Security

SourceClear Open

Open source and DevOps have been a boon to software development. more>>

Libarchive Security Flaw Discovered

When it comes to security, everyone knows you shouldn't run executable files from an untrustworthy source. Back in the late 1990s, when web users were a little more naive, it was quite common to receive infected email messages with fake attachments. more>>

Snappy Moves to New Platforms

Canonical's Snappy package manager is taking its first steps outside the Ubuntu world. As of now, you can install it on Arch, Debian, Fedora and several other popular distros. more>>

Apricorn's Aegis Secure Key 3.0 USB Drives

Packing a mighty punch in a tiny package is the Apricorn's Aegis Secure Key 3.0 line of software-free, hardware-encrypted USB drives, which recently added a 480GB version. more>>

Contrast Security's Contrast Enterprise

With more and more businesses running on the Node.js server-side JavaScript runtime environment, application vulnerabilities are a growing threat to entire organizations. more>>

Secure Desktops with Qubes: Installation

This is the second in a multipart series on the Qubes operating system. In my first article, I gave an overall introduction to Qubes and how it differs from most other desktop Linux distributions, namely in the way it focuses on compartmentalizing applications within different VMs to limit what attackers have access to in the event they compromise a VM. more>>

Secure Desktops with Qubes: Introduction

This is the first in a multipart series on Qubes OS, a security-focused operating system that is fundamentally different from any other Linux desktop I've ever used and one I personally switched to during the past couple months. more>>

The FBI and the Mozilla Foundation Lock Horns over Known Security Hole

The Mozilla Foundation and the FBI recently have clashed over security weaknesses. The FBI is aware of a weakness in the Tor browser that may affect Firefox—it's a weakness the FBI has exploited during an investigation. more>>

Privacy and the New Math

Among the countless essays and posts I've read on the fight over crypto that's been going on between Apple and the FBI, one by the title above by T.Rob Wyatt in Medium stood out so well that I asked if he'd like to help me adapt it into an article for Linux Jou more>>

Secure File Transfer

File transfer between Linux systems (and perhaps all POSIX systems in general) is in some ways a neglected subject. The arcane protocols in common use are far from secure, and the SSH replacements offer too much power and complexity. more>>

Upcoming Webinar: When the Golden Master Tarnishes

Servers are generated – often with a ‘golden master’ and then left never to be checked or examined from a security perspective. This session discusses the ways the server settings can degrade, the undesirable effects this may have on your organization and how you can avoid both. more>>

Transferring Conserver Logs to Elasticsearch

If your organization manages Linux, AIX, HP-UX or Solaris servers in-house, chances are your system administrators at least occasionally need low-level access to those devices. Typically, administrators use some kind of serial console—for example, traditional serial port, Serial-over-LAN or Intelligent Platform Management Interface (IPMI). more>>

NVIDIA Releases New Blobs--Too Little Too Late?

Although some companies have embraced the world of free software with open arms, there are many who haven't. NVIDIA is one name that comes to mind. Its reputation in the Linux world is far from stellar, but maybe its recent actions will help mend some bridges. more>>

Server Hardening

Server hardening. The very words conjure up images of tempering soft steel into an unbreakable blade, or taking soft clay and firing it in a kiln, producing a hardened vessel that will last many years. Indeed, server hardening is very much like that. more>>

Securi-Pi: Using the Raspberry Pi as a Secure Landing Point

Like many LJ readers these days, I've been leading a bit of a techno-nomadic lifestyle as of the past few years—jumping from network to network, access point to access point, as I bounce around the real world while maintaining my connection to the Internet and other networks I use on a daily basis. more>>

Syndicate content