One of desktop Linux’s chief selling points is its near-immunity to malware. Whether this superiority is due to the Unix security measures that Windows lacks, or to the mere fact that comparatively few people use Linux on desktop computers, it makes Linux attractive in an era when all manner of nasty things can be done to computer users by exploiting bugs in the software they run.
Read more »Why Ubuntu and Too Much Trust Can Be Bad
Category: End User Tags:
- Login to post comments
Shred and secure-delete: tools for wiping files, partitions and disks in GNU/Linux
I carry a small, laminated card indicating my subscription to the IUSP (International Union of the Super Paranoid, tin hat division). Well, you can't be too careful. After all, we live in a dangerous world and computers are just an extension of that.
Read more »Category: End User Tags:
Linux Virus: A False Sense Of Security
There seems to be a false sense of security among some Linux users. The number of malicious programs specifically written for GNU/Linux has been on the increase in recent years and in the year of 2005 alone has more than doubled: from 422 to 863.
Read more »Category: Community Tags:
- Login to post comments
Bash Path Security Gotcha!
The devil they say is in details, even the simple Bash path variable can open some security problems on your box. Every Bash documentation out there warns us not leave '.' in the path (it matches current directory). They however don't seems to mention that leaving a dangling ':' (colon) at the beginning or the end of Bash $PATH does create the same security vulnerability.
Read more »- Login to post comments
GNU TLS preferred instead of OpenSSL
"Today I finally decided to work out this element of our task list. We are happy that now MyServer can be distributed under the GPLv3 terms license without any exception. Previously we were using OpenSSL for the HTTPS protocol, it was giving us some licensing troubles as we needed to add an exception to the original GPLv3 license..."
Read more »Category: High End Tags:
- Login to post comments
Ibex design: user switching, presence and session termination
With Intrepid on track to hit the wires today I thought I’d blog a little on the process we followed in designing the new user switcher, presence manager and session management experience, and lessons learned along the way.
Read more »Category: Community Tags:
- Login to post comments
Linux Vendors Increase Security Features
Analysis: Red Hat, Canonical and Novell are enhancing the security features in their Fedora, Ubuntu and OpenSUSE Linux distributions, which are all slated for release later in 2008.
Read more »Category: High End Tags:
- Login to post comments
Eye on Microsoft: Failed Products, Security Issues, and “7” Sins
Category: Opposition Tags:
- Login to post comments
Updating your system: GNU/Linux 5, Windows 0
The pace of software development - regardless of the licence - is pretty fast these days. The state of your systems need constant monitoring. New features, bug-fixes and (most important) security updates need to be properly managed. Here, in no particular order, are five ways that choosing a free operating system will make system maintenance a lot easier and simpler.
Read more »Category: High End Tags:
- Login to post comments
To encrypt or not? That is the question
Even before someone hacked Sarah Palin's Yahoo Mail account I had been wondering whatever happened to encryption.
Read more »- Login to post comments
Video: Linux HOWTO, Secure Your Data with GnuPG
This tutorial shows how you can use GnuPG to secure and verify data on your Linux box but the first part is relevant for Windows users too.
Read more »Category: Beginner Tags:
- Login to post comments
Google Chrome patched, but problems remain
That didn't take long. Google has announced an updated version of Chrome which fixes 'confirmed security vulnerabilities' amongst other things, but plenty of problems remain unsolved...
Read more »Category: End User Tags:
- Login to post comments
SSH Key-based Attacks
US-CERT is aware of active attacks against linux-based computing infrastructures using compromised SSH keys. The attack appears to initially use stolen SSH keys to gain access to a system, and then uses local kernel exploits to gain root access. Once root access has been obtained, a rootkit known as "phalanx2" is installed.
Read more »- Login to post comments
Howto Disable CTRL-ALT-DEL in Ubuntu 8.04 (Hardy Heron) Server
Any user that has physical access to the keyboard can simply use the Ctrl+Alt+Delete key combination to reboot the server without having to log on. Sure, someone could simply unplug the power source, but you should still prevent the use of this key combination on a production server.
Read more »Torvalds: Fed up with the 'security circus'
Creator of the Linux kernel explains why he finds security people to be so anathema.
Read more »- Login to post comments