Security Projects - Page 28

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Strengthen Your Linux Software Development Pipeline with Code Security Scanners

Developers recognize the critical nature of protecting software systems as cyberattacks grow more sophisticated, thus necessitating robust security measures in development lifecycle processes. Code security scanners play a vital role here. These tool...
Oct 14, 2024
  0

Linux Security Modules (LSM): SELinux vs AppArmor vs TOMOYO

Linux has long been celebrated for its versatility, rob...
Sep 25, 2024
  0
1.Penguin Landscape Esm H115

OpenSSL's New Governance Structure: A Beacon of Progress for Open-Source Security

On July 24, 2024, OpenSSL took an extraordinary step to...
Jul 31, 2024
  0
5.ShakingHands Esm H115

Discover Security Projects News

Security Researcher Discovers Baseband Hacking

Security Researcher Discovers Baseband Hacking

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A security researcher by the name of Ralf-Phillip Weinmann says he has discovered a baseband hack that allows for malicious code to be sent to mobile devices. According to the report, it takes advantage of bugs found within the firmware of cellphone chipsets sold my manufacturers such as Qualcomm and Infineon Technologies.

Google pays record bounty for Chrome bug

Google pays record bounty for Chrome bug

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Google patched 16 vulnerabilities in Chrome on Thursday, paying one researcher a record $3,133 for reporting a single bug. The flaws fixed in Chrome 8.0.552.334 were in several components, including the browser's support for extensions, its built-in PDF viewer, and CSS (cascade style sheet) processing.

The anti-CES: Creating a community of hackers in Vegas

The anti-CES: Creating a community of hackers in Vegas

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

"It's not a social city," said Vegas resident Evan Pipho, a programmer who, with Jeff Rosowski, is trying to find a way to bring the city's hackers, makers and coders together. Thanks to the pair, Las Vegas has its own Dorkbot chapter and they are in the process of setting up a hackerspace in Mr Rosowski's garage.

Software security: Honesty is the best policy

Software security: Honesty is the best policy

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Every developer knows the importance of issuing security patches. Unexpected bugs that lead to software vulnerabilities are virtually unavoidable; the key is to acknowledge them when they're discovered and issue fixes before they can be widely exploited. But what do you do when you believe vulnerabilities may have been introduced into your code base intentionally?

Move your security career forward by looking back

Move your security career forward by looking back

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As 2010 drew to a close, I received a note from a colleague reflecting on the year part and thanking me for my mentorship and counsel. Reading his note reminded me that often the best path forward starts by looking back. As we welcome a new year full of ambition and opportunity, this is the perfect time to reflect on the previous year(s) to set the stage for a productive and successful 2011.

Security Reminder - using the Linux kernel in industrial projects

Security Reminder - using the Linux kernel in industrial projects

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security of industrial Open Source software starts at establishing trustworthy sources from the outset - this small effort will not provide 100% security but, nevertheless, a clear increase. The Stuxnet virus incident should remind us that we need to know what is going on inside the software that we trust not only our economic livelihood on but also our safety. Open Source is not exempted in any way from use with malicious intent.

How your secure your Linux system

How your secure your Linux system

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Are you running Linux just because you think it's safer than Windows? Think again. Sure, security is a built-in (and not a bolt-on) feature and extends right from the Linux kernel to the desktop, but it still leaves enough room to let someone muck about with your /home folder.

SSL Certificates For PostgreSQL

SSL Certificates For PostgreSQL

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This describes how to set up ssl certificates to enable encrypted connections from PgAdmin on some client machine to postgresql on a server machine. The assumption is that postgresql (compiled with ssl support) and openssl are already installed and functional on the server (Linux). PgAdmin is already installed on the client (either Windows or Linux).

Marcus Ranum on 2011 Security Outlook

Marcus Ranum on 2011 Security Outlook

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If Marcus Ranum were your CISO, this would be his resolution for 2011: To plan a "War Games" style exercise. "It's very enlightening for everybody," says Ranum, a noted security thought-leader, :and it actually helps a great deal in helping sell the need for security to the entire executive team."

OpenBSD: audits give no indication of back doors

OpenBSD: audits give no indication of back doors

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

So far, the analyses of OpenBSD's crypto and IPSec code have not provided any indication that the system contains back doors for listening to encrypted VPN connections. The OpenBSD developers started the code audit to investigate allegations made by Gregory Perry, the former CTO of crypto company NetSec. In an email to OpenBSD founder Theo de Raadt, Perry had accused developer Jason Wright and others of having built back doors into the IPSec stack. De Raadt made the email public and presented Perry's allegations for discussion.

Openwall Linux 3.0 brings new features

Openwall Linux 3.0 brings new features

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Marking nearly 10 years of Openwall GNU/*/Linux, the Openwall Project developers have released version 3.0 of Openwall. Openwall GNU/*/Linux, also known as Owl for short, is a small, security-enhanced distribution of Linux aimed at servers, appliances and virtual appliances.

Attention hackers: holiday hacking contest

Attention hackers: holiday hacking contest

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Ethical Hacker Network (EH-Net) is more than a free online magazine for security professionals as it also acts almost like an educational portal for newbies interested in security. Every year like a Christmas tradition, EH-Net features a holiday hacking challenge written by security attack and defense guru Ed Skoudis. The 2010 skills challenge is The Nightmare Before Charlie Brown's Christmas.

Sandboxing: Welcome to the dawn of the two-exploit era

Sandboxing: Welcome to the dawn of the two-exploit era

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Exploitation of just ONE software vulnerability is typically all that separates the bad guys from compromising an entire machine. The more complicated the code, the larger the attack surface, and the popularity of the product increases the likelihood of that outcome. Operating systems, document readers, Web browsers and their plug-ins are on today

Google Android 2.3 Source Code Released

Google Android 2.3 Source Code Released

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Google has released the Android 2.3 Gingerbread source code, one day after Samsung's Nexus S smartphone went on sale in the US. The Nexus S is the first device to run the new Android operating system and comes equipped with Near Field Communications technology used to make micro-payments via the smartphone.

WikiLeaks 101: Q&A With An Internet Security Expert

WikiLeaks 101: Q&A With An Internet Security Expert

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

WikiLeaks has gone down, returned, gone down again, returned and other sites have been taken down by supporters of WikiLeaks like Visa.com. From a technical standpoint, what is happening exactly and what will happen next in this ongoing cyberspace saga? HuffPost Tech asked SafeCentral CTO Ray Dickenson to help us break it all down based on his Internet security expertise.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved