Language Selection

English French German Italian Portuguese Spanish

Security

New OpenBSD version includes fork of OpenSSL

Filed under
Security
BSD

The OpenBSD project has released version 5.6 of its operating system. It includes LibreSSL, the fork of the OpenSSL cryptographic library in which a serious vulnerability was discovered earlier this year.

Read more

LastPass releases Open Source command line client

Filed under
OSS
Security

LastPass has published an open source command line application to provide terminal-loving devs with alternative access to their passwords and login data.

The outfit says the app improves user security, with a growing list of commands that lets users edit their LastPass data. It also supports functions such as regular automated password changes and the ability to generate and store passwords for servers.

LastPass community manager Amber Gott said it welcomed community pull requests.

Read more

Security-Minded Qubes OS Will Satisfy Your Yen for Xen

Filed under
GNU
Linux
Security

It has advanced far beyond the primitive proof of concept demonstrated more than four years ago. Release 2 (beta), which arrived in late September, is a powerful desktop OS.

Qubes succeeds in seamless integrating security by isolation into the user experience. However, comparing Qubes to a typical Linux distro is akin to comparing the Linux OS to Unix.

Read more

Sony Xperia devices are sendng your data to China

Filed under
Android
Security

If you are using a Sony Xperia device running either Android 4.4.2 or 4.4.4 it’s advised (by me) that you install a custom ROM on your device. Several reports have appeared online that the stock firmware on these devices contains Baidu spyware that is discreetly sending data back to servers in China, you do not need to have installed any software on your phone as it’s bundled into the firmware.

Read more

Parallels CTO: Linux container security is not the problem

Filed under
GNU
Linux
Security

Containerization technology has been a game-changer, powering Docker and other transformative software solutions. It's also garnered its share of criticisms about performance, security, and resiliency.

But one of the creators of Parallels, a key containerization technology on Linux, is pushing back against what he feels are pervasive myths about containers -- many of which, he argues, are rooted in misunderstandings of how to use them and what they're for.

Read more

Drupal Core - Highly Critical - Public Service announcement - PSA-2014-003

Filed under
Drupal
Security

This Public Service Announcement is a follow up to SA-CORE-2014-005 - Drupal core - SQL injection. This is not an announcement of a new vulnerability in Drupal.

Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement of SA-CORE-2014-005 - Drupal core - SQL injection. You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement.

Read more

Announcing Qubes OS Release 2!

Filed under
GNU
Linux
Security

Today we're releasing Qubes OS R2! I'm not gonna write about all the cool features in this release because you can find all this in our wiki and previous announcements (R2-beta1, R2-beta2, R2-beta3, R2-rc1, and R2-rc2). Suffice to say that we've come a long way over those 4+ years from a primitive proof of concept to a powerful desktop OS which, I believe, it is today.

One of the biggest difficulties we have been facing with Qubes since the very beginning, has been the amount of this extra, not-so-exciting, not directly security-related work, but so much needed to ensure things actually work. Yet, the line between what is, and what is not-security related, is sometimes very thin and one can easily cross it if not being careful.

Read more

MSI X99S SLI PLUS On Linux

Filed under
Linux
Security

For Intel Core i7 5960X Haswell-E Linux testing I originally bought an MSI X99S SLI PLUS motherboard as it was one of the most interesting, lowest-priced boards available at the time of the Intel X99 chipset debut. While I initially ran into some problems, those issues have now been confirmed to be isolated, and with a replacement X99S SLI PLUS motherboard I have been stressing it constantly for the past few weeks on Fedora and Ubuntu. The X99S SLI PLUS has now proven itself to be a reliable motherboard that's still among the least expensive X99 ATX motherboards on the market.

Read more

Another Tor router crowdfunding project nixed by Kickstarter

Filed under
Android
Linux
Security

Kickstarter is apparently not the place to go if you’re trying to crowdfund privacy hardware. Just days after the Anonabox project, a highly criticized effort to package the Tor privacy protection service into a portable miniature Wi-Fi router, was suspended by the crowdfunding site, another similar project has met its demise—and its founder’s account has been deleted.

TorFi, which Ars mentioned in a report on October 21, was a project by Jesse Enjaian and David Xu of Berkeley, California aimed at creating home routers with turnkey Tor protection and support for OpenVPN connections—allowing users to route all their Internet traffic either through Tor's "onion router" network or a virtual private network provider of their choice. The project’s initial pitch was dependent on repurposing routers from TP-Link purchased through retail and re-flashing them with a customized version of the OpenWRT embedded operating system.

