Short bio: Computer Scientist, FOSS supporter (read more)
Tux Machines (TM)-specific
tcs-security-blanket.blogspot: BROKEN LINKS in Linux file systems are not just annoying — they can also be a security risk. In a previous post, I discussed the potential dangers of unowned files and in this post I will talk about those annoying, resource consuming broken links usually considered simple file system “lint”.
computerworlduk.com: Who's got the safest operating system? Apple, Google, Microsoft? According to one security expert, what really matters is who's using the OS.
links.org: Nigori is a protocol for storing secrets in the cloud such that the storage need not be trusted and only a single password is required to access secrets.
linuxinexile.blogspot: Organizations can no longer tolerate the security risks posed by intentional, accidental or indirect misuse of privileges. You will learn how to securely delegate privileges and authorization without disclosing the root password.
eff.org: New research by the Electronic Frontier Foundation (EFF) has found that an overwhelming majority of web browsers have unique signatures -- creating identifiable "fingerprints" that could be used to track you as you surf the Internet.
h-online.com: Oracle's forthcoming version 5.1.47 of MySQL is said to contain several important security patches. The changelog states that the developers have closed three security holes which allow attackers to cause a server crash, obtain unauthorised database access or, in the worst case, inject arbitrary code and execute it on the server.
securecomputing.net: A lack of knowledge and awareness about how to use Linux mail servers could be contributing to the disproportionately large number of Linux machines being exploited to send spam, according to new Symantec Hosted Services research.
ghabuntu.com: Some time ago, the open source world was caught by surprise by the announcement of a malware for Linux, hidden in a screensaver for Gnome in gnome.look.org. Security in Linux (as with any operating system) is a matter of habit, then we will list some tips.
blogs.zdnet.com: Combining a cross-site scripting (XSS) vulnerability with a TinyURL redirect, hackers successfully broke into the infrastructure for the open-source Apache Foundation in what is being described as a “direct, targeted attack.”
freetechie.com: Sebastian Krahmer from the SUSE Security team has found a vulnerability in KDM which will allow a local user to elevate their privileges to root access.
cristalinux.blogspot: When I wrote my Windows 7 vs. Ubuntu 10.04 Beta ARTICLE several days ago, I rated Ubuntu higher than Windows in terms of security. In hindsight, I think I was perhaps assuming certain bits and pieces, as well as maybe not thoroughly explaining why I thought that was the case.
eweek.com: Led, somewhat ironically, by Microsoft Windows, operating system vendors and some other software vendors have been making their products more secure by default. They also have been providing tools and best-practice guidelines for application developers to improve security.
linux.com: After forty years in the commercial computing business, the one idea that has been drilled into me by security professionals is the fact that there is no such thing as a secure computer system, only levels of insecurity.
blogs.techrepublic.com: I recently read a blog posting that denounced the use of sudo as insecure. My first reaction was that the author had no idea how to use sudo properly or why you would want to.
fewt.com: It is often said that Linux is more secure than Windows, and for enterprise workloads this tends to be very true. Desktop Linux is a completely different use case, and unfortunately security configuration is sadly way behind (read: non-existent).