Stay Ahead With Linux Security Features
threat detection scalability Building a SIEM is easier than scaling one. Most open-source deployments start as a simple "all-in-one" server. It is easy to set up, but that design rarely survives the transition from a lab to a production workload. . A SIEM watching 20 endpoints is not doing the same job as one watching 500. More endpoints mean more logs; more logs require more storage; more storage makes search heavier. Eventually, the very architecture that made your lab easy to deploy becomes the reason your production...
Jun 04, 2026
security advisory apache A newly disclosed attack technique called HTTP/2 Bomb is drawing attention because it targets the software that sits at the front of much of the Linux internet. Apache HTTP Server, NGINX, Envoy, and the ingress layers that many Kubernetes environments depend on can be forced into consuming disproportionate amounts of memory using relatively small amounts of attacker traffic. . For Linux administrators, the concern is not the HTTP/2 protocol itself. It is the possibility that a single...
Jun 04, 2026
security advisory important The compromise of Nx Console shows how much infrastructure now sits behind a single developer account. GitHub repositories, CI/CD pipelines, container build systems, Terraform projects, Kubernetes deployments. None of those systems was the initial target. The workstation was. . Attackers did not need a Linux privilege escalation bug or a remote code execution chain. They needed developers to trust a tool they were already using. For many organizations, that was enough. What Happened? Federal...
Jun 03, 2026
security advisory open-source You remove the malware. You rotate the compromised credentials. You patch the original vulnerability and close the ticket. Two weeks later, the attacker is back. . What happened? You didn't lose the battle at the exploit; you lost it at the cleanup. In many modern Linux intrusions, the malware you found wasn't the main problem—it was the fallback mechanisms left behind. These hooks quietly restore attacker access the moment you look away. If you clean a host but miss these persistence layers,...
Jun 02, 2026
security advisory Red Hat Researchers investigating a campaign now tracked as Miasma found that more than 30 packages in Red Hat's @redhat-cloud-services npm namespace had been altered to deliver credential-stealing malware. . The packages weren't being used to deploy ransomware or sabotage systems. From what has been reported so far, the objective appears to have been much simpler: collect credentials from developer environments and use that access elsewhere. GitHub tokens, cloud credentials, SSH keys, and other...
Jun 02, 2026
Refine features
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security features
We found 4 articles for you...
102
open-sourcesoftware developmentspamassassinGiovanni Bechis Takes Helm of SpamAssassin Project Management Committee
Giovanni Bechis, an Apache SpamAssassin lead developer, recently announced he will be leading SpamAssassin's Project Management Committee (PMC). This is an exciting transition that will advance the project's mission of fighting spam and malicious email threats. Giovanni has brought extensive software development experience and a passion for open-source software to the SpamAssassin team, making him well-suited to guide its ongoing growth and evolution. . Giovanni’s involvement in this project began at a Linux Foundation conference in Prague, where his dissatisfaction as a user generated an engaging dialogue that eventually prompted his direct participation in the project. Giovanni quickly established himself as a key contributor by joining mailing lists and contributing code, driven by his desire to improve SpamAssassin's capabilities in fighting evolving spam threats . Now serving as PMC Chair, Giovanni hopes to generate greater community engagement, drive innovation, and ensure SpamAssassin keeps pace with evolving spam threats. To gain exclusive insights into his new role and future plans for the Apache SpamAssassin project, Guardian Digital sat down with Giovanni to gain critical insights into this exciting transition and the implications for the ongoing battle for robust email spam protection. We decided to share this article with the LinuxSecurity community as well, as many admins rely on open-source projects like SpamAssassin to secure their communications and maximize productivity. Understanding Bechis’ New Role and Responsibilities Giovanni has several key duties as Chair of Apache SpamAssassin’s project management committee. These entail helping steer project direction, promoting collaboration within communities, ensuring communication occurs through public channels, reporting project progress to Board members, and creating software releases while fostering strong community ties. An effective PMC Chair requires technical skills, an ambitious vision of its future direction,and effective communication abilities to ease conflict resolution and hear all community voices. Giovanni possesses all these characteristics, making him ideal for leading SpamAssassin successfully. Giovanni's extensive background as a developer is invaluable in his new role at SpamAssassin. As an experienced developer in this field, Giovanni will have an easier time contributing new ideas and features. Giovanni has demonstrated technical proficiency and innovative thinking during his development work, both attributes that will ensure