Government

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Discover Government News

European Court of Human Rights Declares Backdoored Encryption Illegal

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The European Court of Human Rights (ECHR) has made a major decision, ruling that laws requiring weakened encryption and extensive data retention violate the European Convention on Human Rights. In a recent case involving Russia's demand for Telegram to provide encryption assistance, the Court stated that such legislation cannot be considered necessary in a democratic society.

Debian Issues Statement about the EU Cyber Resilience Act

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The EU Cyber Resilience Act (CRA) and the Product Liability Directive (PLD) aim to introduce a set of cybersecurity and vulnerability handling requirements for manufacturers, with the intention to improve security. However, the Debian project has issued a statement raising concerns about the negative implications for the open-source community and contributors.

Feds Warn Health Sector to Watch for Open-Source Threats

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The government's warning to the health sector to watch for open-source threats has long been on the radar of the IT industry. Open-source software, which is free to use, can be a great tool for organizations that need to scale quickly or don't have the budget for proprietary software. However, using it has inherent risks, and no one knows that better than the government.

Article 45 Will Roll Back Web Security by 12 Years

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The EU is poised to pass a sweeping new regulation, eIDAS 2.0. Buried deep in the text is Article 45, which returns us to the dark ages of 2011, when certificate authorities (CAs) could collaborate with governments to spy on encrypted traffic—and get away with it. Article 45 forbids browsers from enforcing modern security requirements on certain CAs without the approval of an EU member government. Which CAs?

SELinux In Linux 6.6 Removes References To Its Origins At The US NSA

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security Enhanced Linux (SELinux) has been part of the mainline kernel for two decades to provide a security module implementing access control security policies and is now widely-used for enhancing the security of production Linux servers and other systems. Those that haven't been involved with Linux for a long time may be unaware that SELinux originates from the US National Security Agency (NSA). But now with Linux 6.6 the NSA references are being removed.

The Cyber Resilience Act Threatens Open Source

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Society and governments are struggling to adapt to a world full of cybersecurity threats. Case in point: the EU CRA — Cyber Resilience Act — is a proposal by the European Commission to enact legislation with a noble goal: protect consumers from cybercrime by having security baked in during design.

News

Powered By

Footer Logo

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

Powered By

Footer Logo