Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security
  • Forcing out bugs with stress-ng

    I've also tried to make stress-ng portable, so it can build fine on GNU/Hurd and Debian kFreeBSD (with Linux specific tests not built-in of course). It also contains some architecture specific features, such as handling the data and instruction cache as well as the x86 rdrand instruction and cache line locking. If there are any ARM specific features than can be stressed I'd like to know and perhaps implement stressors for them.

  • OpenSSH and the dangers of unused code

    Unused code is untested code, which probably means that it harbors bugs—sometimes significant security bugs. That lesson has been reinforced by the recent OpenSSH "roaming" vulnerability. Leaving a half-finished feature only in the client side of the equation might seem harmless on a cursory glance but, of course, is not. Those who mean harm can run servers that "implement" the feature to tickle the unused code. Given that the OpenSSH project has a strong security focus (and track record), it is truly surprising that a blunder like this could slip through—and keep slipping through for roughly six years.

  • Why Is Usable Security Hard, and What Should We Do about it?
  • Linux-Based Botnets Accounted for More than Half of DDoS Attacks in Q4 2015

IPFire 2.17 Open Source Linux Firewall OS Gets OpenSSL 1.0.2f and OpenSSH 7.1p2

Filed under
OSS
Security

The IPFire development team announced last evening the immediate availability for download or update of the IPFire 2.17 Core Update 97 Linux kernel-based firewall distribution.

Read more

Security Leftovers

Filed under
Security
  • Friday's security updates
  • Critical OpenSSL Patch Available. Patch Now!

    All versions of OpenSSL are vulnerable to CVE-2014-0195, but this vulnerability only affects DTLS clients or servers (look for SSL VPNs... not so much HTTPS).

  • Linux Trojan That Takes Screenshots and Records Audio Has a Windows Brother

    The Linux trojan that spied on users by taking screenshots of their desktop has now a Windows variant, as Kaspersky's security team has found out.

    The trojan, first discovered by Dr.Web and named Linux.Ekocms, and later also identified by Sophos as Linux/Mokes-A, and then by Kaspersky as Backdoor.Linux.Mokes.a, has caused some stir in the Linux community because it was one of the first spyware threats detected in the wild on the platform.

10 Best Operating Systems For Ethical Hacking And Penetration Testing

Filed under
GNU
Linux
Security

Wondering which is the best operating system for ethical hacking and pen testing purposes? Trying to solve this problem, fossBytes has prepared a list of the most efficient Linux distros for hacking purposes that you need to check out in 2016.

Read more

Tor Browser 6.0 Now in Development, Devs Switch the Guest VMs to Debian Wheezy

Filed under
Development
Security

We reported a couple of days ago that the Tor Project announced the release of the Firefox-based Tor Browser 5.5 anonymous web browser for all supported platforms, but they've also published details about the first Alpha build of the next major release.

Read more

Two Outstanding All-in-One Linux Servers

Filed under
Linux
Security

The answer to this question depends on what you need. Zentyal is an amazing server that does a great job running your SMB network. If you need a bit more, such as groupware, your best bet is to go with ClearOS. If you don’t need groupware, either server will do an outstanding job.

I highly recommend installing both of these all-in-one servers to see which will best serve your small company needs.

Read more

Tor and Debian

Filed under
Security
Debian
  • Tor Browser 5.5 Gets an Official Release, Includes Tor 0.2.7.8

    The Tor Project has proudly announced the release and immediate availability for download of the first stable Tor Browser 5.5 web browser for all supported operating systems, including GNU/Linux, Mac OS X, and Microsoft Windows.

  • Tor Announces Official Release of Tor Browser 5.5 With New Features

    Tor Browser 5.5 is the first stable release in the 5.5 series of Tor. It is released for all the supported operating systems, including GNU/Linux, Mac OS X and Microsoft Windows. It is now available for download from the Tor Browser Project page along with many new features.

  • The ultra-secure Tails OS beloved by Edward Snowden gets a major upgrade

    Edward Snowden's favorite secure operating system just got a major upgrade. Version 2.0 of the Amnesic Incognito Live System, better known as Tails, rolled out recently. Tails 2.0 brings a new desktop environment, sandboxing for services via the always controversial systemd, and a new build of the Tor Browser.

  • Becoming a Debian contributor

    Over the past two months or so I have become a contributor to the Debian Project. This is something that I’ve wanted to do for a while. Firstly, just because I’ve got so much out of Debian over the last five or six years—both as a day-to-day operating system and a place to learn about computing—and I wanted to contribute something back. And secondly, in following the work of Joey Hess for the past three or four years I’ve come to share various technical and social values with Debian. Of course, I’ve long valued the project of making it possible for people to run their computers entirely on Free Software, but more recently I’ve come to appreciate how Debian’s mature technical and social infrastructure makes it possible for a large number of people to work together to produce and maintain high quality packages. The end result is that the work of making a powerful software package work well with other packages on a Debian system is carried out by one person or a small team, and then as many users who want to make use of that software need only apt-get it. It’s hard to get the systems and processes to make this possible right, especially without a team being paid full-time to set it all up. Debian has managed it on the backs of volunteers. That’s something I want to be a part of.