SpamAssassin stays up-to-date against evolving spam threats. Envisioning the Future of SpamAssassin Spam techniques are constantly evolving, and Giovanni understands the necessity of staying ahead of these threats. He stresses the significance of staying informed of new techniques so he can quickly add countermeasures. "Finding new ways to block spam is an engaging challenge. As Chair of the Project Management Committee, I hope to form a more cohesive developers group every day," Giovanni remarked. His ultimate aim is to foster an efficient team that can respond effectively when facing emerging spam techniques. Maintaining an engaged community is one of Giovanni's primary challenges, which he plans to achieve by actively contributing more frequently to mailing list threads and exploring different communication methods with users. By increasing engagement through mailing lists and exploring other means of interaction with SpamAssassin users, Giovanni intends to build an increasingly engaged and dynamic group around SpamAssassin. Giovanni is eagerly anticipating several upcoming features and enhancements in SpamAssassin. "Within the next release, there will be a Redirector plugin to find more URLs hidden by open redirectors—an issue often present with public services—while improvements will also include better phone number detection capabilities and detection of malware hidden inside PDF or DOC files.” All these enhancements will greatly strengthenSpamAssassin's ability to combat advanced spam techniques. Staying Ahead of New Spamming Tactics and Technologies Staying abreast of emerging spamming tactics and technologies is an integral component of SpamAssassin's success. Giovanni notes, "My daily job involves identifying new email threats for both SNB and Peregrine Computer Consultants Corporation, thus enabling me to better understand the spammer mindset." By adopting an "attacker mentality," Giovanni can devise innovative solutions against emerging threats more efficiently. According to Giovanni, SpamAssassin's effectiveness can be gauged largely by its customers' reduction of spam in their email inboxes. His remarks demonstrate how important feedback loops with customers and new adoption by companies can be in measuring a project's overall impact. Engaging with the Open-Source Community Giovanni intends to engage with the open-source community and attract more contributors for SpamAssassin by participating in conferences and improving documentation . "I plan to attend some upcoming conferences to demonstrate the significance of Apache SpamAssassin for both community members and all internet users," Giovanni stated. By simplifying initial approaches for SpamAssassin software, he hopes to draw in new contributors while further strengthening open-source communities. Giovanni recognizes the value of collaborations and partnerships in further strengthening SpamAssassin. "Any idea could potentially be valuable, and every user or company receiving undetected spam can make contributions," he says. By working together, he hopes to accelerate the discovery of new spam techniques while improving SpamAssassin's effectiveness. Advocating for and Contributing to Open-Source Security Solutions Giovanni provides valuable advice to individuals and organizations that are uncertain whether open-source security solutions are right for them. He notes that open-source security tools often undergo third-party audits or community reviews thatoffer additional assurance of their security. Open-source projects benefit from global community participation, allowing fast identification and patching of vulnerabilities. "With proprietary solutions, update cycles and response times may dictate security response times. On the contrary, Open Source offers direct control of updates and patches," Giovanni explains. Giovanni's passion for contributing to open-source projects stems from an eagerness to learn and improve as a developer constantly. "I enjoy contributing to open-source projects because it allows me to gain new skills daily," he notes. Advice for Aspiring Developers and Security Experts According to Giovanni, aspiring developers and security specialists looking to contribute to SpamAssassin or similar projects should start by subscribing to mailing lists and asking questions. Everyone can contribute, even those not associated with development. “You could help with website content improvements, translations, supporting users in troubleshooting or debugging issues - there are plenty of ways you can get involved!" Giovanni stated. Our Final Thoughts: A Bright Future for Bechis and the SpamAssassin Project Giovanni's appointment as Chair of SpamAssassin's Project Management Committee marks an exciting new chapter for this revolutionary open-source project. His extensive development experience, dedication to collaboration, and proactive strategies against ever-evolving spam threats make him the ideal candidate to drive it forward. By engaging with open-source communities while sharing technical knowledge and maintaining an eye towards future improvements, he hopes to expand SpamAssassin's effectiveness against increasingly problematic spam threats in this role. This article was originally posted to the Guardian Digital Blog. . Giovanni Bechis leads SpamAssassin's Project Management Committee to enhance its open-source email security efforts.. giovanni, bechis, an apache, spamassassin, developer, recently, announced. .Brittany Day
Apr 01, 2025
•
102
security auditssecurity challengesbug bountyOpen Source Security: Addressing Challenges and Embracing Benefits
Open-source software (OSS) adoption has increased dramatically over recent years due to its flexibility and cost-cutting benefits, but whether or not OSS is completely safe is often controversial. Due to its open and collaborative nature, this type of software presents unique advantages and security challenges. . In this article, we will explore both sides of OSS security: its notable advantages and potential drawbacks. We will examine real-life examples of security problems faced by OSS projects and proactive measures being implemented to enhance their protection. By considering both sides, our objective is to give developers and Linux administrators a more holistic understanding of the risks and rewards associated with Open Source. Let's begin by examining some advantages and challenges of adopting OSS. Overview & History of Open-Source Security Open source software (OSS) has long been an essential element of the digital ecosystem, providing transparency and collaborative development to enhance software quality and security. Open Source has its roots in computing history since 1985 when Richard Stallman established the Free Software Foundation and the subsequent creation of the GNU General Public License . Transparency of source code permits thorough security audits by the global community, speeding up the identification and resolution of vulnerabilities faster than closed-source models. Community involvement has increased the adoption of open-source software (OSS) solutions within enterprise environments. Security has always been at the core of open-source software adoption. By permitting anyone to inspect, modify, and improve source code directly, open-source projects utilize global developer communities as an invaluable resource to quickly detect bugs and vulnerabilities in their source code. Open auditing increases trustworthiness and effectiveness in security measures employed by widely used software such as OpenSSL, Linux, and Apache HTTP Server. Open Source also facilitatesfaster responses to security threats, as evidenced by prompt patches and updates in response to exploits. This proactive approach starkly contrasts with proprietary software, where vulnerabilities often remain concealed for far longer. Furthermore, Open Source provides an effective defense strategy against security risks by harnessing its user base's collective knowledge to build robust and resilient systems. Pros of Open-Source Software (OSS) Open Source Software (OSS) offers numerous advantages, making it a popular choice among developers and users. By adhering to principles like transparency, community participation, and adaptability, OSS creates an environment where software can become more secure, resilient, and tailored precisely to its diverse user base. Pro: Anyone May Access and Implement This Code One of the key advantages of open source software (OSS) is its readily accessible source code. However, this opens it up for anyone to inspect. While this allows potential hackers to examine it for vulnerabilities quickly, this transparency enables engineers and developers worldwide to identify and address them swiftly. Hackers often discover vulnerabilities before company engineers do. Conversely, many eyes on open-source software often expedite the detection of security flaws faster. Community-driven monitoring ensures that vulnerabilities are patched quickly. Companies like Mozilla have taken full advantage of this by opening up their source code to community scrutiny. Linus's Law states, "Given enough eyeballs, all bugs are shallow." This phenomenon illustrates one key security advantage of open-source software (OSS). It indicates how openness and transparency allow a large community of developers and users to quickly analyze code, identify vulnerabilities, and provide patches more rapidly than proprietary systems. This collective review process further enhances the security posture of OSS, as bugs are usually caught and fixed faster than bugs in proprietary code. This phenomenonprotects widely used projects like Linux, Apache, and OpenSSL from exploits. Closed-source software takes a "security by obscurity" approach that relies on concealing its source code from public view in the belief that keeping it hidden reduces vulnerabilities from being discovered by malicious actors; however, this method relies heavily on internal teams identifying and patching issues, leaving software exposed and vulnerable. While security by obscurity provides some level of defense through concealment, critics have frequently noted it gives a false sense of security without the community validation that is vital to open source projects' resilience. Pro: Community Participation and Collaboration Open-source software thrives within a collaborative ecosystem where users can provide feedback on fixes, improvements, and new features - an aspect of software development unparalleled in proprietary systems. Mozilla Firefox, an open-source web browser, derives excellent value from its community. Users are encouraged to report bugs, suggest added features, or contribute code directly. Such collaboration helps develop more secure software as users are incentivized to keep it as safe and functional as possible. Pro: Transparency Protects from Malicious Code Hidden Within Frameworks Another significant advantage of open source software (OSS) is that it prevents