Language Selection

English French German Italian Portuguese Spanish

Security

Hardening Ubuntu Security

Filed under
Security
Ubuntu

Ubuntu security isn't difficult: Hardening your Ubuntu installation is usually a straight forward process. Yet sometimes in our haste, we forget to address important security measures early on. In this article I'll share my essential Ubuntu security hardening techniques.

Read more

Tails 1.3.1 Is an Emergency Release to Patch Critical Security Issues in Tor Browser

Filed under
Security
Debian

Tails, the amnesic incognito Live Linux operating system that helps anyone to stay invisible online and browse websites anonymously, has reached today, March 23, version 1.3.1, a release that includes updated Tor and Tor Browser components.

Read more

Docker security in the future

Filed under
Server
OSS
Security

When I began this series of writing about Docker security on Opensource.com, I stated that "containers do not contain."

One of the main goals at both Red Hat and at Docker is to make this statement less true. My team at Red Hat is continuing to try to take advantage of other security mechanisms to make containers more secure. These are a few of the security features we are working at implementing and how they might affect Docker and containers in the future.

Read more

Android Security Gets Better with Lollipop

Filed under
Android
Security

Android has been around for years, and it has seen its share of malware, even in Google’s official Play store. Although third-party security vendors had to jump in and come up with a line of defense against ill-intended apps, Google had the inspiration to introduce the Bouncer app-vetting system that kicked malicious apps out of its marketplace.

Increasing demand for new security features encouraged Google to slowly add mechanisms designed to protect against both malicious apps and cybercriminals trying to exploit system vulnerabilities.

Read more

OpenSSH 6.8 released

Filed under
Security
BSD

OpenSSH 6.8 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:

Read more

Mozilla Releases Open Source Masche Forensics Tool

Filed under
Moz/FF
OSS
Security

Mozilla has released an open source memory forensics tool that some college students designed and built during the company’s recent Winter of Security event.

The new tool, known as Masche, is designed specifically for investigating server memory and has the advantage of being able to scan running processes without causing any problems with the machine. Masche runs on Linux, OS X and Windows and Mozilla has posted the code on GitHub.

Read more

Open Source Crypto is Hard: Part 7846

Filed under
OSS
Security

Our GnuPG strategy and code isn't ready. We need to either make all that crypto stuff completely seamless, or improve the tools we expose to the user for manual work. Preferably both.

Of course, the last of those is the big one, and goes back to the discussion around Thunderbird last week. As the Mailpile team emphasised, the project is not being abandoned: the beta-testing did what it was supposed to do - winkle out problems - and the team will now use that feedback to address issues and improve things. But it does show once more that crypto is hard - and that's true not just for open source, but for all kinds of software. The big question remains: is it possible to make it easy enough for many more people to use, or is it doomed to be the preserve of those who really need it, or at least think they do?

Read more

​NCC Group to audit OpenSSL for security holes

Filed under
OSS
Security

OpenSSL, arguably the world's most important Web security library with its support for Secure Sockets Layer (SSL) and Transport Layer Security (TLS) in such popular Web servers as Apache and Nginx, has had real trouble. First, there was HeartBleed and more recently there is FREAK. It's been one serious security problem after another. Now, the NCC Group, a well-regarded security company, will be auditing OpenSSL's code to catch errors before they appear in the wild.

Read more

5 awesome security features to expect in PC-BSD 10.1.2

Filed under
Security
BSD

Five of those security and security-related features were announced today and are on track to be included in the next edition, which should be PC-BSD 10.1.2. They are

PersonaCrypt – a command line utility to backup a user’s home directory to an encrypted external media
Tor Mode in System Updater Tray
Stealth Mode in PersonaCrypt
Ports now use LibreSSL by default instead of OpenSSL
Support for encrypted backups in Life-Preserver utility

Read more

Blackphone unveils a new phone and tablet running secure, encrypted Android

Filed under
Android
Security

Today at Mobile World Congress, the encrypted phone system Blackphone announced a new phone and tablet, along with a new business focus on enterprise. The phone is called the Blackphone 2, a successor to the first Blackphone shown at MWC last year, but adds a new processor, better screen, and a larger profile overall. The tablet, called the Blackphone+, is slated for release in the fall. Both run Blackphone's secure OS, forked off of Android, which is designed to protect metadata and provide end-to-end encryption throughout.

Read more

Syndicate content

More in Tux Machines

Canonical Closes QEMU Vulnerabilities in Ubuntu 15.04 and Ubuntu 14.04 LTS

Three QEMU vulnerabilities have been found and corrected in Ubuntu 15.04 and Ubuntu 14.04 LTS operating systems by Canonical. Read more

Move over Skype, Facetime, Hangouts. Here comes Spreedbox, a fully open source, secure videoconferencing solution

Following the trend of privacy-respecting products and projects coming out of Europe (e.g., ownCloud, Kolab, and Plasma Mobile), German firm struktur AG has started a Kickstarter project called Spreedbox, which aims to offer a secure audio video conferencing service. According to the project page, “The Spreedbox is a unique device for secure audio/video conferencing, text and video messaging and file sharing. The Spreedbox is your own conferencing, meeting and file exchange service on the Internet and puts the control and security of your data into your own hands.” Read more

Student researchers collaborate virtually with help of open-source software

A typical summer research program—the institute's Nanobio Research Experience for Undergraduates, for example—brings students together to one host university, where they work in different laboratories on various projects. In the new pilot training program on Computational Biomolecular, students use an open-source software called Rosetta to work together on problems in computational biology and are mentored by faculty who are part of a global collaborative team known as the Rossetta Commons. The software gives users the ability to analyze massive amounts of data to predict the structure of real and imagined proteins, enzymes, and other molecular structures. Read more

Open Source Is Going Even More Open—Because It Has To

Open source foundations are nothing new. Linux Foundation has been around since 2007, and other major projects like the Eclipse code editing tool and the Apache web server have been governed this way for even longer. Many of the most important open source projects in recent years, such as the Hadoop big data crunching platform and the database system Cassandra, are managed by the Apache Foundation. But it’s unusual to see so many new foundations created so quickly. Read more