Security Projects - Page 30
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
If a picture's worth 1,000 words, these illustration and diagrams have a lot to say about security. A dozen interesting and illuminating looks at data center security, image spam, forts and castles, and much more from CSO's archives.
Over the last few days, the internet was lit up by reports of a security hole in the Firefox web browser that allowed anyone to hack into Facebook, Twitter, Yelp or Tumblr. A freelance programmer named Eric Butler wrote an extension to Firefox (which anyone can install) that exploits this hole by grabbing free-floating cookies in Wi-Fi networks attached to the above-named sites.
After years of being outside of the mainline, the AppArmor security system is now finally part of the main Linux kernel. Linux founder Linus Torvalds formally released the 2.6.36 kernel this week nearly three months after the release of the 2.6.35 kernel.
If you use Linux on your company's desktop or server computers, you're already familiar with many of the security advantages the open source operating system offers over its Windows and Mac rivals. What many people don't realize, however, is that Linux can also be used to rescue a computer that has been crippled by malware.
Google is now providing free mobile phone two-factor authentication (2FA) for Google Apps. This demonstrates to the market that 2FA is the right level of security to have for the growing number of cloud-based applications.
System logs generated by servers and other various network apparatus can create data is in vast quantities, and sooner or later, attempts at managing such information in an off-the-cuff fashion is no longer viable.
The best way to secure your business, so the advice of many an IT security consultant appears to increasingly be, is to think like a hacker. Only by understanding how the bad guys get at your data can you truly prevent them succeeding: to catch a hacking bird, you have to become a hacking bird.
An internet voting system designed to allow District of Columbia residents to cast absentee ballots has been put on hold after computer scientists exploited vulnerabilities that would have allowed them to rig elections and view secret data.
Recent surveys have found that small and medium-size businesses are increasingly willing to consider open source tools. Not surprisingly, small businesses and large enterprises are predisposed to different categories of open source software. Survey data suggest that ERP is one category where small businesses are more likely to adopt open source than their large enterprise peers.
Okular and Evince are two excellent, versatile PDF viewers for the Linux platform. The big difference between the two rests in the interface. Evince has a much simpler design. Okular is more focused on a graphical view. If all you do is view documents, then either of these two programs will serve your needs well.
IT and business leaders acknowledge they don't have the staff or expertise to secure their data internally -- at least not without help from outside experts. If you work for a managed security service provider (MSSP), that's good news.
White-hat hackers have uncovered vulnerabilities on the websites of anti-virus firms that created a phishing risk. Cross-site scripting (XSS) bugs of varying severity were found on the websites of Symantec (here), Eset (here) and Panda Security (here) by Team Elite, the white-hat hackers who discovered the flaws. We notified all three firms of the issue and all three responded by plugging the flaws in good time.
"The article is alarmist," said Slashdot blogger Barbara Hudson, referring to a warning about a kernel bug. "It was ONE shared-hosting public-facing server at iWeb.com, among their tens of thousands of servers. "Are you running a publicly-facing shared-host server? No? Then don't worry about it, and when your distro comes out with a new kernel, just update."
A recent Apple patent and a strongly worded report from the National Research Council suggest that the future of biometrics lies with personalization, not security.
Joining a growing number of enterprise and consumer-facing Web services, Google has added support in Google Apps for the OAuth authorization profile, the company announced Monday.
Just as software is everywhere, flaws in most of that software are everywhere too. Flaws in software can threaten the security and safety of the very systems on which they operate. The best way to prevent such vulnerabilities in software is to proactively incorporate security and other non-functional requirements into all phases of Software Development Lifecycle (SDLC).
A group of security researchers began issuing what they said will be a month-long list of undisclosed bugs, as well as detailed binary analysis of known vulnerabilities. The first zero-day: A Linux-based Web hosting console.
A quick burst of 9 links for you to chew over, as picked by the Technology team "Tomorrow's WikiLeakers may have to be sneakier than just dumping military docs onto a Lady Gaga disc. The futurists at Darpa are working on a project that would make it harder for troops to funnel classified material to WikiLeaks
The financial services industry is well ahead of other markets when it comes to making secure coding a reality, but other firms, including smaller independent software vendors, aren't making the effort, according to Ryan Berg, a senior architect of security research for IBM. The CEO within an organization can make the difference, Berg said.
You want a retro hobby with hacker cred? Try competitive lockpicking, which I'd bet is coming soon to a hipster bar near you. Schuyler Towne is a graphic designer, maker, and lockpicker.