Security

ID theft, vulnerabilities, privacy issues, etc

Linux distributor security list destroyed after hacker compromise

Filed under
Linux
Security
BSD

zdnet.com: Hackers have compromised a private e-mail list used by Linux and BSD distributors to share information on embargoed security vulnerabilities and used a backdoor to sniff e-mail traffic, according to the moderator of the list.

Once Upon A Time, There Was A USB Vulnerability In Linux

Filed under
Security

muktware.com: GNU/Linux systems are immune to viruses is anything but myth. Viruses, malware are programs with destructive intentions and can be installed on any machine, if an attacker/cracker (not hacker for god's sake, you idiot) has physical access to it. You can install a malicious code on your own computer if you want. No one can stop you.

London Stock Exchange 'under major cyberattack' during Linux switch

Filed under
Linux
Security

computerworlduk.com: The London Stock Exchange’s new open source trading system may have been hacked last year, according to a report.

Sourceforge Attack: Full Report

Filed under
Security
Web

sourceforge.net: As we’ve previously announced, SourceForge.net has been the target of a directed attack. We have completed the first round of analysis, and have a much more solid picture of what happened, the extent of the impact, our plan to reduce future risk of attack.

Bot attacks Linux and Mac but can't lock down its booty

Filed under
Security

theregister.co.uk: From the department of cosmic justice comes this gem, spotted by researchers from Symantec: a trojan that targets Windows, Mac, and Linux computers contains gaping security vulnerabilities that allow rival criminal gangs to commandeer the infected machines.

Backdoors in OpenBSD? Reply hazy, try again

Filed under
Security
BSD

itworld.com: The fallout from last month's allegations that the Federal Bureau of Investigations attempted to deploy backdoors in the OpenBSD operating system are continuing to echo through developer circles, as more potential clues are unearthed.

Feds relax export curbs on open-source crypto

Filed under
Security

theregister.co.uk: Federal restrictions will be relaxed on the export of open-source software that incorporates strong encryption, the US government announced on Friday in a lengthy disclosure.

Allegations of OpenBSD Backdoors May be True, Updated

Filed under
Security
BSD

linuxjournal.com: It was just last week that Theo de Raadt, OpenBSD founder and developer, posted an email that claimed the Federal Bureau of Investigations paid OpenBSD developers to leave backdoors in its IPSEC network security stack. Since then early audits have found some questionable code, contributors denied any wrongdoing, and the original source reaffirmed his allegations.

Developer defends claims of backdoors in OpenBSD

Filed under
Security
BSD

itwire.com: Perry, chief executive of a company named GoVirtual, told iTWire: "I have absolutely, positively nothing to gain from making those statements to Theo, and only did so to encourage a source code audit of the OpenBSD Project. If I had this to do over again, I would have sent an anonymous postcard to WikiLeaks.

Software flaws don't negate "many eyes" in open source

Filed under
OSS
Security

itworld.com: The allegations from Greg Perry regarding backdoors allegedly placed within OpenBSD about a decade ago seem to be shifting more and more into the realm of fantasy as each day goes by.

OpenBSD backdoor claims: bugs found during code audit

Filed under
Security
BSD

itwire.com: The OpenBSD project has found two bugs during an audit of the cryptographic code in which, it has been alleged, the FBI, through former developers, was able to plant backdoors.

OpenBSD backdoor claims denied

Filed under
Security
BSD

itwire.com: Two developers named as having played a role in creating backdoors for the FBI in the open cryptographic framework used in OpenBSD have denied they did so.

Government Backdoors in OpenBSD?

Filed under
Security
BSD

ostatic.com: We've all heard rumors of backdoors for governments or rogue elements of governments in Microsoft Windows systems, but did we ever think we might find it in the Open Source world? Well, according to Theo de Raadt, renowned Open Source developer, that just might be the case.

OOPS - Root privileges under Linux

Filed under
Linux
Security

Back door in ProFTPD FTP server

Filed under
Software
Security

h-online.com: Unknown attackers penetrated the server hosting the open source ProFTPD FTP server project and concealed a back door in the source code.

A history of viruses on Linux

Filed under
Linux
Software
Security

neowin.net: As requested by a user we wanted to give you a history of viruses on Linux. Given the tight security integrated into Linux, it is difficult to take advantage of a vulnerability on the computer, but some programmers have found ways around the security measures.

Android vulnerability permits data theft

Filed under
Security

h-online.com: Security expert Thomas Cannon has discovered a security vulnerability in the Android browser which can be exploited by attackers to read local files when a smartphone user visits a crafted web site.

EFF Tool Offers New Protection Against 'Firesheep'

Filed under
Security

eff.org: The Electronic Frontier Foundation (EFF) has launched a new version of HTTPS Everywhere, a security tool that offers enhanced protection for Firefox browser users against "Firesheep" and other exploits of webpage security flaws.

OpenSSL Issues Fix

Filed under
Software
Security

crn.com: The OpenSSL server has been patched to repair a critical security glitch that could be exploited in remote code execution attacks.

Another Flash update patches multiple vulnerabilities

Filed under
Software
Security

itwire.com: Adobe has released an update for Flash Player to address 18 vulnerabilities, some of which are regarded as critical.

Syndicate content