The Linux Foundation's Core Infrastructure Initiative (CII) has announced a $500,000 investment in three projects designed to improve the open source technology's security and services.
The project will fund the ReproducibleBuilds, Fuzzing Project and FalsePositiveFree Testing initiatives.
It’s generally fairly easy for new Linux administrators to get up and running with the basics of installing, configuring and managing Linux systems at a basic level. Truthfully, though, it takes years to get the in-depth knowledge required in many server environments today. One thing I really recommend learning early on — i.e. from the beginning — is security.
Governments around the world are hacking into any computer that they can find. They are not just targeting large companies, but any computer that has information that they can sell. Is there anything on your computer that some hacker could sell for money? When was the last time you looked at your /var/log/auth.log file?
Canonical has released several patches addressing flaws in the Linux kernel and OpenSSL that left Ubuntu users open to escalation of privilege and denial-of-service (DoS) attacks.
The most serious of the fixes covers a variety of flaws that could be used to gain elevated or administrative privileges on the victim machine.
"A memory corruption issue was discovered in AES decryption when using the Intel AES-NI accelerated code path. A remote attacker could exploit this flaw to cause a DoS (system crash) or potentially escalate privileges on Intel-based machines," read the Ubuntu security advisory.
In my previous article about creating a "mountable" disk image in GNU/Linux, I explained how to create a file that effectively mimics the functionality of a disk: I explained how to create a file which will then be used, in turn, to contain directories and files. In this article I will explain how to make the next natural step: encrypt that file.