malicious code from being hidden within software applications. Since all code is readily available for inspection, harmful elements will likely not go undetected and cause harm. With proprietary software, companies have been caught misusing user data. For instance, even when Incognito mode was active, Google was recently exposed for collecting Chrome browsing data. Such practices are difficult to hide when dealing with open-source software, making it more trustworthy. Furthermore, its transparency ensures users understand exactly what their software does, while experts can audit its code for any potentially illicit activities. Pro: Forkingis Used to Rescue Abandoned Projects Software abandonment is a perennial problem. Developers may stop updating and maintaining their programs due to various circumstances. With Open source, "forking" comes to the rescue: taking an existing project and altering it in some way to form new opportunities. LibreOffice was forked from OpenOffice and continues to thrive today. Forking ensures that even if its original developers leave behind an abandoned project, its community can maintain and improve it while addressing security vulnerabilities. Pro: Independent of Any One Company OSS does not depend on a single entity. In contrast, proprietary software relies on an organization, and users who stop receiving support may find themselves without options. With Open Source, even if its original creators abandon their project, the community can take over and continue developing it. LineageOS is an operating system that extends the lifespan of Android devices by offering security updates even after their manufacturer has discontinued support, thus assuring users continue receiving security patches and updates. Cons of Open-Source Software Open Source Software (OSS) offers many advantages, yet it can also have drawbacks that threaten its sustainability and security. Limited resources and community support may hinder OSS' consistency and reliability compared to its proprietary alternatives. Con: Limited Resources While open-source communities are vibrant and vital, many operate with limited resources. Many developers and maintainers work for free out of passion rather than profit. Research indicates that 60% of OSS creators and maintainers are unpaid, and many considered quitting due to financial pressures. Limited funding can negatively impact security updates without adequate resources to maintain and secure open-source software in parallel with proprietary products from well-funded corporations. Con: Risk of Abandonment Though forking provides an escape hatch, project abandonmentremains a real danger. Not all open-source projects can attract enough of a community capable of revitalizing or maintaining them. Smaller projects, particularly, may become obsolete if their original developers lose interest or time supporting them. Abandonment can leave security vulnerabilities unpatched, creating a considerable threat for users who rely on these smaller open-source projects. Con: Dependence on Community for Security OSS security relies heavily on community engagement. While larger communities can help identify and address security issues more quickly, smaller projects or those with lesser appeal might not receive as much consideration, leaving potential vulnerabilities unchecked and the software vulnerable to possible attacks. Examples of Security Concerns in Open-Source Software Although open-source security offers many advantages, it still has vulnerabilities that should be managed carefully. Perhaps most infamously, the Heartbleed bug in the OpenSSL cryptographic library affected millions of systems worldwide for two years before its discovery. Shellshock , a series of security bugs in the Unix Bash shell, also revealed the risks associated with open-source software. Both incidents highlighted how vulnerabilities exist despite the software's open nature. The Critical Role of Responsible Management in Open-Source Security The secure management of open-source projects is crucial for Linux admins and developers. Proactive strategies help reduce risks associated with known vulnerabilities or exploits in OSS. One essential practice is regularly reviewing and applying security patches and updates . Open-source projects benefit from global community vigilance, and updates for vulnerabilities typically become available quickly. Still, timely implementation of patches is vital to ensure systems don't become vulnerable to attacks leading to compromise. Automated tools such as Ansible or Puppet can make this process faster and provide consistent and efficientdeployment of security updates across multiple systems. Regular security audits and vulnerability assessments using tools like OpenVAS or Nessus are also vital to keeping systems secure. They can assist in rapidly detecting vulnerabilities that exist within your systems. Another crucial best practice involves employing role-based access control (RBAC) and adhering to the least privilege (PoLP) principle to limit access to critical components and data. Proper configuration management and inventorying of all open-source components within your environment is key to providing oversight and quickly responding to emerging security threats. You can increase open-source infrastructures' security posture and resilience by embedding these practices into daily operations. Measures & Initiatives Being Taken to Increase Open-Source Software Security Several measures