LinuxSecurity.com

Syndikovat obsah LinuxSecurity - Security Articles
The central voice for Linux and Open Source security news.
Aktualizace: 26 min 20 sek zpět

GitHub launches 'Security Lab' to help secure open source ecosystem>

15 Listopad, 2019 - 15:18
In GitHub's new 'Security Lab', fourteen companies unite get together to search, find, and fix security flaws in GitHub-hosted open source projects. Learn more in an interesting ZDNet article:
Kategorie: Hacking & Security

Brave 1.0 launches, extends ad-watching payouts to iOS>

15 Listopad, 2019 - 14:12
Nearly four years after the Brave browser inserted its we-will-pay-for-your attention pitch into the adblockers v. publishers war, it’s finally showtime. Brave 1.0 promises privacy, security, speed and ad-watching payouts. Are you using Brave 1.0? If so, we'd love to hear what you think of the browser. Learn more:
Kategorie: Hacking & Security

Canonical Outs Major Linux Kernel Security Updates for All Supported Ubuntu OSes>

14 Listopad, 2019 - 11:46
Are you an Ubuntu user? Canonical has released a new batch of Linux kernel security updates for all of its supported Ubuntu Linux releases to address the latest Intel CPU vulnerabilities, as well as other important flaws. Learn more:
Kategorie: Hacking & Security

Linux vs. Zombieland v2: The security battle continues>

14 Listopad, 2019 - 11:37
Have you heard about the latest Intel CPU bug, Zombieland v2? Learn more about this security vulnerability and what Red Hat and other Linux vendors are doing about it in an informative ZDNet article:
Kategorie: Hacking & Security

Technology and Policymakers>

14 Listopad, 2019 - 11:27
Technology should not be separated from policy; however, in reality there is very little intersection between the two. "Policymakers need to recognize this danger, and to welcome a new generation of technologists to help solve the socio-technical policy problems of the 21st century. We need to create ways to speak tech to power -- and power needs to open the door and let technologists in." Read more about this issue and how it can be remedied in a great Schneier on Security article:
Kategorie: Hacking & Security

Ring Doorbells Had Security Bug That Exposed Wi-Fi Passwords To Hackers>

13 Listopad, 2019 - 11:44
Are you a Ring doorbell owner? Have you heard about the security bug that researchers discovered in Ring doorbells that sent Wi-Fi passwords over the network in plain HTTP rather than being encrypted? Learn more:
Kategorie: Hacking & Security

Intel, Mozilla, Red Hat, and Fastly partner to make WebAssembly a cross-platform runtime>

13 Listopad, 2019 - 11:28
Intel, Mozilla, Red Hat, and Fastly announced today the creation of the Bytecode Alliance, an open-source foundation that will work to make WebAssembly into a cross-platform runtime that can be used on native mobile, desktop, and server environments, and not just inside browsers. The Bytecode Alliance's main goal is to promote the use of security-hardened WebAssembly tools. Learn more in an interesting ZDNet article: 
Kategorie: Hacking & Security

Fooling Voice Assistants with Lasers>

12 Listopad, 2019 - 11:41
Siri, Alexa, and Google Assistant are vulnerable to attacks that use lasers to inject inaudible­ -- and sometimes invisible­ -- commands into the devices and surreptitiously cause them to unlock doors, visit websites, and locate, unlock, and start vehicles, researchers report in a research paper published on Monday. Dubbed Light Commands, the attack works against Facebook Portal and a variety of phones. Learn more in an interesting Schneier on Security blog post:
Kategorie: Hacking & Security

Virtual(ly) Private Network: NordVPN’s Breach and the Limitations of VPNs>

12 Listopad, 2019 - 11:19
The popular VPN provider, NordVPN, recently announced a server breach at a third-party data center. This breach has led many users to question what the best strategy is for protecting their privacy and security online. Learn about VPNs and how VPN services can better protect their users in a great EFF article:
Kategorie: Hacking & Security

We’ve got to regulate the application of AI — not the tech itself>

11 Listopad, 2019 - 10:35
We agree with Asheesh Mehra of The Next Web that regulating the application of AI, not the technology itself, will keep the use of AI fair and ethical while still fostering innovation with AI. What is your opinion on this approach? Learn more:
Kategorie: Hacking & Security

India is going ahead with its facial recognition program despite privacy concerns>

11 Listopad, 2019 - 10:22
The Indian government has played down fears of mass surveillance in response to concerns that its proposed facial recognition system lacks adequate oversight. What are your thoughts on this system and the privacy concerns surrounding it? Learn more in a great The Next Web article:
Kategorie: Hacking & Security

Why Adding Client-Side Scanning Breaks End-To-End Encryption>

8 Listopad, 2019 - 11:19
Recent attacks on encryption have diverged. On the one hand, we’ve seen Attorney General William Barr call for “lawful access” to encrypted communications, using arguments that have barely changed since the 1990’s. But we’ve also seen suggestions from a different set of actors for more purportedly “reasonable” interventions, particularly the use of client-side scanning to stop the transmission of contraband files, most often child exploitation imagery (CEI). What are your thoughts on client-side scanning and its privacy implications? Learn more in a great EFF article:
Kategorie: Hacking & Security

DNS-over-HTTPS will eventually roll out in all major browsers, despite ISP opposition

8 Listopad, 2019 - 11:02
All six major browser vendors have plans to support DNS-over-HTTPS (or DoH), a protocol that encrypts DNS traffic and helps improve a user's privacy on the web. Learn more about this protocol, which is already present in all major browsers, that users love and ISPs hate in an interesting ZDNet article:
Kategorie: Hacking & Security

Microsoft: Defender ATP is coming to Linux in 2020

7 Listopad, 2019 - 11:05
Microsoft is planning to bring its Defender antivirus to Linux systems next year and will be giving a demo of how security specialists can use Microsoft Defender at the Ignite Conference this week. What are your thoughts on this announcement? Get the details in a great ZDNet article:
Kategorie: Hacking & Security

Libarchive vulnerability can lead to code execution on Linux, FreeBSD, NetBSD

6 Listopad, 2019 - 12:15
Google has discovered a Libarchive vulnerability which can lead to code execution on Linux, FreeBSD and NetBSD. Learn more about the security bug and its implications for Linux users in an informative ZDNet article:
Kategorie: Hacking & Security

Explained: How New 'Delegated Credentials' Boosts TLS Protocol Security

6 Listopad, 2019 - 11:38
Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called "Delegated Credentials for TLS." Delegated Credentials for TLS is a new simplified way to implement "short-lived" certificates without sacrificing the reliability of secure connections. Learn more about Delegated Credentials for TLS in an informative The Hacker News article:
Kategorie: Hacking & Security

Report: The Government and Tech Need to Cooperate on AI

6 Listopad, 2019 - 11:32
Americas national security depends on the government getting access to the artificial intelligence breakthroughs made by the technology industry. So says a report submitted to Congress on Monday by the National Security Commission on Artificial Intelligence. It also warns that AI-enhanced national security apparatus like autonomous weapons and surveillance systems will raise ethical questions. Learn more in an interesting Wired article:
Kategorie: Hacking & Security

US Department of Justice push for encryption backdoors might run afoul of First Amendment

5 Listopad, 2019 - 11:48
Is encryption code speech? Earlier court rulings suggest that it is, legally, and therefore subject to First Amendment protections. What are your thoughts? Learn more in a great CSO article:
Kategorie: Hacking & Security

Mozilla Urges Facebook and Google to Pause Political Ads

5 Listopad, 2019 - 10:07
The Mozilla Foundation and a group of rights groups and non-profits have penned an open letter to Facebook and Google urging them to halt political advertising until after the upcoming UK General Election due to concerns about disinformation, lack of transparency and the data that is being used to target these ads. What is your opinion on this? We'd love to have a discussion. Learn more:
Kategorie: Hacking & Security