Language Selection

English French German Italian Portuguese Spanish

Security

Another day, another OpenSSL patch

Filed under
OSS
Security

The latest OpenSSL security hole isn't a bad one as these things go. It's no Heartbleed, Freak, or Logjam. But it's serious enough that, if you're running alpha or beta operating systems, you shouldn't delay patching it.

Fortunately, the affected OpenSSL versions are not commonly used in enterprise operating systems. For example, it doesn't impact shipping and supported versions of Red Hat Enterprise Linux (RHEL) or Ubuntu. In the case of Ubuntu, it does affect the 15.10 development release, but the patch is already available.

Read more

OPNsense 15.7 Released As Fork Of Pfsense

Filed under
Security
BSD

The OPNsense 15.7 release added i386 and NanoBSD support, LibreSSL support, re-based to FreeBSD 10.1, added OpenDNS support, intrusion detection support, new local/remote backlist options, some security fixes, and added many other new features.

Read more

Also: Pfmatch, a packet filtering language embedded in Lua

bsdtalk 254 [Ogg]

finding bugs in tarsnap

From the Editors: When did open-source software get so scary?

Filed under
OSS
Security

When did the use of open-source software become such a worrisome thought? Big names such as VMware, Oracle, Microsoft and Cisco, to name but a few, have been caught infringing on open-source software licenses.

Read more

Can Data Infrastructure Vendors Stop Hackers?

Filed under
GNU
Linux
Server
Security

The ecosystem is based on Security-Enhanced Linux (SELinux), but it adds role-based access control with a policy for each role, so no one can get to the system root and the root can’t see user data. All access is logged, so any attempts to penetrate the system can be traced. Policies are based on roles such as security admin, audit admin and sysadmin, and each file is tagged with a security level so some users can see it while others can’t.

Read more

Will Red Hat Enter the Security Market?

Filed under
Red Hat
Security

Security is key part of the open source Linux operating system that Red Hat delivers to its customers. Yet despite the fact that security is baked into the operating system, Red Hat doesn't currently have a separate security offering.

Read more

Release of OpenMediaVault 2.1 (Stone burner)

Filed under
GNU
Linux
Server
Security

The main features at a glance:

Using Sencha ExtJS 5.1.1 framework for the WebGUI
Add a new dashboard and widgets
Many internal improvements and bugfixes
Improved the internal network interface backend
Add Wi-Fi support. Only WPA & WPA2 is supported
Add VLAN support
The network interface configuration page has been modified. Now only the configuration values are displayed. Use the dashboard widget to show the state of all network interfaces.
The public key of the user must now be specified in the RFC 4716 SSH public key file format. It is possible to add multiple keys.
Option to turn off the collection of system performance statistics.
Use the browser local storage to store the WebGUI state (e.g. displayed grid columns, column width, …) instead of cookies.

Read more

Not OK, Google: Chromium voice extension pulled after spying concerns

Filed under
Google
Security

Google has removed an extension from Chromium, the open source sibling to the Chrome browser, after accusations that the extension was installed surreptitiously and subsequently eavesdropped on Chromium users.

Read more

OS Security: Windows and Linux/UNIX

Filed under
GNU
Linux
Microsoft
Security

For those new to Linux/UNIX command line interfaces, there are lots of Internet sources that provide cheat sheets for the most common commands you'll need to navigate and perform actions. Here's another option we like because it's particularly handy.

Read more

GNU Patch Vulnerabilities Closed in Ubuntu

Filed under
GNU
Security
Ubuntu

Details about GNU patch vulnerabilities that have been found and fixed in Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS have now been published by Canonical in a security notification.

Read more

Pica8 CEO: Cisco's 'Primitive' ACI Poses Greater Security Risk Than Open Linux-Based White-Box Switches

Filed under
Security

Cisco Systems' Application Centric Infrastructure software-defined networking technology and its proprietary network switches pose a greater security risk than the open-source, white-box, bare-metal switches now storming the market, said Pica8 co-founder and CEO James Liao.

Read more

Also: Pica8 fires back at Cisco, calls ACI security 'primitive'

Syndicate content

More in Tux Machines

Xubuntu 15.10 Beta 1 Drops Gnumeric and Abiword in Favor of LibreOffice Writer and Calc

Canonical has announced the release of the first Beta build for Ubuntu 15.10 (Wily Werewolf) opt-in flavors, which include the well-known Xubuntu distribution built around the lightweight Xfce desktop environment. Read more

Technology, the law and you: Open-source software

But “free as in beer” isn’t really the point – huge numbers of corporate open-source users opt for paid commercial versions of open-source projects, for simplicity and support. And then there are all those various licenses that protect the openness of the software – GPL, Apache, Eclipse. But the good news is that, with very few exceptions, there aren’t many legal issues for the average company to worry about. Read more

Today in Techrights

Windows 10: is it finally time to migrate to Ubuntu?

Ubuntu continues to grow in popularity, not only with mainstream consumers, but also with Fortune 500 companies. Moreover, government and top notch education entities across the globe have realized they can save millions of USD, and invest funds more prudently for social programmes. Read more