Read more

On the Security of Containers

Filed under
Linux
Security

I agree that the security of a container isn’t any better than a well-secured application using sys_setcap(), a custom suite of SeLinux labels, and a roll-your-own use of Linux namespaces. However, that’s precisely what Linux containers are. Containers are not contradictory to other, existing best-practices. They’re not contradictory to VMs, but work well with them. It’s not contradictory to SeLinux or AppArmor, but works with them. In fact, when you come down to it, once you start tweaking and configuring all of the security tunables in Linux to secure your application as much as possible, you’ll realize that you’ve simply rolled your own container solution.

Read more

Syndicate content

More in Tux Machines

today's leftovers

  • XDC2015 X.Org Conference Announced, CFP Issued
  • Persistent Memory Microconference Accepted into 2015 Linux Plumbers Conference
    The topic of persistent memory is back to the future for those of us old enough to have used core memory, but today’s persistent memory boasts densities, speeds, latencies, and capacities that are well beyond the scope even of science fiction back in the core-memory era.
  • AllSeen Alliance Strengthens IoT Open Source Ecosystem With 20 New Members
    The AllSeen Alliance, a cross-industry collaboration to advance the Internet of Everything through an open source software project, today announced 20 new members have joined the initiative. This marks the sixth consecutive month with double-digit member growth for the AllSeen Alliance, with more than 70 companies joining the initiative since January. Furthermore, these new members hold expertise across critical horizontal areas of the Internet of Things (IoT) -- telecommunications and networking operators, software developers, IoT platforms and solutions, product companies and smart home automation.
  • Libinput 0.16 Now Supports Devices Like The Chromebook Pixel
    The plans for Libinput 1.0 haven't yielded fruit yet, but libinput 0.16 is out this afternoon as the latest version of this input library used both by Wayland and X11 (and potentially Mir moving forward).
  • libinput and the lack of device types
    libinput uses udev tags to determine what a device is. This is a significant difference to the X.Org stack which determines how to deal with a device based on an elaborate set of rules, rules grown over time, matured, but with a slight layer of mould on top by now. In evdev's case that is understandable, it stems from a design where you could just point it at a device in your xorg.conf and it'd automagically work, well before we had even input hotplugging in X. What it leads to now though is that the server uses slightly different rules to decide what a device is (to implement MatchIsTouchscreen for example) than evdev does. So you may have, in theory, a device that responds to MatchIsTouchscreen only to set itself up as keyboard.
  • AMD Catalyst 15.5 Beta Linux Driver Surfaces
    AMD is finally out with a big Catalyst Linux driver update!
  • NVIDIA/Nouveau PerfKit Implemented Over Gallium3D State Tracker
    Samuel Pitoiset today unveiled his long sought after patches for implementing NVIDIA's PerfKit performance utility as a Gallium3D state tracker for use by the open-source Linux graphics drivers.
  • Intel Compute Stick Performance Surprises Under Ubuntu Linux
    All of the Intel x86 systems were running Ubuntu 15.04 with the Linux 4.1 kernel and the rest of the same software make-up. With the Utilite, Ubuntu 12.04 with the Linux 3.0 kernel was used due to newer releases not being supported by CompuLab. With the Jetson TK1 was Ubuntu 14.04 with the Linux 3.10 kernel, likewise due to NVIDIA not providing any newer official images. Due to running OpenGL (non-GLES) tests, only for the x86 systems are the graphics test results while for all of the processor-bound tests are results for all six systems in total.
  • Qt 5.4.2 Officially Released
    While Qt 5.5 is hopefully shipping at the end of the month, Qt 5.4.2 is the newest stable version today. Qt 5.4.2 has important security fixes for the Qt WebEngine, DoS vulnerability fix for its BMP image handler, and various other security fixes. There's also updates in Qt 5.4.2 for third-party libraries bundled within this leading open-source tool-kit.
  • Qt 5.4.2 and Qt Creator 3.4.1 Officially Released with Multiple Improvements and Fixes
    On June 2, the Qt Company, through Tuukka Turunen, announced the immediate availability for download of the second patch release for the stable Qt 5.4 series of the world's most acclaimed GUI toolkit.
  • It is official, Marble is coming to Android
    First, I would like to announce, I have been chosen as a Google Summer of Code student and my task is to provide a working version of Marble on Android at the end of the summer.
  • Count downs: T -10 hours, -12 days, -30 days, -95 days
    So the first fundraiser I’d like to write about is the Make Krita faster than Photoshop Kickstarter campaign. It’s almost over and is already a success but that doesn’t mean you can’t still become a supporter of this awesome painting application. And for the case you shouldn’t have seen it there was a series of interviews with Krita users (and thus users of KDE software) you should have read at least in part.
