Security

Powered by
Puppet: The shortest path to better software.

Preseeding Full Disk Encryption

Usually I try to write articles that are not aimed at a particular distribution. Although I may give examples assuming a Debian-based distribution, whenever possible, I try to make my instructions applicable to everyone. This is not going to be one of those articles. more>>

Minifree Ltd.'s GNU+Linux Computers

Minifree Ltd.—doing business as "Ministry of Freedom"—exists mainly for reasons Linuxers will like: to make it easier for people to get computers that respect their freedom and privacy, and to provide funding for a meaningful project, called Libreboot. more>>

Two Factors Are Better Than One

Although I've always been interested in security, there are just some security measures I've never liked. more>>

SSH Communications Security's Universal SSH Key Manager

Today's IAM solutions, warns enterprise cybersecurity expert SSH Communications Security, fail to address fully the requirements of trusted access. Organizations lack an efficient way to manage and govern trusted access credentials and have no visibility into the activities that occur within the secure channels that are created for trusted access operations. more>>

Secret Agent Man

It used to be that only the paranoid among us focused on strict security practices, yet these days, it seems like people are stepping up their games with respect to encryption, password policy and how they approach their computers in general. Although I always have considered myself more inside that paranoid camp than outside of it, I even have found myself stepping up my game lately. more>>

Smoothwall Express

The award-winning Smoothwall Express open-source firewall—designed specifically to be installed and administered by non-experts—continues its forward development march with a new 3.1 release. more>>

Own Your DNS Data

I honestly think most people simply are unaware of how much personal data they leak on a daily basis as they use their computers. Even if they have some inkling along those lines, I still imagine many think of the data they leak only in terms of individual facts, such as their name or where they ate lunch. more>>

Simple Server Hardening

These days, it's more important than ever to tighten up the security on your servers, yet if you were to look at several official hardening guides, they read as though they were written for Red Hat from 2005. That's because they were written for Red Hat in 2005 and updated here and there through the years. more>>

Understanding Firewalld in Multi-Zone Configurations

Stories of compromised servers and data theft fill today's news. It isn't difficult for someone who has read an informative blog post to access a system via a misconfigured service, take advantage of a recently exposed vulnerability or gain control using a stolen password. more>>

Jetico's BestCrypt Container Encryption for Linux

For users in search of a commercially supported encryption tool for Linux with a backdoor-free guarantee, Jetico recommends its recently updated BestCrypt Container Encryption for Linux 3.0. more>>

ADUPS Android Malware Infects Barnes & Noble

ADUPS is an Android "firmware provisioning" company based out of Shanghai, China. The software specializes both in Big Data collection of Android usage, and hostile app installation and/or firmware control. Google has blacklisted the ADUPS agent in its Android Compatibility Test Suite (CTS). more>>

USMobile, Inc.'s Scrambl3

The special sauce in USMobile, Inc.'s Scrambl3, the mobile app that facilitates "the world's most private calls and messages", is a set of open-source components that create a top-secret-grade VPN, encryption algorithms and internet protocols. more>>

Secure Desktops with Qubes: Extra Protection

This article is the fourth in my series about the Qubes operating system, a security-focused Linux distribution that compartmentalizes your common desktop tasks into individual VMs. more>>

Bruce Nikkel's Practical Forensic Imaging (No Starch Press)

Forensic image acquisition is an important part of the process of after-the-fact incident response and evidence collection. Digital forensic investigators acquire, preserve and manage digital evidence as part of criminal and civil court cases; they examine violations of organizational policy; and they analyze cyber attacks. more>>

FutureVault Inc.'s FutureVault

Though short of Mr Torvalds' aim of world domination, FutureVault, Inc., has set the ambitious goal to "change the way business is done" with its FutureVault digital collaborative vault application. more>>

Syndicate content