernel that puts most versions built in the past eight years at risk of complete takeover.

Palm accused of 'spying' on Pre owners

Filed under
Hardware
Security

telegraph.co.uk: Palm Pre owner Joey Hess claims to have uncovered code within the phone's operating system which shows that the device is sending back information about his location to Palm.

Dangerous Security Flaw Likely Just a Hoax

Filed under
Security

pcworld.com: A claim of a software vulnerability in a program used to connect securely to servers across the Internet is likely a hoax, according to an analyst with the SANS Internet Storm Center.

Rumours of critical vulnerability in OpenSSH in Red Hat Enterprise Linux

Filed under
Linux
Security

h-online.com: A posting on the Web Hosting Talk forum is feeding speculation about a critical security vulnerability in the OpenSSH server in CentOS/Red Hat Enterprise Linux (RHEL).

Syndicate content