have now often been implemented to strengthen open-source software security. One such measure is regular security audits experts conduct to detect and mitigate vulnerabilities before hackers can exploit them. Furthermore, bug bounty programs incentivize community members to find security issues by offering financial rewards. Popular projects such as Mozilla Firefox and Linux have utilized bug bounty programs effectively to address numerous security problems. Integrated code review processes are another effective strategy. They employ multiple experts to examine each contribution before it is merged, ensuring higher code quality and security. Automated testing frameworks further boost this effort, running thorough security checks on every code change to detect potential vulnerabilities early. Continuous Integration/Continuous Deployment (CI/CD) pipelines also strengthen open-source software security by continually testing and deploying code without the risk of introducing new vulnerabilities into development pipelines. Ongoing education and security training for developers and the community also play an integral role in strengthening thesecurity of open-source software. Many open-source communities offer regular training sessions, webinars, and workshops on secure coding practices to keep users up-to-date. By educating our users on best security practices, we can strengthen the overall security posture of open-source software. Financial support is also crucial to protecting open-source software projects. Initiatives by the Open Source Security Foundation (OpenSSF) offer resources that help maintain and improve open-source security projects. Corporate sponsorships and grants allow developers to devote more resources to improving software security. Our Final Thoughts on the Benefits & Drawbacks of Open-Source Software Open-source software presents both unique advantages and challenges when it comes to security. The openness and transparency of open-source projects play a crucial role in their protection by swiftly identifying vulnerabilities. Unfortunately, other issues, such as limited resources, risk of abandonment, and community support, cannot be ignored when considering security. Although OSS security incidents remain a significant threat, ongoing efforts such as regular code audits, bug bounty programs, automated testing, educational initiatives, and better funding are considerably improving. Furthermore, its collaborative nature continues to transform the landscape, making OSS an attractive and increasingly secure choice for developers and end-users. When managed and supported correctly, open-source software can provide a safe and dependable option, embodying its collaborative spirit at its core. In your opinion, do the security benefits of OSS outweigh the risks? Connect with us @lnxsec and share your thoughts! . Open Source Software security offers transparency and community support but poses challenges like inconsistent quality and compliance risks. Proactive measures boost safety.. Open Source Security, Community Engagement, Bug Bounty Programs, Security Audits, Proactive Measures. . Brittany Day
Dec 04, 2024
•
102
open sourcesecurity resourcescommunity engagementLinuxSecurity Launches Redesigned Website With New Features
Since 1996, LinuxSecurity.com has served as the open-source community’s go-to resource for Linux news & Linux-related information, updates and engagement with community members who share a passion for Linux and security. . After months of development, the site now offers more of the content you love including the latest Linux security news, HOWTOs, advisories and feature articles, along with an assortment of new features and capabilities such as: More intuitive site navigation and an improved look and feel Enhanced User Dashboard offering the ability to create a Profile where you can contribute content, customize the distribution security advisories and RSS feeds you track, Bookmark site content for easy future access and view article comments you have given and received An updated weekly Linux Advisory Watch newsletter offering commentary from our Linux security experts on the week’s most significant advisories, presented in a more readable format The ability to engage with other members of the LinuxSecurity community by commenting on both feature articles and articles contributed by other community members, as well as through participation in frequent community polls Browser notifications that ensure you don’t miss our latest newsletters and feature articles We’re already receiving great feedback from members of the community on our website and the content we provide, and are eager to hear your thoughts on the features and improvements that the new site offers. AlmaLinux Community Manager and loyal LinuxSecurity user Jack Aboutboul raves about LinuxSecurity, “LinuxSecurity is an invaluable resource for developers and Linux admins. Not only does it provide critical security advisories, alerts and news, their content is also well written, thoughtful, useful and enjoyable!” Dancho Danchev, a renowned security researcher and passionate LinuxSecurity user, remarks, “Over the past two decades, the quality content that LinuxSecurity provides has earned thesite great notoriety among the Linux community. LinuxSecurity has been and continues to be a great resource for my Open-Source Intelligence (OSINT) research, and I highly recommend that all Linux security enthusiasts take advantage of this valuable