Language Selection

English French German Italian Portuguese Spanish

Security

Be Afraid if Someone's Got a Voltmeter Hooked to Your CPU

Filed under
OSS
Security

ebb.org/bkuhn/blog: I had a hunch what was going on. I quickly downloaded a copy of the academic paper that was cited as the sole source for the story and read it. As I feared, OpenSSL was getting some bad press unfairly.

'Severe' OpenSSL vuln busts public key crypto

Filed under
Security

theregister.co.uk: Computer scientists say they've discovered a "severe vulnerability" in the world's most widely used software encryption package that allows them to retrieve a machine's secret cryptographic key.

The Perils of Sudo With User Passwords

Filed under
Security

longitudetech.com: The consensus among new Unix and Linux users seems to be that sudo is more secure than using the root account, because it requires you type your password to perform potentially harmful actions. In reality, a compromised user account, which is no big deal normally, is instantly root in most setups.

Chuck Norris is not a Linux virus

Filed under
Linux
Security

itworld.com: Get a grip people. A recent story about the so-called Chuck Norris botnet implies that it breaks Linux's security. Wrong.

LUKS mermaids of remote unlock

Filed under
Security

geekscrap.com: Recently, I’ve browsed several how-to’s regarding the possibility of unlocking a LUKS root volume remotely using an SSH connection. The problem with their approach is simple: they asked how to fix their setup, but forgot to ask what they’re trying to protect.

Quick and easy Linux security

Filed under
Linux
Security
HowTos

ghacks.net: You’ve just set up your Linux desktop. Naturally you want it to be as secure as possible. You’ve heard the rumors that, out of the box, Linux has outstanding security. Is it true? Do you really want to take a chance with that? Most likely not. But what can you do?

Tor Project servers hacked

Filed under
Security
Web

h-online.com: The Tor project developers have advised users to update their Tor anonymity software to version 0.2.1.22 or 0.2.2.7-alpha as soon as possible. This is because, in early January, two of the project's seven directory authorities (moria1 and gabelmoo) as well as the metrics.torproject.org statistics server were found to have been hacked.

How Travelers Can Protect Their Data

Filed under
Security

pthree.org: This post is not meant to be a sure method for defeating attackers. That you can make the process so tedious and time consuming for the attacker, that he will likely not bother and move to another victim. This post is about those methods.

Hold that (trojan) horse!

Filed under
Linux
Security

toolbox.com/blogs: The current news making a big splash around the Linux community is of a trojan that has been created and deployed on the Gnome-look website. For a start this trojan can not automatically install itself. It is not a virus and relies on social engineering to be effective.

The Malware Problem (and a solution)

Filed under
Linux
Software
Security

amarok.kde.org/blog: Some of you might have heard about the Malware incident that recently has hit our friends from gnome-look.org. While some of you might chuckle, there have been some discussions about possible solutions for this issue.

Syndicate content

More in Tux Machines

Why the Open Source Stars Must Align

Open source projects like OpenStack, Docker, OPNFV and OpenDaylight are more supported and better funded than ever before. They mark a broader trend of large, active and well-resourced open source projects that are among the leaders in Big Data, cloud computing, operating systems and development practices. Open source has come a long way in 30 years – and its success marks a new era for the overall OSS community. But success does not come without potential pitfalls. One of the greatest obstacles to project success isn’t the proprietary competition – it’s the lack of communication between large open source projects like OpenStack and Docker. Read more

Myth Busting the Open-Source Cloud Part 1

On the contrary, open-source cloud computing products are designed from the outset with security in mind. For example, there are features such as identity management to monitor who has access to content, and data encryption to safeguard information while it’s at rest or in transit. Furthermore, open-source cloud software is peer-reviewed by community participants, leading to continuous improvements in the quality of security features and mechanisms. This community also monitors and rapidly discloses vulnerabilities and issues, and provides security updates to address them. Read more

What does an adult look like in an open source community?

You're no longer "just an adult." You're now trusted and looked to for opinions on how the community should grow. You're a community elder. You embody the history. You keep the history. You work together with other adults and elders to guide and make the community stronger. And to a certain extent, the community once again looks after you, just as it did in the first phase. Read more