Linux Cryptography - Page 40 - Results from #780

Discover Cryptography News

Zimmermann to Network Associates: Sell PGP back to me, or open-source it

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Philip R. Zimmermann, author of encryption program Pretty Good Privacy, is suggesting current owner Network Associates open-source PGP's code as one alternative to the program dying on the vine at the company. "I would strongly prefer PGP be Open Source compared . . .

LinuxSecurity.com Team
Jul 02, 2002

Revised OpenSSH Security Advisory

The OpenSSH team have released updated information concerning their recent OpenSSH advisory. "We feel that this method of releasing served the community best for a "contained" vulnerability of this kind. We do not suggest this is neccessarily the correct information release process for all problems, and as firm believers of full disclosure have never suggested that, though we believe that disclosure must be carefully handled.". . .

LinuxSecurity.com Team
Jul 01, 2002

Seven Common SSL Pitfalls

SSL is an excellent protocol. Like many tools, it is effective if you know how to use it well, but it is also easy to misuse. If you are deploying SSL, there are many pitfalls to be aware of, but with a little work, most can be avoided. In this article, we discuss the seven most common pitfalls when deploying SSL-enabled applications with OpenSSL.. . .

LinuxSecurity.com Team
Jun 28, 2002

OpenSSL, the Cryptography Lego(TM) Set

When I got a new Lego set the other day, I discovered that it made a really cool train. However, it was missing the cow-catcher, so I built one for the Lego engine. There are other things I did to improve . . .

LinuxSecurity.com Team
Jun 27, 2002

Upgrading OpenSSH Remotely Without Rebooting

Brian Hatch, author of Hacking Linux Exposed, wrote in to point out his step-by-step guide for safely upgrading OpenSSH. "Most folks don't realize that you can kill off the sshd server process (the one that forks off copies to handle incoming connections) without killing off any existing connections.. . .

LinuxSecurity.com Team
Jun 26, 2002

Developers issue OpenSSH alert

Open source developers yesterday warned of a significant vulnerability in OpenSSH, a tool that ships with many Linux and Unix flavours. The details of the hole have not been made public because a patch is not yet available, but the secrecy of the developers has caused a schism in the open source community.. . .

LinuxSecurity.com Team
Jun 25, 2002

Significant OpenSSH Vulnerability

In an email addressed to many in the security community today, including LinuxSecurity, Theo de Raadt, lead developer for OpenBSD and OpenSSH, announced an OpenSSH vulnerability. The details of the vulnerability have not yet been made public, but has acknowledged that it is remotely exploitable. Included below are details on what Linux users can do to mitigate the risks until vendors release their updated versions.. . .

LinuxSecurity.com Team
Jun 24, 2002

OpenSSH 3.3 released

Significant changes in this version include improved support for privilege separation, ssh no longer needs to be installed setuid root for protocol version 2 hostbased authentication, and the client options FallBackToRsh and UseRsh are deprecated.. . .

LinuxSecurity.com Team
Jun 21, 2002

Fears of Misuse of Encryption System Are Voiced

A leading European computer security and privacy advocate is challenging an effort by the American computer industry to create a standard to protect software and digital content, calling the plan a smoke screen by established companies to protect their existing markets. . . .

LinuxSecurity.com Team
Jun 20, 2002

COMU Privacy Guard

CPG stands for COMU Privacy Guard. It is a security tool. In essence, it is a web based shell of Gnu Privacy Guard. It ables users to perform main functions of GnuPG on the web. . . .

LinuxSecurity.com Team
May 30, 2002

Introduction to cryptography

The origin of cryptography probably goes back to the very beginning of human existence, as people tried to learn how to communicate. They consequently had to find means to guarantee secrecy as part of their communications. However, the first deliberate use of technical methods to encipher messages may be attributed to the ancient Greeks, around 6 years BC: a stick, named "scytale" was used. The sender would roll a strip of paper around the stick and write his message longitudinally on it. . . .

LinuxSecurity.com Team
May 20, 2002

OpenSSH 3.2.2 Released

OpenSSH 3.2.2 has just been released. Numerous cumulative security changes and general changes have been made, including smartcard and kerberos support.. . .

LinuxSecurity.com Team
May 16, 2002

Enhancing VPN Security with Digital Certificates

Corporations large and small are embracing virtual private networks (VPNs) as a means to build networks that provide secure access for remote and mobile employees. The following discussion compares digital certificates issued from a public key infrastructure (PKI) with the other IPSec authentication options and establishes that digital certificates are the better option for VPN authentication. . . .

LinuxSecurity.com Team
May 13, 2002

OpenSSL 0.9.6d beta 1 released

The OpenSSL project team is pleased to announce the release of version 0.9.6d of our open source toolkit for SSL/TLS. This new OpenSSL version is mostly a bugfix release and incorporates at least 23 changes to the toolkit . . .

LinuxSecurity.com Team
May 10, 2002

SSL Certificates HOWTO

A first hand approach on how to manage a certificate authority (CA), and issue or sign certificates to be used for secure web, secure e-mail, or signing code and other usages. This HOWTO will also deal with non-linux applications: there is no use to issue certificates if you can't use them.. . .

LinuxSecurity.com Team
May 10, 2002

Decoding IPsec: Understanding the Protocols of Virtual Private Networks

Acquiring a deeper understanding of how virtual private networks (VPNs) operate can be a daunting task. It traditionally has required sorting through scattered information and deciphering technical standards that contain a potentially confusing assortment of acronyms and algorithms. But Cisco Technical Solutions Consultant Plamen Nedeltchev and Radoslav Ratchkov, senior software engineer at LSI Logic, are helping to make this task far less arduous by boiling down the complex mathematics of each VPN algorithm and defining their relationships to one another. . . .

LinuxSecurity.com Team
May 10, 2002

GnuPG 1.0.7 released

The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced . . .

LinuxSecurity.com Team
May 08, 2002

Challenging the Man-in-the-Middle

When logging in, several users reported seeing themselves already logged in from strange locations or running funny processes. Most of these folks are generally security-conscious, use strong passwords, and don't fall for the standard social engineering tricks. Because the admin is . . .

LinuxSecurity.com Team
May 01, 2002

ipsec_tunnel: An IPsec tunnel implementation for Linux

I started this project because I was using a number of IPIP tunnels to connect a number of private networks over the Internet, and I needed encryption for a few resons. Above all I wanted to be able to use standard protocols such as FTP and NFS without having to worry about cleartext passwords and snooping.. . .

LinuxSecurity.com Team
Apr 25, 2002

Using GnuPG

GnuPG, the GNU Privacy Guard, is the open source equivalent to PGP, or Pretty Good Privacy, which has been available for Windows, DOS, and some other operating systems for many years. It has all the same features, based on the OpenPGP . . .

LinuxSecurity.com Team
Apr 23, 2002

Linux Cryptography - Page 40

How Passkey Solutions Enhance Open-Source Security

Abyss Locker Ransomware Targets Linux & Windows Users

Linux Foundation Joins Post-Quantum Cryptography Alliance