Language Selection

English French German Italian Portuguese Spanish

Security

A strangely compromised Linux box

Filed under
Linux
Security

aplawrence.com: A customer reported that a Linux machine used for ssh access (to in turn give telnet access to an ancient SCO machine) was refusing logins. I asked him to try logging in as root at the console; he was unable to do so.

Another Protocol Bites The Dust

Filed under
Security

links.org: For the last 6 weeks or so, a bunch of us have been working on a really serious issue in SSL. In short, a man-in-the-middle can use SSL renegotiation to inject an arbitrary prefix into any SSL session, undetected by either end.

GNOME Keyring

Filed under
Software
Security

mdeslaur.blogspot: For the past week or so, people have been talking about a “security issue” in Seahorse. This sums up my opinion on the matter: This isn't a security issue, and there is no good way to fix it.

Bug in latest Linux gives untrusted users root access

Filed under
Linux
Security

theregister.co.uk: A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open-source operating system.

GNOME Cleartext Passwords: Bug or Feature?

Filed under
Software
Security

ubuntu-user.com: The current discussion in the Ubuntu forums is about a possible security hole in GNOME, specifically about GNOME registered users having their passwords appear as cleartext on the keyring. Not a bug, say its defenders, but the security concept behind the GNOME keyring.

Gnome Lets Anyone See Your Keyring Passwords

Filed under
Software
Security

omgubuntu.co.uk: A security hole in Gnome allows anyone to see your keyring passwords without needing to enter so much as a password.

Vulnerabilities in several PDF applications

Filed under
Security

h-online.com: Security holes in numerous PDF applications allow attackers to infect systems with malware. Linux distributor Red Hat has already released new packages for these applications, and other distributors are likely to follow soon.

FreeBSD Local Root Escalation Vulnerability

Filed under
Security
BSD

darknet.org.uk: It’s been a long time since we’ve heard about a problem with FreeBSD, partially because the mass of people using it isn’t that large and secondly because BSD tends to be pretty secure as operating systems go.

Bug exposes eight years of Linux kernel

Filed under
Linux
Security

theregister.co.uk: Linux developers have issued a critical update for the open-source OS after researchers uncovered a vulnerability in its kernel that puts most versions built in the past eight years at risk of complete takeover.

Palm accused of 'spying' on Pre owners

Filed under
Hardware
Security

telegraph.co.uk: Palm Pre owner Joey Hess claims to have uncovered code within the phone's operating system which shows that the device is sending back information about his location to Palm.

Syndicate content

More in Tux Machines

OpenSUSE 13.2 Beta

Migrating From Windows 7 To Ubuntu: The Ultimate Guide

Despite what all the Linux haters say, choosing Ubuntu is logical and migrating from Windows 7 to Ubuntu is a breeze. This article summarizes the process and provides solutions to some of the most common beginner hiccups. The Windows Vs Mac Vs Linux debate has been going on for years and doesn’t look to be settled anytime soon. If you are a Windows 7 user and still haven’t made the switch to Windows 8, you may want to consider migrating to Ubuntu 14.04, the latest Linux distro from Ubuntu. In addition to strong support from developers and a massive software repository, it’s free, faster and safer than Windows. Read more

7 killer open source monitoring tools

Network and system monitoring is a broad category. There are solutions that monitor for the proper operation of servers, network gear, and applications, and there are solutions that track the performance of those systems and devices, providing trending and analysis. Some tools will sound alarms and notifications when problems are detected, while others will even trigger actions to run when alarms sound. Here is a collection of open source solutions that aim to provide some or all of these capabilities. Read more

Reader Forum: Accelerating ‘IoT’ with an open-source, embedded platform for connected applications

Providing an end-to-end solution for building and deploying new connected applications extremely quickly, at scale, and at a fraction of the cost compared to conventional processes is key to streamlining M2M development. And, using an open-source, Linux-based platform, companies can run applications on any vendor’s hardware and use any cloud management platform. Read more