Language Selection

English French German Italian Portuguese Spanish

Security

5 awesome security features to expect in PC-BSD 10.1.2

Filed under
Security
BSD

Five of those security and security-related features were announced today and are on track to be included in the next edition, which should be PC-BSD 10.1.2. They are

PersonaCrypt – a command line utility to backup a user’s home directory to an encrypted external media
Tor Mode in System Updater Tray
Stealth Mode in PersonaCrypt
Ports now use LibreSSL by default instead of OpenSSL
Support for encrypted backups in Life-Preserver utility

Read more

Blackphone unveils a new phone and tablet running secure, encrypted Android

Filed under
Android
Security

Today at Mobile World Congress, the encrypted phone system Blackphone announced a new phone and tablet, along with a new business focus on enterprise. The phone is called the Blackphone 2, a successor to the first Blackphone shown at MWC last year, but adds a new processor, better screen, and a larger profile overall. The tablet, called the Blackphone+, is slated for release in the fall. Both run Blackphone's secure OS, forked off of Android, which is designed to protect metadata and provide end-to-end encryption throughout.

Read more

Snowden's favourite Linux - Tails - rushes sec-fix version to market

Filed under
GNU
Linux
Security
Debian

The developers want to kill off the previous version, Tails 1.2.3, as soon as possible, with a list of 14 security issues covering everything from the Tor browser and its network security services (NSS) through to a sudo privilege escalation bug.

Read more

Tell Lenovo: respect user freedom and prevent future Superfishes

Filed under
GNU
Security

Security experts have discovered a highly threatening vulnerability in software preinstalled on some Windows computers manufactured by Lenovo through January 2015. Extreme negligence on the part of Lenovo and unscrupulous programming by its adware partner Superfish seem to have caused the vulnerability.

Read more

5 ethical open source hacking tools for business

Filed under
OSS
Security

Many businesses routinely employ "ethical" hackers as a means of testing whether their systems are secure, paying the tech-savvy to break into their computers in what is known as penetration testing, or pen testing.

Read more

Critical 0-days in open source? The problem isn't code, it's CASH

Filed under
OSS
Security

Linux Foundation Executive Director Jim Zemlin thinks the information security world needs fewer surgeons and more personal trainers, and he's putting his organization's money where his mouth is.

Speaking at this year's Linux Foundation Collaboration Summit, an invite-only event taking place this week in Santa Rosa, California, Zemlin took a break from his customary Linux and open source cheerleading to stress that the open source community needs to do more to address security.

Read more

Hostkey rotation, redux

Filed under
Security
BSD

A couple of weeks ago I described the host key rotation support forthcoming in OpenSSH 6.8. Almost immediately after smugly declaring "mission accomplished", the bug reports started rolling in. First Mike Larkin noticed an interaction with ssh's CheckHostIP option that would cause host key warnings, then Theo de Raadt complained about the new code unnecessarily rewriting known_hosts when no changes needed to be made, finally Philipp Kern and Jann Horn pointed out a way for a hostile server to abuse the extension.

Read more

Multiple PostgreSQL Vulnerabilities Corrected in All Supported Ubuntu OSes

Filed under
Security
Ubuntu

Ubuntu 14.10, Ubuntu 14.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems have been updated in order to fix a number of PostgreSQL vulnerabilities discovered to affect them.

Read more

End of the m0n0wall project

Filed under
Security
BSD

on this day 12 years ago, I have released the first version of m0n0wall to the public. In theory, one could still run that version - pb1 it was called - on a suitably old PC and use it to control the Internet access of a small LAN (not that it would be recommended security-wise). However, the world keeps turning, and while m0n0wall has made an effort to keep up, there are now better solutions available and under active development.

Read more

NSA approves Samsung and Boeing mobile devices for employee use

Filed under
Android
Security

Samsung’s products include the Galaxy S4/S5, Galaxy S5 with KNOX, Galaxy Note 3, Galaxy Note 10.1 2014 Edition, Galaxy Note 10.1 2014 Edition with KNOX 2, Galaxy Note Edge with KNOX 2, Galaxy Tab S 8.4 and 10.5 LTE with KNOX 2, and the Galaxy Alpha with KNOX 2. For Samsung, Knox provides the added security features key to making the grade in the CSfC program.

Read more

Syndicate content

More in Tux Machines

EMC to open-source ViPR - and lots of other stuff apparently

ViPR is software storage controller tech that separates the control and data planes of operation, enabling different data services to be layered onto a set of storage hardware products - such as EMC's own arrays, Vblocks, selected third-party arrays, JBODs and cloud storage. The data services are typically ways of accessing data, such as file services, The open source software will be called Project CoprHD* and be made available on GitHub for community development. It will include all the storage automation and control functionality and be supplied under the Mozilla Public License 2.0 (MPL 2.0). Public supporting partners for CoprHD are Intel, Verizon and SAP. Read more

Patent Pledges and Open Source Software Development

For all its benefits, one aspect of open source software does cause headaches: understanding the legal terms that control its development and use. For starters, scores of licenses have been created that the Open Source Initiative recognizes as meeting the definition of an “open source license.” While the percentage of these licenses that are in wide use is small, there are significant and important differences between many of these popular licenses. Moreover, determining what rights are granted in some cases requires referring to what the community thinks they mean (rather than their actual text), and in others by the context in which the license is used. Read more

Open Source History: Why Did Linux Succeed?

One of the most puzzling questions about the history of free and open source is this: Why did Linux succeed so spectacularly, whereas similar attempts to build a free or open source, Unix-like operating system kernel met with considerably less success? I don't know the answer to that question. But I have rounded up some theories, which I'd like to lay out here. Read more