resource!” LinuxSecurity Founder Dave Wreski reflects on his mission in starting LinuxSecurity and comments on what the future holds for the site, “Twenty-five years ago, I founded LinuxSecurity as a way to contribute to the Linux community and as an opportunity to advocate Open Source. The site uniquely serves the needs of a diverse audience that encompasses IT professionals, developers and users seeking to learn more about hacking, programming and Open Source, and does an excellent job of making all community members feel welcome regardless of their knowledge base or level of experience. With the release of the new site, I hope to reach more Linux users and provide them with even more value and an enhanced user experience.” Wreski elaborates, “I encourage all users to explore the new website, create an account and subscribe to our newsletters . If you like what you see, I urge you to share the new site with a friend - it genuinely helps us reach more like-minded people and grow our community!” . After several weeks of effort, the platform now offers enhanced tools for Unix administrators, showcasing updates, alerts, and additional features.. Linux Security News, Open Source Resources, Linux Admin Tools. . Brittany Day
Jun 01, 2021
•
102
security managementuser profilesecurity featuresDiscover New User Profiles And Enhanced Features on LinuxSecurity
Soon we will launch a brand new LinuxSecurity with a completely new experience. As part of a select group of LinuxSecurity users, we'd like to offer you early access to take the site for a spin and let us know what you think. How does it work for you? . Here's a preview of some of the benefits and added capabilities of the new site we know you'll love: Easier, More Intuitive Site Navigation Find what you’re looking for easily and efficiently with more intuitive site navigation. Readily access the information you’re most interested in by customizing the distribution security advisories and RSS feeds you track in your User Profile , and bookmarking site content for easy future access. Personalized User Profiles Enhanced User Dashboard with ability to bookmark articles, track comments and customize your view. Enjoy a rich, interactive user experience with the ability to easily contribute content and view article comments you have given and received. Valuable, Expert Commentary Expert commentary on the week's most significant news that you can use to secure your systems. Engage with community members and security experts on the topics that impact us most. See you there! Explore LinuxSecurity Now> . Unveil the latest enhancements in LinuxSecurity designed for seamless usability and enhanced control in your cybersecurity administration.. User Profiles, Site Navigation, Security Management, Community Interaction. . Brittany Day
May 15, 2021
•
102
open sourceuser feedbackcommunity engagementHelp Us Improve The LinuxSecurity Site Based On Your Feedback
Greetings fellow Linux security enthusiasts! We’re rebuilding our site and need your help! LinuxSecurity is currently undergoing a major overhaul and we would like your input. Got a new feature idea? See something about the current site you don’t like? . This is your chance to get involved and help set the direction of the future site! We’ll also in turn share our results with you, and provide early access to the site when it’s first online. We invite you to share your thoughts, feedback and suggestions by taking a brief survey . LinuxSecurity.com was founded in 1996 by Dave Wreski, an open source enthusiast and security expert, as a contribution to the community, and continues to be today. This is still a community effort - we rely on information and feedback from community members like you to continue providing the type of content and online experience our users prefer. Yours in Open Source, Brittany Content Editor, LInuxSecurity.com . Join us in influencing the direction of LinuxSecurity by sharing your insights and suggestions for new features!. LinuxSecurity Survey, User Feedback, Open Source Community. . Brittany Day
Mar 09, 2021
•
102
open-sourceproject managementcommunity engagementApache SpamAssassin Removes Racially Charged Terms for Inclusivity
Over the past few weeks, a heated debate has arisen on the Apache SpamAssassin users list regarding the replacement of racially charged terms like “whitelist” and “blacklist” used in the Apache Spamassassin Project ’s code with more inclusive language. Certain community members have been very supportive of Apache SpamAssassin’s efforts to remove racially insensitive language from the project, while others have loudly voiced their disapproval. . Guardian Digital , the open source cloud email security company, is committed to the open-source development model and the core values of transparency and inclusion that it embodies. We felt it was important to speak with members of the community about this critical issue and share this story with other leaders and those not directly involved - hopefully inspiring them to take similar action in their communities. A Movement Is Underway in the Open-Source Community Racial tensions in the US are higher than they have been in over 50 years, spotlighting instances of racial injustice and white privilege that have been systematically ignored far too long. Interestingly, a social movement - which began prior to this recently heightened awareness of racial injustice - has already been underway to address racially charged language and conventions online. In