Language Selection

English French German Italian Portuguese Spanish

Security

Security Leftovers

Filed under
Security
  • Forcing out bugs with stress-ng

    I've also tried to make stress-ng portable, so it can build fine on GNU/Hurd and Debian kFreeBSD (with Linux specific tests not built-in of course). It also contains some architecture specific features, such as handling the data and instruction cache as well as the x86 rdrand instruction and cache line locking. If there are any ARM specific features than can be stressed I'd like to know and perhaps implement stressors for them.

  • OpenSSH and the dangers of unused code

    Unused code is untested code, which probably means that it harbors bugs—sometimes significant security bugs. That lesson has been reinforced by the recent OpenSSH "roaming" vulnerability. Leaving a half-finished feature only in the client side of the equation might seem harmless on a cursory glance but, of course, is not. Those who mean harm can run servers that "implement" the feature to tickle the unused code. Given that the OpenSSH project has a strong security focus (and track record), it is truly surprising that a blunder like this could slip through—and keep slipping through for roughly six years.

  • Why Is Usable Security Hard, and What Should We Do about it?
  • Linux-Based Botnets Accounted for More than Half of DDoS Attacks in Q4 2015

IPFire 2.17 Open Source Linux Firewall OS Gets OpenSSL 1.0.2f and OpenSSH 7.1p2

Filed under
OSS
Security

The IPFire development team announced last evening the immediate availability for download or update of the IPFire 2.17 Core Update 97 Linux kernel-based firewall distribution.

Read more

Security Leftovers

Filed under
Security
  • Friday's security updates
  • Critical OpenSSL Patch Available. Patch Now!

    All versions of OpenSSL are vulnerable to CVE-2014-0195, but this vulnerability only affects DTLS clients or servers (look for SSL VPNs... not so much HTTPS).

  • Linux Trojan That Takes Screenshots and Records Audio Has a Windows Brother

    The Linux trojan that spied on users by taking screenshots of their desktop has now a Windows variant, as Kaspersky's security team has found out.

    The trojan, first discovered by Dr.Web and named Linux.Ekocms, and later also identified by Sophos as Linux/Mokes-A, and then by Kaspersky as Backdoor.Linux.Mokes.a, has caused some stir in the Linux community because it was one of the first spyware threats detected in the wild on the platform.

10 Best Operating Systems For Ethical Hacking And Penetration Testing

Filed under
GNU
Linux
Security

Wondering which is the best operating system for ethical hacking and pen testing purposes? Trying to solve this problem, fossBytes has prepared a list of the most efficient Linux distros for hacking purposes that you need to check out in 2016.

Read more

Tor Browser 6.0 Now in Development, Devs Switch the Guest VMs to Debian Wheezy

Filed under
Development
Security

We reported a couple of days ago that the Tor Project announced the release of the Firefox-based Tor Browser 5.5 anonymous web browser for all supported platforms, but they've also published details about the first Alpha build of the next major release.

Read more

Two Outstanding All-in-One Linux Servers

Filed under
Linux
Security

The answer to this question depends on what you need. Zentyal is an amazing server that does a great job running your SMB network. If you need a bit more, such as groupware, your best bet is to go with ClearOS. If you don’t need groupware, either server will do an outstanding job.

I highly recommend installing both of these all-in-one servers to see which will best serve your small company needs.

Read more

Tor and Debian

Filed under
Security
Debian
  • Tor Browser 5.5 Gets an Official Release, Includes Tor 0.2.7.8

    The Tor Project has proudly announced the release and immediate availability for download of the first stable Tor Browser 5.5 web browser for all supported operating systems, including GNU/Linux, Mac OS X, and Microsoft Windows.

  • Tor Announces Official Release of Tor Browser 5.5 With New Features

    Tor Browser 5.5 is the first stable release in the 5.5 series of Tor. It is released for all the supported operating systems, including GNU/Linux, Mac OS X and Microsoft Windows. It is now available for download from the Tor Browser Project page along with many new features.

  • The ultra-secure Tails OS beloved by Edward Snowden gets a major upgrade

    Edward Snowden's favorite secure operating system just got a major upgrade. Version 2.0 of the Amnesic Incognito Live System, better known as Tails, rolled out recently. Tails 2.0 brings a new desktop environment, sandboxing for services via the always controversial systemd, and a new build of the Tor Browser.

  • Becoming a Debian contributor

    Over the past two months or so I have become a contributor to the Debian Project. This is something that I’ve wanted to do for a while. Firstly, just because I’ve got so much out of Debian over the last five or six years—both as a day-to-day operating system and a place to learn about computing—and I wanted to contribute something back. And secondly, in following the work of Joey Hess for the past three or four years I’ve come to share various technical and social values with Debian. Of course, I’ve long valued the project of making it possible for people to run their computers entirely on Free Software, but more recently I’ve come to appreciate how Debian’s mature technical and social infrastructure makes it possible for a large number of people to work together to produce and maintain high quality packages. The end result is that the work of making a powerful software package work well with other packages on a Debian system is carried out by one person or a small team, and then as many users who want to make use of that software need only apt-get it. It’s hard to get the systems and processes to make this possible right, especially without a team being paid full-time to set it all up. Debian has managed it on the backs of volunteers. That’s something I want to be a part of.

Security Leftovers

Filed under
Security

Security Leftovers

Filed under
Security

Tor Browser 5.5 is released

Filed under
OSS
Security

Tor Browser 5.5, the first stable release in the 5.5 series, is now available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

On the privacy front we finally provide a defense against font enumeration attacks which we developed over the last weeks and months. While there is still room for improvement, it closes an important gap in our fingerprinting defenses. Additionally, we isolate Shared Workers to the first-party domain now and further improved our keyboard fingerprinting defense.

Read more

Syndicate content

More in Tux Machines

Lenovo G50 & CentOS 7.2 MATE - Fairly solid

Is there a perfect track record for any which distro? No. Do any two desktop environments ever behave the same? No. Is there anything really good and cool about the MATE offering? Yes, definitely. It's not the finest, but it's definitely quite all right. You do get very decent hardware support, adequate battery life and good performance, smartphone and media support is top notch, and your applications will all run happily. On the other hand, you will struggle with Samba and Bluetooth, and there are some odd issues here and there. I think the Gnome and Xfce offerings are better, but MATE is not to be dissed as a useless relic. Far from it, this is definitely an option you ought to consider if you're into less-than-mainstream desktops, and you happen to like CentOS. To sum it all up, another goodie in the growing arsenal of CentOS fun facts. Enjoy. Read more

digiKam 5.2.0 is published...

After a second release 5.1.0 published one month ago, the digiKam team is proud to announce the new release 5.2.0 of digiKam Software Collection. This version introduces a new bugs triage and some fixes following new feedback from end-users. This release introduce also a new red eyes tool which automatize the red-eyes effect reduction process. Faces detection is processed on whole image and a new algorithm written by a Google Summer of Code 2016 student named Omar Amin is dedicated to recognize shapes and try to found eyes with direct flash reflection on retina. Read more

Games for GNU/Linux

Linux Graphics