Short bio: Computer Scientist, FOSS supporter (read more)
Tux Machines (TM)-specific
darknet.org.uk: It’s been a long time since we’ve heard about a problem with FreeBSD, partially because the mass of people using it isn’t that large and secondly because BSD tends to be pretty secure as operating systems go.
theregister.co.uk: Linux developers have issued a critical update for the open-source OS after researchers uncovered a vulnerability in its kernel that puts most versions built in the past eight years at risk of complete takeover.
telegraph.co.uk: Palm Pre owner Joey Hess claims to have uncovered code within the phone's operating system which shows that the device is sending back information about his location to Palm.
pcworld.com: A claim of a software vulnerability in a program used to connect securely to servers across the Internet is likely a hoax, according to an analyst with the SANS Internet Storm Center.
h-online.com: A posting on the Web Hosting Talk forum is feeding speculation about a critical security vulnerability in the OpenSSH server in CentOS/Red Hat Enterprise Linux (RHEL).
h-online.com: It has just become apparent that, on June 16, attackers hacked into the web server of the SquirrelMail open source project. The operators have suspended all accounts and reset all crucial passwords.
Some of the more nefarious Steganography tactics include hiding information for illegal reasons. Learn whats at stake and how to detect and thwart Steganography techniques and blunt its effectiveness.
cyberciti.biz: Linux kernel is the central component of Linux operating systems. It is responsible for managing the system's resources, the communication between hardware and software and security. Unfortunately, stock kernel is not secured out of box. There are some important Linux kernel patches to secure your box. They differ significantly.
ubuntu-nl.org/dennis: There’s one problem though: even when you generate a new gpg key that supports better hashing, your applications will still need to support the better hashing for it to be effective.
thelinuxlink.net: Today was a sad day. I found out my streaming mirror/microblog server had been cracked. They exploited webmin and set up shop. Alas, there is no one to blame but myself. This is how I believe it went down.
linuxsysconfig.com: I agree that Linux is less vulnerable than Windows, but that doesn’t make it immune to attackers. It’s not always about security flaws, buffer overflows or denial of service attacks. I came up with a list of 10 basic rules that should reduce the security risk.
blog.ibeentoubuntu.com: A new paper was presented in late March about using /dev/mem to inject and hide a rootkit (PDF), and the method has been getting some press, leading to a little concern.
This article covers cp, tar, and rsync, that can aid with the security of the synchronization of UNIX files
A chroot on Red Hat / CentOS / Fedora Linux operating changes the apparent disk root directory for the Apache process and its children. Once this is done attacker or other php / perl / python scripts cannot access or name files outside that directory. This is called a "chroot jail" for Apache. You should never ever run a web server without jail. There should be privilege separation between web server and rest of the system.
news.softpedia.com: Yesterday, November 27th, the Ubuntu developers discovered yet another security issue (actually, more than one) in the Linux kernel packages. These vulnerabilities affect the following Ubuntu distributions: 6.06 LTS, 7.10, 8.04 LTS and 8.10 (also applies to Kubuntu, Edubuntu and Xubuntu).