light of the current environment, this movement is now gaining momentum and a growing number of organizations are stepping back and rethinking whether the messaging conveyed in their products could be deemed stereotypical or offensive. These organizations are now analyzing the potential changes to make their products and environments more accurate and inclusive. Virtually all significant open-source projects and various tech giants who have adopted open-source software and programs including IBM, Microsoft, Amazon Web Services (AWS), Python and Drupal have already removed language that is potentially racially insensitive, and have found that doing so hasn’t been a significant impediment totheir development efforts. Many other companies and projects are following suit, as the open-source community is faced with the reality that “the future is open source” - as long as open-source projects and initiatives continue to prove that they value equality and moral integrity. Apache SpamAssassin Speaks Out Against Racial Insensitivity and White Privilege Well before the tragic death of George Floyd on May 25th, which sparked heightened awareness of racial inequality around the globe, the Apache Spamassassin Project was actively working on improving the language used in its spam filtration framework by replacing “whitelist” and “blacklist” with terms such as “block”, “deny” and “allow”. For almost a decade, the project had been ahead of its time - using the term “blocklist” at least as early as 2011. After a vote on May 3rd, the Apache SpamAssassin Project Management Committee (PMC) formally decided to remove all racially charged language from Apache SpamAssassin. The first test of this work is already done with “allowlist_to” replacing “whitelist_to” in the 4.0.0 codebase, with no timeline for this release at the moment. Sites running the current "bleeding-edge" development code can expect to see this new language sooner. Kevin A. McGrail, who has been personally been involved with the Apache SpamAssassin Project for nearly two decades and is a member and past chair of the Project Management Committee and past VP of Fundraising and Assistant Treasurer for the foundation, explains from his perspective why the project has chosen to replace “whitelist” and “blacklist” with “welcomelist” and “blocklist”: “Using ‘welcomelist’ and ‘blocklist’ is non-offensive, more descriptive and, since ‘welcome’ and ‘block’ start with ‘W’ and ‘B’, we avoid having to rename things like RBLs, WLBL, DNSBL, etc. This should help minimize the disruption when version 4.0 is released with the renamed configuration options.” Head over to theGuardian Digital blog to read the full article. . Guardian Digital supports Apache SpamAssassin's initiative to replace derogatory terminology with inclusive expressions, promoting equity.. Open Source, Apache SpamAssassin, Inclusive Language, Community Engagement, Social Justice. . Brittany Day
Jul 15, 2020
•
102
open sourcesystem administrationLinux advocacyCelebrating 24 Years of LinuxSecurity as a Security Resource for Everyone
LinuxSecurity.com , the open-source community’s go-to source for security news and information, celebrates providing the Linux community with timely, authoritative industry content for nearly two and a half decades. . The site is a valuable resource for Linux users, system administrators and ethical hackers - informing community members of the latest cyber security-related news, trends and advisories. The comprehensive website design is packed with informative guides and articles to help system administrators, security analysts and developers get answers to their top Linux and open source security questions. LinuxSecurity.com is a resource for information and discussion pertaining to security matters that affect Linux users. The site provides content related to topics including hacking, open-source security products/projects, cryptography, blockchain, AI, machine learning and much more. The LinuxSecurity.com audience is fairly diverse, yet shares a passion for Linux and Open Source and an awareness of the importance of security. Some key features of LinuxSecurity.com include: HOWTOs, Feature Articles and industry news Original feeds for RSS readers Industry polls to highlight trends and current events Newsletters to receive the latest industry analysis Book reviews & interviews with leading experts New comment system and community forums A recent Feature Article examines how Linux users can upgrade their threat detection strategy by deploying honeynets. Since 1996, Linuxsecurity.com has been the most comprehensive resource for all things in the world of security and Open Source. And as Open Source continues its rise in securing the world's information, LinuxSecurity.com is continuing its pursuit of being at the forefront of this exciting growth. “LinuxSecurity.com was started in an effort to chronicle the open-source revolution and to bring the complicated and fast-paced nature of open-source and security to the community in away that was easy to follow,” writes Dave Wreski, open-source security pioneer and founder of the site. “We have watched the site go from something started by a few geeks decades ago to a valuable resource viewed by millions.” Paul D. Robertson, Cybersecurity Expert and moderator of Security-Wizards on Facebook agrees: "From threat intelligence to how-to information, Linuxsecurity.com continues to be a paragon of great information for developers, security professionals