Security

SourceClear's Commit Watcher

Someone accidentally commits private AWS keys to an open-source project and ends up handing candy to a bitcoin miner. more>>

Tor 0.2.8.6 Is Released

The latest version of the Tor project was released this week, offering greater security and anonymity to individuals and organizations. Here's why you should care. more>>

Stunnel Security for Oracle

Oracle has integrated modern Transport Layer Security (TLS) network encryption into its eponymous database product, and TLS usage no longer requires the Advanced Security option beginning with the 10.2 database release. more>>

SourceClear Open

Open source and DevOps have been a boon to software development. more>>

Libarchive Security Flaw Discovered

When it comes to security, everyone knows you shouldn't run executable files from an untrustworthy source. Back in the late 1990s, when web users were a little more naive, it was quite common to receive infected email messages with fake attachments. more>>

Snappy Moves to New Platforms

Canonical's Snappy package manager is taking its first steps outside the Ubuntu world. As of now, you can install it on Arch, Debian, Fedora and several other popular distros. more>>

Apricorn's Aegis Secure Key 3.0 USB Drives

Packing a mighty punch in a tiny package is the Apricorn's Aegis Secure Key 3.0 line of software-free, hardware-encrypted USB drives, which recently added a 480GB version. more>>

Contrast Security's Contrast Enterprise

With more and more businesses running on the Node.js server-side JavaScript runtime environment, application vulnerabilities are a growing threat to entire organizations. more>>

Secure Desktops with Qubes: Installation

This is the second in a multipart series on the Qubes operating system. In my first article, I gave an overall introduction to Qubes and how it differs from most other desktop Linux distributions, namely in the way it focuses on compartmentalizing applications within different VMs to limit what attackers have access to in the event they compromise a VM. more>>

Secure Desktops with Qubes: Introduction

This is the first in a multipart series on Qubes OS, a security-focused operating system that is fundamentally different from any other Linux desktop I've ever used and one I personally switched to during the past couple months. more>>

The FBI and the Mozilla Foundation Lock Horns over Known Security Hole

The Mozilla Foundation and the FBI recently have clashed over security weaknesses. The FBI is aware of a weakness in the Tor browser that may affect Firefox—it's a weakness the FBI has exploited during an investigation. more>>

Privacy and the New Math

Among the countless essays and posts I've read on the fight over crypto that's been going on between Apple and the FBI, one by the title above by T.Rob Wyatt in Medium stood out so well that I asked if he'd like to help me adapt it into an article for Linux Jou more>>

Secure File Transfer

File transfer between Linux systems (and perhaps all POSIX systems in general) is in some ways a neglected subject. The arcane protocols in common use are far from secure, and the SSH replacements offer too much power and complexity. more>>

Upcoming Webinar: When the Golden Master Tarnishes

Servers are generated – often with a ‘golden master’ and then left never to be checked or examined from a security perspective. This session discusses the ways the server settings can degrade, the undesirable effects this may have on your organization and how you can avoid both. more>>

Transferring Conserver Logs to Elasticsearch

If your organization manages Linux, AIX, HP-UX or Solaris servers in-house, chances are your system administrators at least occasionally need low-level access to those devices. Typically, administrators use some kind of serial console—for example, traditional serial port, Serial-over-LAN or Intelligent Platform Management Interface (IPMI). more>>

Syndicate content