Language Selection

English French German Italian Portuguese Spanish

Security

Parallels CTO: Linux container security is not the problem

Filed under
GNU
Linux
Security

Containerization technology has been a game-changer, powering Docker and other transformative software solutions. It's also garnered its share of criticisms about performance, security, and resiliency.

But one of the creators of Parallels, a key containerization technology on Linux, is pushing back against what he feels are pervasive myths about containers -- many of which, he argues, are rooted in misunderstandings of how to use them and what they're for.

Read more

Drupal Core - Highly Critical - Public Service announcement - PSA-2014-003

Filed under
Drupal
Security

This Public Service Announcement is a follow up to SA-CORE-2014-005 - Drupal core - SQL injection. This is not an announcement of a new vulnerability in Drupal.

Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement of SA-CORE-2014-005 - Drupal core - SQL injection. You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement.

Read more

Announcing Qubes OS Release 2!

Filed under
GNU
Linux
Security

Today we're releasing Qubes OS R2! I'm not gonna write about all the cool features in this release because you can find all this in our wiki and previous announcements (R2-beta1, R2-beta2, R2-beta3, R2-rc1, and R2-rc2). Suffice to say that we've come a long way over those 4+ years from a primitive proof of concept to a powerful desktop OS which, I believe, it is today.

One of the biggest difficulties we have been facing with Qubes since the very beginning, has been the amount of this extra, not-so-exciting, not directly security-related work, but so much needed to ensure things actually work. Yet, the line between what is, and what is not-security related, is sometimes very thin and one can easily cross it if not being careful.

Read more

MSI X99S SLI PLUS On Linux

Filed under
Linux
Security

For Intel Core i7 5960X Haswell-E Linux testing I originally bought an MSI X99S SLI PLUS motherboard as it was one of the most interesting, lowest-priced boards available at the time of the Intel X99 chipset debut. While I initially ran into some problems, those issues have now been confirmed to be isolated, and with a replacement X99S SLI PLUS motherboard I have been stressing it constantly for the past few weeks on Fedora and Ubuntu. The X99S SLI PLUS has now proven itself to be a reliable motherboard that's still among the least expensive X99 ATX motherboards on the market.

Read more

Another Tor router crowdfunding project nixed by Kickstarter

Filed under
Android
Linux
Security

Kickstarter is apparently not the place to go if you’re trying to crowdfund privacy hardware. Just days after the Anonabox project, a highly criticized effort to package the Tor privacy protection service into a portable miniature Wi-Fi router, was suspended by the crowdfunding site, another similar project has met its demise—and its founder’s account has been deleted.

TorFi, which Ars mentioned in a report on October 21, was a project by Jesse Enjaian and David Xu of Berkeley, California aimed at creating home routers with turnkey Tor protection and support for OpenVPN connections—allowing users to route all their Internet traffic either through Tor's "onion router" network or a virtual private network provider of their choice. The project’s initial pitch was dependent on repurposing routers from TP-Link purchased through retail and re-flashing them with a customized version of the OpenWRT embedded operating system.

Read more

On the Security of Containers

Filed under
Linux
Security

I agree that the security of a container isn’t any better than a well-secured application using sys_setcap(), a custom suite of SeLinux labels, and a roll-your-own use of Linux namespaces. However, that’s precisely what Linux containers are. Containers are not contradictory to other, existing best-practices. They’re not contradictory to VMs, but work well with them. It’s not contradictory to SeLinux or AppArmor, but works with them. In fact, when you come down to it, once you start tweaking and configuring all of the security tunables in Linux to secure your application as much as possible, you’ll realize that you’ve simply rolled your own container solution.

Read more

Feeling Scammed After Anonabox? Android-Based Project Sierra Claims To Be The Real Deal

Filed under
Android
Linux
Security

In the wake of former NSA contractor Edward Snowden's big reveal on government spying, there's been a concerted effort by companies big and small to try and make our lives truly private. One seemingly promising solution was Anonabox, a little plug-and-play device that routes traffic through Tor to keep our online activities anonymous. Unfortunately, we were all misled on a number of levels, prompting Kickstarter to remove the project forever. Hot on its heels is Project Sierra, a network encryption device that's supposedly the real deal.

Read more

Linux Container Security

Filed under
Linux
Security

Hypervisors present a smaller attack surface than containers. This is somewhat mitigated in containers by using seccomp, selinux and restricting capabilities in order to reduce the number of kernel entry points that untrusted code can touch, but even so there is simply a greater quantity of privileged code available to untrusted apps in a container environment when compared to a hypervisor environment[1].