and regular users. Two decades of outstanding content are a phenomenal achievement!" Creating an account on LinuxSecurity.com is easy, and provides access to a host of valuable features within the site. Register using a social media account or on the site itself. Newsletters are available that cover topics including current security advisories and a digest of the latest news for the week. A new feedback system makes it easier to reach the site administrators, contribute an article, or address general concerns. LinuxSecurity.com is powered by Guardian Digital, Inc. , the open-source email security company, as a way to give back to the community. Guardian Digital builds business email solutions with an intense focus on security- with unrivalled customer support, designed to ease information technology overhead for its customers. Through LinuxSecurity.com, Guardian Digital aims to help educate and inform as many members of the open-source community as possible about the merits of Open Source. Connect with us: Twitter | Facebook . Essential asset for Linux enthusiasts, system administrators, and ethical penetration testers, delivering updates and perspectives on digital security.. LinuxSecurity, Cybersecurity Resources, Security News, System Admin Insights, Open Source Advocacy. . Brittany Day
Jun 16, 2020
•
102
security resourcescommunity engagementwebsite updateLinuxSecurity.com Unveils New Design to Enhance Security Resources
LinuxSecurity.com, the open-source community’s go-to source for security news and information, has revealed a completely new site design and a renewed focus on providing timely, authoritative industry content. LinuxSecurity.com is a valuable resource for the open-source community, informing Linux users of the latest cyber security-related news, trends and advisories. . The new comprehensive website design is packed with informative guides and articles to help system administrators, security analysts and developers get answers to their top Linux and open source security questions. LinuxSecurity.com is a resource for information and discussion pertaining to security matters that affect Linux users. The site provides content related to topics including hacking, open-source security products/projects, cryptography, blockchain, AI, machine learning and much more. The LinuxSecurity.com audience is fairly diverse and includes Linux users, system administrators, ethical hackers, developers and programmers who share a passion for Linux and Open Source and an awareness of the importance of security. The new LinuxSecurity.com boasts a completely redesigned interface, with a renewed focus by providing commentary, insight and analysis on every article from Linux security experts from around the globe. The purpose is to deliver to the community even more relevant information and background on the most important news in the industry. Some updated and redesigned features of the new website include: HOWTOs, Feature Articles and industry news Original feeds for RSS readers Industry polls to highlight trends and current events Newsletters to receive the latest industry analysis Book reviews & interviews with leading experts New comment system and community forums The most recent LinuxSecurity feature article is an open letter to the Linux community (hyperlink once article is posted), welcoming new visitors and core readers alike to the new website. Since 1996, Linuxsecurity.com has been the most comprehensive resource for all things in the world of security and Open Source. And as Open Source continues its rise in securing the world's information, LinuxSecurity.com is continuing its pursuit of being at the forefront of this exciting growth. Be sure to check out the Community Announcement! “LinuxSecurity.com was started in an effort to chronicle the open-source revolution and to bring the complicated and fast-paced nature of open-source and security to the community in a way that was easy to follow,” writes Dave Wreski, open-source security pioneer and founder of the site. “We have watched the site go from something started by a few geeks decades ago to a valuable resource viewed by millions.” Paul D. Robertson, Cybersecurity Expert and moderator of Security-Wizards on Facebook agrees: "From threat intelligence to how-to information, Linuxsecurity.com continues to be a paragon of great information for developers, security professionals and regular users. Two decades of outstanding content are a phenomenal achievement!" Creating an account on LinuxSecurity.com is easy, and provides access to new features within the site. Register using a social media account or on the site itself. Newsletters are available that cover topics including current security advisories and a digest of the latest news for the week. A new feedback system makes it easier to reach the site administrators, contribute an article, or address general concerns. LinuxSecurity.com is powered by Guardian Digital, Inc., the open-source email security company as a way to give back to the community. Guardian Digital builds business email solutions with an intense focus on security- with unrivalled customer support, designed to ease information technology overhead for its customers. Through LinuxSecurity.com, Guardian Digital aims to help educate and inform as many members of the open-source community as possible about the merits ofOpen Source. Contact: Brittany Day Guardian DIgital, Inc.
Jul 29, 2019
•
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More