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security

Tor Browser 5.5 is released

Filed under
OSS
Security

Tor Browser 5.5, the first stable release in the 5.5 series, is now available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

On the privacy front we finally provide a defense against font enumeration attacks which we developed over the last weeks and months. While there is still room for improvement, it closes an important gap in our fingerprinting defenses. Additionally, we isolate Shared Workers to the first-party domain now and further improved our keyboard fingerprinting defense.

Read more

Syndicate content

More in Tux Machines

Leftovers: Software

  • Wireshark 2.0.5 Released — World’s Most Popular Network Traffic Analyzer
    Wireshark is widely used as the primary network protocol analyzer by security researchers all across the world. Wireshark 2.0.5, the latest maintenance update, is now available for download with various security fixes and updated network protocols.
  • ownCloud 9.1 Community Edition Cloud Server Adds Innovative Security Features
    ownCloud announced the availability of the first major release for the 9.x series of the open-source self-hosting cloud server software for GNU/Linux operating systems recently. ownCloud 9.1 Community Edition is now the latest stable and most advanced release of the ownCloud Server, which promises dozens of attractive new features, among which we can mention a bunch of innovative security enhancements, such as support for token-based authentication sessions and pluggable authentication support. Additionally, ownCloud 9.1 introduces the ability to list all the devices that are connected to your personal user page, from where you'll be able to invalidate certain session. Device specific tokens are supported as well in the ownCloud 9.1 release, giving users new ways to control the access to their personal and private cloud servers.
  • Deluge 1.3.13 Free BitTorrent Client Adds an Extremely Large Set of Bugfixes
    It's been a while since we last heard something from the Deluge project, an open-source and cross-platform BitTorrent client that's available for GNU/Linux, Mac OS X, and Microsoft Windows operating systems. Deluge is quite a popular software for downloading torrent files over the Internet, and it comes with pretty much everything you would expect from a BitTorrent client, including protocol encryption, Universal Plug and Play (UPnP), Distributed Hash Table (DHT), uTorrent Peer Exchange, wet-PMP, and, of course, the ability to manage the program remotely via a web browser.
  • Krita 3.0.1 Coming September 5, First Development Builds Are Out Now for Testing
    Now that the final release of the Krita 3.0 digital painting software has been released for our personal computers, the time has come for the project's development team to concentrate their efforts on the first point release.
  • Docker Built-in Orchestration Ready for Production: Docker 1.12 Goes GA
  • Docker 1.12 App Container Engine Officially Released with Built-in Orchestration
    Docker, the award-winning and widely-used open-source application container engine, has just released a major milestone that introduces approximately 100 changes since the previous stable update. That's right, Docker 1.12.0 is finally here after being in development for the past two months, during which it received a total of five Release Candidate (RC) builds that have been seeded to public testers and those who wanted an early taste of what's coming to the final Docker 1.12 release. "We wanted to thank everyone in the community for helping us achieve this great milestone of making Docker 1.12 generally available for production environments. Docker 1.12 adds the largest and most sophisticated set of features into a single release since the beginning of the Docker project," reads the release announcement.
  • The State of GIMP & Its Future

Games for GNU/Linux

  • Latest Vendetta Online Update Brings VR Improvements, Oculus Rift 1.6 Support
    Guild Software announced earlier today, July 30, 2016, the availability of the latest updates for its cross-platform, commercial, and popular Vendetta Online massively multiplayer online role-playing game (MMORPG). A total of three small updates have been released for Vendetta Online since our last report three weeks ago, when Vendetta Online 1.8.380 was released for PCs (Linux, Mac, and Windows) with lots of goodies and multiple improvements.
  • ‘Stardew Valley’ Now Available On Mac And Linux
    Back in June, it was confirmed that the game will be making its way to the Wii U, Xbox One and PlayStation 4.
  • New Steam Beta Client Adds Numerous Steam Controller Improvements, More
    Today July 30, 2016, Valve has pushed yet another update for its Steam Client to the Beta channel on all supported platforms, including GNU/Linux, Mac OS X, and Microsoft Windows. Steam Client Beta Update July 29 was announced today, despite its name, and it only introduces support for the upcoming Windows Anniversary Update that will be made available on August 2, 2016, as well as numerous improvements and a handful of new features for the Steam Controller device.
  • The TORCS Racing Car Simulator Should Now Be Slightly Faster With Gallium3D
    For those playing TORCS, The Open Racing Simulator, its performance for this driving game simulator should be slightly faster if using one of Mesa's Gallium3D drivers. AMD developer Marek Olšák has landed a complete rewrite of state atoms inside the Gallium3D Mesa state tracker. Long story short, Marek concluded his commit message by mentioned, "torcs is 2% faster between the previous patch and the end of this series." Every little bit counts in making the open-source driver stack more competitive. With this being in the vendor-neutral Mesa state tracker code, it should presumably also help the Nouveau driver too, in addition to RadeonSI/R600g.

Red Hat Financial News

Voyager 16.04.1 LTS Adds Intel Skylake Support, Based on Xubuntu 16.04.1 LTS

The guys over Voyager, a Xubuntu-based GNU/Linux distribution built around the lightweight Xfce desktop environment, have announced the release of Voyager 16.04.1 LTS. Read more