Read more

NSA recommends several Samsung smartphones

Filed under
Android
Security

The list of allowed smartphones, which US officials may share confidential information has become a bit longer. The National Information Assurance Partnership (NIAP) - a product tester under the supervision of the NSA - announced Tuesday the green light for the S5 Galaxy, Galaxy Note 4 and the tablet Galaxy Note 10.1 (2014 Edition).

Read more

Free and Open Source Electronic Signature in Costa Rica

Filed under
LibO
OSS
Security

The LibreOffice component designed by the University of Costa Rica (UCR) is similar to similar software enhancements currently used for electronic signatures in other countries.

Read more

Syndicate content

More in Tux Machines

Linux Kernel 3.18.4 Stable Released, Install In Ubuntu/Linux Mint


Linux Kernel 3.18.4 Stable Released, Install In Ubuntu/Linux Mint

Linux Kernel 3.18.4 Stable is released and can be installed or updated in Ubuntu Vivid Vervet, Utopic Unicorn, Trusty Tahr and Linux Mint Rebecca and Qiana.
 
 
 
 
 
 

Read at LinuxAndUbuntu

援交妹色彩絢麗

在喝之前既不煮也不蒸,而是象茶一樣是沖泡出來的。對我的豆豆和老公的豆豆都有效!雖然還是有豆豆不斷地出來,但是的 確緩解了很多。 而我會開始喜歡韓國人是因為他們真的是很有自我風格的民族,就像先前說的,不管流行怎么走,韓國人總是有自己的美學標 準台中援交妹,他們積極又自信的態度就是成功的關鍵,當然他們的品味有時候 也讓 人不敢恭維(像是深色口紅和留羽毛剪發型的少男團體),不過轉變中的韓國的確有許多吸引人的元素,不論是好是壞,都值得 我們細細品嘗謝天謝地外送服務,韓國人終于從熏黑眼和酒紅唇膏中畢業了,拜 幾 位當紅偶像之賜,韓國開始崇尚自然的美感前不久還公布一份“無公害藝人排行榜”,也就是指不化妝也好看的明星外約,臺灣人熟悉的元彬和李英愛分別位居男女藝人的第一名全套,這份報告也宣示了韓國自 然彩妝時代的來臨,具有重要的意義,因為過去媒體總是喜歡宣揚明星的化妝術,造成一股跟風,害每個韓國女人看起來都長 的很像,而現在連化妝品廣告都很少看到濃妝艷抹的代言人,就知道自然 妝當道不過有趣的是,在一支由元彬和樸志胤擔任男女主角的粉底廣告中,我們還是看到韓國女人很賊又很高招的偽裝術,廣 告的內容是一對男女有些曖昧的躺在床上,男人心里想:“我看到了她沒有 化妝的素顏。

援交妹至于前者

大家自己算哦上老公買的包包因為有購買限制,老公還看中了2個包無法購買,曾經試圖去同一個城市不同的lv店想混,沒想到 ,還是被人家查出來了,不給買。 只不過對于該片來說,廣告植入的做法仍然非常明顯。“自豪”與“富豪”雖一字之差按摩,但其意義卻截然不同。陳紅年輕的時候臉形也略太大方有余清秀不 足魚訊,李嘉欣就是西方人的輪廓,我在外國見多了 ,也就公司前臺小姐的水準陳法蓉年輕的時候,就是演人在邊緣和巨人的時候,真是身材好臉蛋也有自己獨特的魅力,關鍵是 氣質和年輕的臉蛋還有標致性短發配起來一絕。 這些包我都在尚品網看到過,現在就給大家來幾張大圖,各位仔細玩味一下吧!!!(CHANEL因為有大牌日活動援交妹莊,我就不截圖給大家看了。 這樣吧,我訂好地方之后,稍后再讓秘書通知你。她們懂得用頭腦來營造讓人無法抗拒的氛圍,更主動的對男人進攻,奪取自 己的目標。 ”民警立即將情況通知周邊警力并實施布控20多分鐘后,在通往南坪幼兒園途中的一棟小樓里援交妹,民警發現了三名犯罪嫌疑人,其中一位臉色發青的男子從褲子口 袋里拿出了1000元現金“包包沒什么用, 我們扔了!”男子聲音有些顫抖。

Leftovers: Software