It is often said that Linux is more secure than Windows, and for enterprise workloads this tends to be very true. Desktop Linux is a completely different use case, and unfortunately security configuration is sadly way behind (read: non-existent).

Buck-Security is a security scanner for Debian and Ubuntu Linux. It helps you to harden your system by running some important security checks. For example, it finds world-writable files and directories, setuid and setgid programs, superuser accounts, and installed attack tool packages.

Shishi is GNU implementation of the Kerberos 5 network authentication system. Shishi can be used to authenticate users in distributed systems. Current work items include improvements on the server (KDC), integration of initial authentication via OpenPGP using GnuTLS, set-passwd implementation, and a LDAP backend for the Shisa library used in the KDC for information storage.

dm-crypt is a device-mapper target that provides transparent encryption of block devices using the new Linux 2.6 cryptoapi.

Eban Moglen suggests this ARM-based, GNU/Linux device as a networking solution to the troubled times now facing the Free Internet. Communicate with networking friends with greater security. See interview below.

IT security company Sense of Security has discovered a serious bug in Apache's HTTP web server, which could allow a remote attacker to gain complete control of a database.

The most common digital security technique used to protect both media copyright and Internet communications has a major weakness, University of Michigan computer scientists have discovered.

The consensus among new Unix and Linux users seems to be that sudo is more secure than using the root account, because it requires you type your password to perform potentially harmful actions. In reality, a compromised user account, which is no big deal normally, is instantly root in most setups.