Language Selection

English French German Italian Portuguese Spanish

Security

TOR GUI `SELEKTOR` SEES NEW MAJOR RELEASE

Filed under
OSS
Security

SelekTOR, an open source Java-based GUI front-end for Tor, was updated to version 3.12 (now 3.12e) recently and it includes new advanced options as well as a new Tor Monitor panel that shows the Tor client startup info and its current status.

Read more

UNITY PRIVACY INDICATOR 0.4 RELEASED WITH NEW PRIVACY SETTINGS

Filed under
Security
Ubuntu

For those not familiar with Privacy Indicator, this is an Ubuntu AppIndicator especially created for Unity, which allows you to control various privacy aspects.

Until this release, the indicator could be used to enable / disable Dash online search results and Zeitgeist logging (and also clear the Zeitgeist log), clear recently used files (which show up in the Nautilus or Nemo "Recent" sidebar item for instance) and to show or hide your real name on the Unity panel.

Read more

Kickstarter pulls Anonabox, a Tor-enabled router that raised over $585,000

Filed under
Development
Security

The Anonabox, which was created by August Germar, of Chico, California, aimed to be an “open source embedded networking device designed specifically to run Tor.” Its fundraising goal was $7,500, and in five days, it raised $585,549 from nearly 9,000 backers—including three Ars editors.

Germar told Ars that he was not aware that it had been suspended until Ars forwarded him an e-mail from Kickstarter outlining the possible reasons why it could have been cancelled.

Read more

Tor Browser 4.0 is released

Filed under
Security
Web

This release also features an in-browser updater, and a completely reorganized bundle directory structure to make this updater possible. This means that simply extracting a 4.0 Tor Browser over a 3.6.6 Tor Browser will not work. Please also be aware that the security of the updater depends on the specific CA that issued the www.torproject.org HTTPS certificate (Digicert), and so it still must be activated manually through the Help ("?") "about browser" menu option. Very soon, we will support both strong HTTPS site-specific certificate pinning (ticket #11955) and update package signatures (ticket #13379). Until then, we do not recommend using this updater if you need stronger security and normally verify GPG signatures.

Read more

DOCKER 1.3: SIGNED IMAGES, PROCESS INJECTION, SECURITY OPTIONS, MAC SHARED DIRECTORIES

Filed under
Linux
Server
Security

First up, in this release, the Docker Engine will now automatically verify the provenance and integrity of all Official Repos using digital signatures. Official Repos are Docker images curated and optimized by the Docker community to be the best building blocks for assembling distributed applications. A valid signature provides an added level of trust by indicating that the Official Repo image has not been tampered with.

Read more

What you need to know about the SSLv3 “POODLE” flaw (CVE-2014-3566)

Filed under
Red Hat
Security

So, the bottom line is: on servers and clients, disable SSLv3 (and, of course, older). Updates to Fedora packages which make this the default will be forthcoming, but in the meantime, you can do it manually. Red Hat is working on a security blog article explaining the steps to take for different software; we’ll link to that when it becomes available.

Read more

South Korea Faces The Bill For Lock-in To Wintel

Filed under
Microsoft
Security

I expect Korea will have to redo everything and get it right this time. Let’s hope they demand GNU/Linux be used for on-line/financial transactions and to protect data but failing that let’s hope they make GNU/Linux optional and the people can decide. There’s something refreshing about a whole country aroused about insecurity with that other OS on the check-list of things to fix.

Read more

7 free tools every network needs

Filed under
OSS
Security

From device discovery to visibility into systems, networks, and traffic flows, these free open source monitoring tools have you covered

Read more

With This Tiny Box, You Can Anonymize Everything You Do Online

Filed under
OSS
Security

No tool in existence protects your anonymity on the Web better than the software Tor, which encrypts Internet traffic and bounces it through random computers around the world. But for guarding anything other than Web browsing, Tor has required a mixture of finicky technical setup and software tweaks. Now routing all your traffic through Tor may be as simple as putting a portable hardware condom on your ethernet cable.

Read more

SEANux – a version of Linux from the Syrian Electronic Army

Filed under
GNU
Linux
Security

For now, consider me skeptical of SEANux. After all, back in early 2012 the so-called AnonymousOS was released, a purported new operating system from the Anonymous collective – only to reportedly be found ridden with trojan horses.

Read more

Syndicate content

More in Tux Machines

Real-time enabled Sitara SoC shows up on a COM

Variscite unveiled a Linux-friendly, SODIMM-style COM based on TI’s Sitara AM437x, supporting the updated SoC’s quad-core Programmable Real-time Unit (PRU). The VAR-SOM-AM43 is the first computer-on-module we’ve seen to use the Texas Instruments Sitara AM437x, a single-core Cortex-A9 system-on-chip that clocks to 1GHz. Last month, Adeneo announced an Android 4.4 BSP for TI’s Sitara AM437x development platform. Variscite is supporting its VAR-SOM-AM43 with a Yocto Linux, and soon, Android-ready hardware/software development kit of its own, which includes a VAR-AM43 CustomBoard development board, touchscreens, cables, and more Read more

High-end 'upstream' Linux laptop plans to ship in April

They said in working up hardware, they carefully designed the laptop "chip by chip" to work with open source software. The 4.4-pound laptop runs Linux. This is a GNU-based distribution, more specifically, the Trisquel GNU/Linux, "the strictest of distributions and strips all binary blobs from the Linux kernel." At the same time, they said laptop owners, if they want, can easily install anything less strict, such as Debian and Ubuntu. The machine has a 15.6" display in either 1920x1080 or 3840x2160 with a 60Hz refresh rate, 720p camera and HD Audio. It has a CD/DVD ROM drive. They used Intel Iris Pro Graphics 5200. It has a 48 Wh lithium polymer battery with about eight hours of usage. Read more

Android essentials: 13 apps I can't live without

We spend a lot of time talking about Lollipop and OS-level issues with Android -- but you know what's just as important as the operating system on your phone or tablet? The apps that surround it. The right apps can make your device easier and more enjoyable to use. They can give it powers you didn't know were possible. They can make it feel like your own custom-tailored gadget -- whether you've been using it for two minutes or for two years. Read more

GHOST, a critical Linux security hole, is revealed

Researchers at cloud security company Qualys have discovered a major security hole, GHOST (CVE-2015-0235), in the Linux GNU C Library (glbibc). This vulnerability enables hackers to remotely take control of systems without even knowing any system IDs or passwords. Qualys alerted the major Linux distributors about the security hole quickly and most have now released patches for it. Josh Bressers, manager of the Red Hat product security team said in an interview that, "Red Hat got word of this about a week ago. Updates to fix GHOST on Red Hat Enterprise Linux (RHEL) 5, 6, and 7 are now available via the Red Hat Network." This hole exists in any Linux system that was built with glibc-2.2, which was released on November 10, 2000. Qualys found that the bug had actually been patched with a minor bug fix released on May 21, 2013 between the releases of glibc-2.17 and glibc-2.18. Read more