LastPass has published an open source command line application to provide terminal-loving devs with alternative access to their passwords and login data.
The outfit says the app improves user security, with a growing list of commands that lets users edit their LastPass data. It also supports functions such as regular automated password changes and the ability to generate and store passwords for servers.
LastPass community manager Amber Gott said it welcomed community pull requests.
It has advanced far beyond the primitive proof of concept demonstrated more than four years ago. Release 2 (beta), which arrived in late September, is a powerful desktop OS.
Qubes succeeds in seamless integrating security by isolation into the user experience. However, comparing Qubes to a typical Linux distro is akin to comparing the Linux OS to Unix.
If you are using a Sony Xperia device running either Android 4.4.2 or 4.4.4 it’s advised (by me) that you install a custom ROM on your device. Several reports have appeared online that the stock firmware on these devices contains Baidu spyware that is discreetly sending data back to servers in China, you do not need to have installed any software on your phone as it’s bundled into the firmware.
Containerization technology has been a game-changer, powering Docker and other transformative software solutions. It's also garnered its share of criticisms about performance, security, and resiliency.
But one of the creators of Parallels, a key containerization technology on Linux, is pushing back against what he feels are pervasive myths about containers -- many of which, he argues, are rooted in misunderstandings of how to use them and what they're for.
This Public Service Announcement is a follow up to SA-CORE-2014-005 - Drupal core - SQL injection. This is not an announcement of a new vulnerability in Drupal.
Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement of SA-CORE-2014-005 - Drupal core - SQL injection. You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement.
Today we're releasing Qubes OS R2! I'm not gonna write about all the cool features in this release because you can find all this in our wiki and previous announcements (R2-beta1, R2-beta2, R2-beta3, R2-rc1, and R2-rc2). Suffice to say that we've come a long way over those 4+ years from a primitive proof of concept to a powerful desktop OS which, I believe, it is today.
One of the biggest difficulties we have been facing with Qubes since the very beginning, has been the amount of this extra, not-so-exciting, not directly security-related work, but so much needed to ensure things actually work. Yet, the line between what is, and what is not-security related, is sometimes very thin and one can easily cross it if not being careful.
For Intel Core i7 5960X Haswell-E Linux testing I originally bought an MSI X99S SLI PLUS motherboard as it was one of the most interesting, lowest-priced boards available at the time of the Intel X99 chipset debut. While I initially ran into some problems, those issues have now been confirmed to be isolated, and with a replacement X99S SLI PLUS motherboard I have been stressing it constantly for the past few weeks on Fedora and Ubuntu. The X99S SLI PLUS has now proven itself to be a reliable motherboard that's still among the least expensive X99 ATX motherboards on the market.
Kickstarter is apparently not the place to go if you’re trying to crowdfund privacy hardware. Just days after the Anonabox project, a highly criticized effort to package the Tor privacy protection service into a portable miniature Wi-Fi router, was suspended by the crowdfunding site, another similar project has met its demise—and its founder’s account has been deleted.
TorFi, which Ars mentioned in a report on October 21, was a project by Jesse Enjaian and David Xu of Berkeley, California aimed at creating home routers with turnkey Tor protection and support for OpenVPN connections—allowing users to route all their Internet traffic either through Tor's "onion router" network or a virtual private network provider of their choice. The project’s initial pitch was dependent on repurposing routers from TP-Link purchased through retail and re-flashing them with a customized version of the OpenWRT embedded operating system.
I agree that the security of a container isn’t any better than a well-secured application using sys_setcap(), a custom suite of SeLinux labels, and a roll-your-own use of Linux namespaces. However, that’s precisely what Linux containers are. Containers are not contradictory to other, existing best-practices. They’re not contradictory to VMs, but work well with them. It’s not contradictory to SeLinux or AppArmor, but works with them. In fact, when you come down to it, once you start tweaking and configuring all of the security tunables in Linux to secure your application as much as possible, you’ll realize that you’ve simply rolled your own container solution.