Linux Security

LinuxSecurity.com: Google now offers an extension for Chrome that automates the process of adding the secure Google search site as a search engine to the Chrome 6.x branch. Google SSL Web Search is an extension, still in beta, that works with Chrome 6.0.419.0 and later on Windows and Linux computers.

LinuxSecurity.com: Linux is inherently not a secure operating system. The reason it's not secure is because Linux was based on the architectural design of UNIX, and the creators of UNIX didn't care about security - it was 1969 after all.

LinuxSecurity.com: A Russian man accused of selling stolen credit card numbers online for nearly a decade has been arrested in Nice, France, and faces charges in an indictment unsealed Wednesday, the U.S. Department of Justice said.

LinuxSecurity.com: We all know how annoying fingerprints on touchscreens can be, but now researchers believe they can actually leave your mobile phone susceptible to hacking.

LinuxSecurity.com: Akamai Technologies continues to study the massive DDoS attacks that brought government websites to a standstill last year. The picture keeps getting uglier, but emergency planning hasn't improved.

LinuxSecurity.com: The organisers of the Black Hat conference series may withhold details of selected talks at future events to avoid pressure from outside groups to cancel them.

LinuxSecurity.com: A server-based botnet that preys on insecure websites is flooding the net with attacks that attempt to guess the login credentials for secure shells protecting Linux boxes, routers, and other network devices.

LinuxSecurity.com: Browsing in "private mode" isn't as private as users think, a researcher said today. "There are some traces left behind [by all browsers] that could reveal some of the sites that you've been to," said Collin Jackson, an assistant research professor at the Silicon Valley campus of Carnegie Mellon University. Jackson, along with three colleagues from Stanford University, will present their findings later today at the Usenix Security Symposium in Washington, D.C.

LinuxSecurity.com: A bug in Facebook's login system allows attackers to match unknown email addresses with users' first and last names, even when they've configured their accounts to make that information private.

LinuxSecurity.com: Flattr, the micropayment startup founded by ex-Pirate Bay associates, has opened to the public today. No longer will you need an invite in order to add the Flattr button to your web site as a publisher or to give support to the sites you visit with real money.

LinuxSecurity.com: Let's say you're in charge of the security of an online app store -- any app store will do, whether it be Apple's App Store, Android's Market, or even one of the many Linux app repositories. Your customers' computing safety depends to a large degree on the work you do.

LinuxSecurity.com: Ever wonder how lolspeak, the language of lolcats could be used to secure Linux? At LinuxCon, Joshua Brindle from Linux security vendor Tresys detailed something he called lolpolicy for making SELinux security policies easier to manage.

LinuxSecurity.com: Voltaire is famous for noting that the main problem with common sense is that it's not all that common. Proof of that abounds in the security industry, where people who should know better do idiotic things daily, according to Roger G. Johnston, a member of the vulnerability assessment team at Argonne National Laboratory.

LinuxSecurity.com: It's 3 a.m., and you get the call: There has been a breach. You don't know much about it, just what the first responder could quickly relay. Upon arriving and assembling your team, you realize the situation is very serious. A database containing highly sensitive information has been compromised.

LinuxSecurity.com: Not only is open-source software thriving in systems management but across businesses as a whole, according to a new survey released Tuesday. A nearly 4-year-long survey of open-source systems management usage compiled by open-source software developer Zenoss showed that 98 percent of the respondents said they used open-source software in their enterprises.

LinuxSecurity.com: There is a widely held belief that Linux is a completely secure operating system. But to Brad Spengler of the grsecurity project, the belief is far from accurate. And he has the kernel exploits to prove it.

LinuxSecurity.com: Consumers and businesses in Great Britain have lost more than $1 million so far this summer from a Trojan that is infecting their computers, prompting them to log into their bank accounts, and then is surreptitiously transferring money to scammers in other countries, security researchers said on Tuesday.

LinuxSecurity.com: Google and Verizon unveiled a proposal to maintain an open Internet while creating room for a broadband network of premium services. The proposal has no legal standing whatsoever, and is basically a policy paper on network neutrality for consideration by Congress and the Federal Communications Commission.

LinuxSecurity.com: irst, if you want to hack your Novel then you really should visit SlateDroid and check out the Novel forum. That's where you can find help with troubleshooting. I'm not refusing to help; I just want to do it in a forum setting (it's easier).

LinuxSecurity.com: Significant weaknesses in the common configuration of Kerberos-based authentication servers could allow attackers to more easily circumvent security measures in networks that rely on the open authentication standard, according to recent research presented by consultants at the recent Black Hat USA 2010 conference.