Security Projects - Page 29

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12

The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12. This announcement has significant ramifications for secure Linux system administration, ...
Dec 06, 2024
  0

Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins

The Arch Linux 2024.12.01 ISO release marks&n...
Dec 03, 2024
  0
19.Laptop Bed Esm H115

Deck the Halls with Enhanced Security: Linux Kernel 6.13's Top Features & Improvements

As Linux admins and infosec professionals prepare for t...
Dec 02, 2024
  0
1.Penguin Landscape Esm H115

Discover Security Projects News

Software security: Honesty is the best policy

Software security: Honesty is the best policy

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Every developer knows the importance of issuing security patches. Unexpected bugs that lead to software vulnerabilities are virtually unavoidable; the key is to acknowledge them when they're discovered and issue fixes before they can be widely exploited. But what do you do when you believe vulnerabilities may have been introduced into your code base intentionally?

Move your security career forward by looking back

Move your security career forward by looking back

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As 2010 drew to a close, I received a note from a colleague reflecting on the year part and thanking me for my mentorship and counsel. Reading his note reminded me that often the best path forward starts by looking back. As we welcome a new year full of ambition and opportunity, this is the perfect time to reflect on the previous year(s) to set the stage for a productive and successful 2011.

Security Reminder - using the Linux kernel in industrial projects

Security Reminder - using the Linux kernel in industrial projects

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security of industrial Open Source software starts at establishing trustworthy sources from the outset - this small effort will not provide 100% security but, nevertheless, a clear increase. The Stuxnet virus incident should remind us that we need to know what is going on inside the software that we trust not only our economic livelihood on but also our safety. Open Source is not exempted in any way from use with malicious intent.

How your secure your Linux system

How your secure your Linux system

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Are you running Linux just because you think it's safer than Windows? Think again. Sure, security is a built-in (and not a bolt-on) feature and extends right from the Linux kernel to the desktop, but it still leaves enough room to let someone muck about with your /home folder.

SSL Certificates For PostgreSQL

SSL Certificates For PostgreSQL

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This describes how to set up ssl certificates to enable encrypted connections from PgAdmin on some client machine to postgresql on a server machine. The assumption is that postgresql (compiled with ssl support) and openssl are already installed and functional on the server (Linux). PgAdmin is already installed on the client (either Windows or Linux).

Marcus Ranum on 2011 Security Outlook

Marcus Ranum on 2011 Security Outlook

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If Marcus Ranum were your CISO, this would be his resolution for 2011: To plan a "War Games" style exercise. "It's very enlightening for everybody," says Ranum, a noted security thought-leader, :and it actually helps a great deal in helping sell the need for security to the entire executive team."

OpenBSD: audits give no indication of back doors

OpenBSD: audits give no indication of back doors

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

So far, the analyses of OpenBSD's crypto and IPSec code have not provided any indication that the system contains back doors for listening to encrypted VPN connections. The OpenBSD developers started the code audit to investigate allegations made by Gregory Perry, the former CTO of crypto company NetSec. In an email to OpenBSD founder Theo de Raadt, Perry had accused developer Jason Wright and others of having built back doors into the IPSec stack. De Raadt made the email public and presented Perry's allegations for discussion.

Openwall Linux 3.0 brings new features

Openwall Linux 3.0 brings new features

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Marking nearly 10 years of Openwall GNU/*/Linux, the Openwall Project developers have released version 3.0 of Openwall. Openwall GNU/*/Linux, also known as Owl for short, is a small, security-enhanced distribution of Linux aimed at servers, appliances and virtual appliances.

Attention hackers: holiday hacking contest

Attention hackers: holiday hacking contest

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Ethical Hacker Network (EH-Net) is more than a free online magazine for security professionals as it also acts almost like an educational portal for newbies interested in security. Every year like a Christmas tradition, EH-Net features a holiday hacking challenge written by security attack and defense guru Ed Skoudis. The 2010 skills challenge is The Nightmare Before Charlie Brown's Christmas.

Sandboxing: Welcome to the dawn of the two-exploit era

Sandboxing: Welcome to the dawn of the two-exploit era

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Exploitation of just ONE software vulnerability is typically all that separates the bad guys from compromising an entire machine. The more complicated the code, the larger the attack surface, and the popularity of the product increases the likelihood of that outcome. Operating systems, document readers, Web browsers and their plug-ins are on today

Google Android 2.3 Source Code Released

Google Android 2.3 Source Code Released

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Google has released the Android 2.3 Gingerbread source code, one day after Samsung's Nexus S smartphone went on sale in the US. The Nexus S is the first device to run the new Android operating system and comes equipped with Near Field Communications technology used to make micro-payments via the smartphone.

WikiLeaks 101: Q&A With An Internet Security Expert

WikiLeaks 101: Q&A With An Internet Security Expert

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

WikiLeaks has gone down, returned, gone down again, returned and other sites have been taken down by supporters of WikiLeaks like Visa.com. From a technical standpoint, what is happening exactly and what will happen next in this ongoing cyberspace saga? HuffPost Tech asked SafeCentral CTO Ray Dickenson to help us break it all down based on his Internet security expertise.

Why security pros fail (and what to do about it)

Why security pros fail (and what to do about it)

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

You've probably heard the phrase, "Failure is the key to success." But are security professionals really learning from their mistakes? As identity theft and online risks keep growing, is our industry rising to the challenge or repeating the miscues of the past? While security technology is improving, the bad guys also have access to better tools. So are the good guys working smarter?

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved