Language Selection

English French German Italian Portuguese Spanish

Security

Feeling Scammed After Anonabox? Android-Based Project Sierra Claims To Be The Real Deal

Filed under
Android
Linux
Security

In the wake of former NSA contractor Edward Snowden's big reveal on government spying, there's been a concerted effort by companies big and small to try and make our lives truly private. One seemingly promising solution was Anonabox, a little plug-and-play device that routes traffic through Tor to keep our online activities anonymous. Unfortunately, we were all misled on a number of levels, prompting Kickstarter to remove the project forever. Hot on its heels is Project Sierra, a network encryption device that's supposedly the real deal.

Read more

Linux Container Security

Filed under
Linux
Security

Hypervisors present a smaller attack surface than containers. This is somewhat mitigated in containers by using seccomp, selinux and restricting capabilities in order to reduce the number of kernel entry points that untrusted code can touch, but even so there is simply a greater quantity of privileged code available to untrusted apps in a container environment when compared to a hypervisor environment[1].

Read more

NSA recommends several Samsung smartphones

Filed under
Android
Security

The list of allowed smartphones, which US officials may share confidential information has become a bit longer. The National Information Assurance Partnership (NIAP) - a product tester under the supervision of the NSA - announced Tuesday the green light for the S5 Galaxy, Galaxy Note 4 and the tablet Galaxy Note 10.1 (2014 Edition).

Read more

Free and Open Source Electronic Signature in Costa Rica

Filed under
LibO
OSS
Security

The LibreOffice component designed by the University of Costa Rica (UCR) is similar to similar software enhancements currently used for electronic signatures in other countries.

Read more

TOR GUI `SELEKTOR` SEES NEW MAJOR RELEASE

Filed under
OSS
Security

SelekTOR, an open source Java-based GUI front-end for Tor, was updated to version 3.12 (now 3.12e) recently and it includes new advanced options as well as a new Tor Monitor panel that shows the Tor client startup info and its current status.

Read more

UNITY PRIVACY INDICATOR 0.4 RELEASED WITH NEW PRIVACY SETTINGS

Filed under
Security
Ubuntu

For those not familiar with Privacy Indicator, this is an Ubuntu AppIndicator especially created for Unity, which allows you to control various privacy aspects.

Until this release, the indicator could be used to enable / disable Dash online search results and Zeitgeist logging (and also clear the Zeitgeist log), clear recently used files (which show up in the Nautilus or Nemo "Recent" sidebar item for instance) and to show or hide your real name on the Unity panel.

Read more

Kickstarter pulls Anonabox, a Tor-enabled router that raised over $585,000

Filed under
Development
Security

The Anonabox, which was created by August Germar, of Chico, California, aimed to be an “open source embedded networking device designed specifically to run Tor.” Its fundraising goal was $7,500, and in five days, it raised $585,549 from nearly 9,000 backers—including three Ars editors.

Germar told Ars that he was not aware that it had been suspended until Ars forwarded him an e-mail from Kickstarter outlining the possible reasons why it could have been cancelled.

Read more

Tor Browser 4.0 is released

Filed under
Security
Web

This release also features an in-browser updater, and a completely reorganized bundle directory structure to make this updater possible. This means that simply extracting a 4.0 Tor Browser over a 3.6.6 Tor Browser will not work. Please also be aware that the security of the updater depends on the specific CA that issued the www.torproject.org HTTPS certificate (Digicert), and so it still must be activated manually through the Help ("?") "about browser" menu option. Very soon, we will support both strong HTTPS site-specific certificate pinning (ticket #11955) and update package signatures (ticket #13379). Until then, we do not recommend using this updater if you need stronger security and normally verify GPG signatures.

Read more

DOCKER 1.3: SIGNED IMAGES, PROCESS INJECTION, SECURITY OPTIONS, MAC SHARED DIRECTORIES

Filed under
Linux
Server
Security

First up, in this release, the Docker Engine will now automatically verify the provenance and integrity of all Official Repos using digital signatures. Official Repos are Docker images curated and optimized by the Docker community to be the best building blocks for assembling distributed applications. A valid signature provides an added level of trust by indicating that the Official Repo image has not been tampered with.

Read more

What you need to know about the SSLv3 “POODLE” flaw (CVE-2014-3566)

Filed under
Red Hat
Security

So, the bottom line is: on servers and clients, disable SSLv3 (and, of course, older). Updates to Fedora packages which make this the default will be forthcoming, but in the meantime, you can do it manually. Red Hat is working on a security blog article explaining the steps to take for different software; we’ll link to that when it becomes available.

Read more

Syndicate content

More in Tux Machines

Ubuntu Spotted in Google's Revolutionary Soli Radar Project for Hand Motion

Project Soli is a new project from Google that aims to integrate radar technology into a small chip that can be used to track hand motions, and from the looks of it, the engineers are using Ubuntu. Read more

today's leftovers

  • XDC2015 X.Org Conference Announced, CFP Issued
  • Persistent Memory Microconference Accepted into 2015 Linux Plumbers Conference
    The topic of persistent memory is back to the future for those of us old enough to have used core memory, but today’s persistent memory boasts densities, speeds, latencies, and capacities that are well beyond the scope even of science fiction back in the core-memory era.
  • AllSeen Alliance Strengthens IoT Open Source Ecosystem With 20 New Members
    The AllSeen Alliance, a cross-industry collaboration to advance the Internet of Everything through an open source software project, today announced 20 new members have joined the initiative. This marks the sixth consecutive month with double-digit member growth for the AllSeen Alliance, with more than 70 companies joining the initiative since January. Furthermore, these new members hold expertise across critical horizontal areas of the Internet of Things (IoT) -- telecommunications and networking operators, software developers, IoT platforms and solutions, product companies and smart home automation.
  • Libinput 0.16 Now Supports Devices Like The Chromebook Pixel
    The plans for Libinput 1.0 haven't yielded fruit yet, but libinput 0.16 is out this afternoon as the latest version of this input library used both by Wayland and X11 (and potentially Mir moving forward).
  • libinput and the lack of device types
    libinput uses udev tags to determine what a device is. This is a significant difference to the X.Org stack which determines how to deal with a device based on an elaborate set of rules, rules grown over time, matured, but with a slight layer of mould on top by now. In evdev's case that is understandable, it stems from a design where you could just point it at a device in your xorg.conf and it'd automagically work, well before we had even input hotplugging in X. What it leads to now though is that the server uses slightly different rules to decide what a device is (to implement MatchIsTouchscreen for example) than evdev does. So you may have, in theory, a device that responds to MatchIsTouchscreen only to set itself up as keyboard.
  • AMD Catalyst 15.5 Beta Linux Driver Surfaces
    AMD is finally out with a big Catalyst Linux driver update!
  • NVIDIA/Nouveau PerfKit Implemented Over Gallium3D State Tracker
    Samuel Pitoiset today unveiled his long sought after patches for implementing NVIDIA's PerfKit performance utility as a Gallium3D state tracker for use by the open-source Linux graphics drivers.
  • Intel Compute Stick Performance Surprises Under Ubuntu Linux
    All of the Intel x86 systems were running Ubuntu 15.04 with the Linux 4.1 kernel and the rest of the same software make-up. With the Utilite, Ubuntu 12.04 with the Linux 3.0 kernel was used due to newer releases not being supported by CompuLab. With the Jetson TK1 was Ubuntu 14.04 with the Linux 3.10 kernel, likewise due to NVIDIA not providing any newer official images. Due to running OpenGL (non-GLES) tests, only for the x86 systems are the graphics test results while for all of the processor-bound tests are results for all six systems in total.
  • Qt 5.4.2 Officially Released
    While Qt 5.5 is hopefully shipping at the end of the month, Qt 5.4.2 is the newest stable version today. Qt 5.4.2 has important security fixes for the Qt WebEngine, DoS vulnerability fix for its BMP image handler, and various other security fixes. There's also updates in Qt 5.4.2 for third-party libraries bundled within this leading open-source tool-kit.
  • Qt 5.4.2 and Qt Creator 3.4.1 Officially Released with Multiple Improvements and Fixes
    On June 2, the Qt Company, through Tuukka Turunen, announced the immediate availability for download of the second patch release for the stable Qt 5.4 series of the world's most acclaimed GUI toolkit.
  • It is official, Marble is coming to Android
    First, I would like to announce, I have been chosen as a Google Summer of Code student and my task is to provide a working version of Marble on Android at the end of the summer.
  • Count downs: T -10 hours, -12 days, -30 days, -95 days
    So the first fundraiser I’d like to write about is the Make Krita faster than Photoshop Kickstarter campaign. It’s almost over and is already a success but that doesn’t mean you can’t still become a supporter of this awesome painting application. And for the case you shouldn’t have seen it there was a series of interviews with Krita users (and thus users of KDE software) you should have read at least in part.
  • Take control of your file systems with Konqueror
    Each of these profiles configures Konqueror in a specific way for a specific task. You can then use these as starting points configure Konqueror to meet your specific needs and save a profile so that you can reconfigure Konqueror at any time to meet those needs. Even when configured for one task, such as file management, Konqueror can be used for other tasks such as web browsing.
  • KDEPIM KF5
    I started porting of kdepim to KF5 1 year ago (in may 2014). When I started it I thought that it should be easy. But it was not easy because firstly KF5 was not release and it was not stable, there was some bugs. Secondary kdepim is not just KMail, it contains the kdepim libs + akonadi + kdepim runtime + kdepim apps (as korganizer, kmail, etc.).
  • Cinnamon 2.6 Yields Lower CPU Usage
  • Cinnamon 2.6
    On behalf of the team and all the developers who contributed to this build, I am proud to announce the release of Cinnamon 2.6!
  • Tiny Core v6.3
    Team Tiny Core is proud to announce the release of Core v6.3...
  • Peppermint OS Six Screencast and Screenshots
  • Peppermint OS Six released
  • Peppermint Six is Here!
    Peppermint is excited to announce the launch of our latest operating system Peppermint Six. Lightweight and designed for speed, Peppermint Six delivers on that promise whether using software on your desktop, online, or using cloud based apps.
  • [Slackware] KDE 5_15.06 with a few useful fixes
    Yesterday there was a new release for the KDE Applications. I know that I updated my KDE 5 package set barely a week ago, but there were a few updates that I wanted to push anyway, so adding the updated Applications packages seemed like the proper thing to do.
  • Improving update of existing debian/copyright file
  • Reproducible builds: week 5 in Stretch cycle
  • Qseven COM runs Linux on 14nm Braswell, offers 4K video
    Congatec’s “Conga-QA4″ Qseven COM is based on Intel’s 14nm “Braswell” Pentium and Celeron SoCs, and offers MIPI-CSI, dual SATA ports, and 4K video.
  • Expandable 3.5-inch SBC runs Linux on Bay Trail SoCs
    Axiomtek’s “CAPA840″ SBC supports Atom E3800 SoCs, and offers -20 to 70°C support, wide-range power, dual mini-PCIe, and a “ZIO” connector for I/O modules.
  • Sysadmin adventures: When weather threatens our work
    With summer fast approaching in Boston, I appreciate the FSF office's air conditioning system. It keeps us comfortable in the heat, but during the record-breaking snowfall this winter, the system broke down, and as a result I found myself on an unexpected adventure.
  • Google’s Project Vault Is A Secure Computing Environment On A Micro SD Card, For Any Platform
    Onboard the Vault itself is an ARM processor running RTOS, a secure operating system focused on privacy and data security. It also has an NFC chip and an antenna (for proving that you are in control and that it’s correctly authorized). Finally, there’s a suite of cryptographic services, including hashing, signing, batch encryption and a hardware random number generator.
  • Cavium, System Makers Unveil ARM-Based Servers, Boards
    As Computex 2015 gets under way, server makers like Asus and Gigabyte announce they are using Cavium's ThunderX SoCs in new systems.
  • Tuesday's security updates
  • OpenSSL Certificate Authority v1.0.0
    I’ve recently made many improvements and additions. The series is now available as a standalone document titled OpenSSL Certificate Authority. Make sure you check it out!
  • Majority of websites have serious, unfixed vulnerabilities
    In a recent analysis of more than 30,000 websites, most had at least one serious vulnerability for 150 or more days last year.
  • StackIQ debuts fastest, easiest open-source bare-metal installer for Linux server provisioning
    StackIQ, Inc., makers of the Warehouse-grade automation platform for any large-scale server infrastructure, today announced the release of open source Stacki (short for “Stack Installer”), the world’s fastest and easiest-to-use Linux server provisioning tool. With Stacki, there are zero prerequisites for taking systems from bare metal to ‘a ping and a prompt.’ Alongside this new release, the company made available a one-day, on-site Stacki training and an implementation service for users who want to use the tools immediately for production servers.
  • A good start with room to improve: Thoughts on Citrix's Linux VDA, plus a video demo from Citrix Synergy 2015
    One of the more surprising things in a relatively unsurprising Citrix Synergy was the round of applause created by the announcement of the Linux VDA Tech Preview. I think it’s great, but it’s not the kind of announcement you’d think would garner much more than a murmur, let alone get a larger reaction from the audience than the iBand’s rendition of “Hey Ya!"
  • The Worm (Dell) Has Turned
    Amazing. Wonders never cease in 2015, The Year Of The GNU/Linux Desktop.
  • Is Eye Candy Doomed?
    With the popularity of mobile computing, some thought that windows would not be necessary anymore. The guys at Redmond, for example, made an atrocity of an OS and trumpeted as the latest-greatest. It dismissed the idea of windows because all apps ran full screen. Way to go! Especially if one uses a big monitor...what a waste of screen real estate!

Leftovers: Software

today's howtos