  • Take control of your file systems with Konqueror
    Each of these profiles configures Konqueror in a specific way for a specific task. You can then use these as starting points configure Konqueror to meet your specific needs and save a profile so that you can reconfigure Konqueror at any time to meet those needs. Even when configured for one task, such as file management, Konqueror can be used for other tasks such as web browsing.
  • KDEPIM KF5
    I started porting of kdepim to KF5 1 year ago (in may 2014). When I started it I thought that it should be easy. But it was not easy because firstly KF5 was not release and it was not stable, there was some bugs. Secondary kdepim is not just KMail, it contains the kdepim libs + akonadi + kdepim runtime + kdepim apps (as korganizer, kmail, etc.).
  • Cinnamon 2.6 Yields Lower CPU Usage
  • Cinnamon 2.6
    On behalf of the team and all the developers who contributed to this build, I am proud to announce the release of Cinnamon 2.6!
  • Tiny Core v6.3
    Team Tiny Core is proud to announce the release of Core v6.3...
  • Peppermint OS Six Screencast and Screenshots
  • Peppermint OS Six released
  • Peppermint Six is Here!
    Peppermint is excited to announce the launch of our latest operating system Peppermint Six. Lightweight and designed for speed, Peppermint Six delivers on that promise whether using software on your desktop, online, or using cloud based apps.
  • [Slackware] KDE 5_15.06 with a few useful fixes
    Yesterday there was a new release for the KDE Applications. I know that I updated my KDE 5 package set barely a week ago, but there were a few updates that I wanted to push anyway, so adding the updated Applications packages seemed like the proper thing to do.
  • Improving update of existing debian/copyright file
  • Reproducible builds: week 5 in Stretch cycle
  • Qseven COM runs Linux on 14nm Braswell, offers 4K video
    Congatec’s “Conga-QA4″ Qseven COM is based on Intel’s 14nm “Braswell” Pentium and Celeron SoCs, and offers MIPI-CSI, dual SATA ports, and 4K video.
  • Expandable 3.5-inch SBC runs Linux on Bay Trail SoCs
    Axiomtek’s “CAPA840″ SBC supports Atom E3800 SoCs, and offers -20 to 70°C support, wide-range power, dual mini-PCIe, and a “ZIO” connector for I/O modules.
  • Sysadmin adventures: When weather threatens our work
    With summer fast approaching in Boston, I appreciate the FSF office's air conditioning system. It keeps us comfortable in the heat, but during the record-breaking snowfall this winter, the system broke down, and as a result I found myself on an unexpected adventure.
  • Google’s Project Vault Is A Secure Computing Environment On A Micro SD Card, For Any Platform
    Onboard the Vault itself is an ARM processor running RTOS, a secure operating system focused on privacy and data security. It also has an NFC chip and an antenna (for proving that you are in control and that it’s correctly authorized). Finally, there’s a suite of cryptographic services, including hashing, signing, batch encryption and a hardware random number generator.
  • Cavium, System Makers Unveil ARM-Based Servers, Boards
    As Computex 2015 gets under way, server makers like Asus and Gigabyte announce they are using Cavium's ThunderX SoCs in new systems.
  • Tuesday's security updates
  • OpenSSL Certificate Authority v1.0.0
    I’ve recently made many improvements and additions. The series is now available as a standalone document titled OpenSSL Certificate Authority. Make sure you check it out!
  • Majority of websites have serious, unfixed vulnerabilities
    In a recent analysis of more than 30,000 websites, most had at least one serious vulnerability for 150 or more days last year.
  • StackIQ debuts fastest, easiest open-source bare-metal installer for Linux server provisioning
    StackIQ, Inc., makers of the Warehouse-grade automation platform for any large-scale server infrastructure, today announced the release of open source Stacki (short for “Stack Installer”), the world’s fastest and easiest-to-use Linux server provisioning tool. With Stacki, there are zero prerequisites for taking systems from bare metal to ‘a ping and a prompt.’ Alongside this new release, the company made available a one-day, on-site Stacki training and an implementation service for users who want to use the tools immediately for production servers.
  • A good start with room to improve: Thoughts on Citrix's Linux VDA, plus a video demo from Citrix Synergy 2015
    One of the more surprising things in a relatively unsurprising Citrix Synergy was the round of applause created by the announcement of the Linux VDA Tech Preview. I think it’s great, but it’s not the kind of announcement you’d think would garner much more than a murmur, let alone get a larger reaction from the audience than the iBand’s rendition of “Hey Ya!"
  • The Worm (Dell) Has Turned
    Amazing. Wonders never cease in 2015, The Year Of The GNU/Linux Desktop.
  • Is Eye Candy Doomed?
    With the popularity of mobile computing, some thought that windows would not be necessary anymore. The guys at Redmond, for example, made an atrocity of an OS and trumpeted as the latest-greatest. It dismissed the idea of windows because all apps ran full screen. Way to go! Especially if one uses a big monitor...what a waste of screen real estate!

Leftovers: Software

today's howtos

Leftovers: Gaming