We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Thanks to Asahi Linux, the Linux kernel will soon have initial support for Apple’s M1 chipset. This will likely arrive as part of the upcoming Linux 5.13 update.
Google is now paying developers more money to work on securing their Linux kernels - a gesture that may well be the start of the company’s bid to enforce a tighter grip on Open Source.
In an effort to improve security, Linux Mint has announced that it will inform users about important security updates - but not enforce them. Do you think Mint has made the right call?
Learn how to install SpiderFoot - an excellent open-source security scanner - to analyze vulnerabilities and malicious functions on Ubuntu Linux servers and assist in your pentesting endeavors in this tutorial.
Clem Lefebvre, head of the Linux Mint project, has written a blog post outlining new notifications that try not to be annoying but also remind users that they need to perform software updates to keep their computer secure. What are your thoughts?
Container security is tricky, but using the right tools and utilities can make things much easier - and greatly improve security! Here are 17 great open-source container security tools to consider adding to your arsenal.
I’m writing this post because I often hear that kernel exploitation is intimidating or difficult to learn. As a result, I’ve decided to start a series of basic bugs and exercises to get you started! Prerequisites Knowledge of the Linux command line Knowing how to read and write basic C may be beneficial Being able to debug with the help of a virtual computer or another system Able to install the kernel module compilation build requirements A basic understanding of the difference between userland and kernelland could be helpful Having a basic understanding of assembly can be beneficial for future episodes For this part, I wrote a simple Linux character device, /dev/shell. This driver will take two arguments, uid and cmd, and it will execute the cmd command as the specified uid. To understand how this driver works, I’ll explain a few things!
Linus Torvalds and Greg Kroah-Hartman have shared their thoughts with ZDNet's Steven J. Vaughan-Nichols about the possibility of new Linux kernel code being written in Rust—a high performance but memory-safe language sponsored by the Mozilla project.
Slowly but surely the Rust language is making its way into Linux. Linus Torvalds and Greg Kroah-Hartman offer their perspective into how they see Rust and Linux working together.
Endlessh is an SSH tarpit that very slowly sends an endless, random SSH banner. It keeps SSH clients locked up for hours or even days at a time. Learn about Endlessh and how it helps secure SSH servers.
The Solarwinds security blunders have raised awareness of the importance of protecting software supply chains from unauthorized changes. Now, the Linux Foundation and partners have created a new free cryptographic software signing service to improve open-source program security.
croc is a free and open-source command line tool for secure file transfers between computers. It uses relay-assisted peer-to-peer transactions and end-to-end encryption via password-authenticated key exchange. The program is written in Go and is available for Linux, Windows, macOS and *BSD. Learn about croc's key features and see how easy it is to use croc to send a file or folder in this Linux Uprising tutorial.
Linux Mint is working on improving its Update Manager in an effort to encourage users to apply security updates.
Google has demonstrated serious concern about the security of Linux and open-source code, and is sponsoring a pair of full-time developers to work on the kernel's security.
If all goes well, the first flight on Mars will be made by the Linux-powered Perseverance Mars rover's companion drone helicopter.
Learn about ktest, a tool for making Linux kernel programmers' lives easier by automating certain aspects of Linux kernel testing.
The COVID-19 Credentials Initiative (CCI) - hosted by Linux Foundation Public Health (LFPH) - is working to standardize an approach to vaccination credentials.
If your open-source software project is deemed "critical", you could be facing a lot more work and responsibility in the future. Some of Google's top engineers have proposed new 'norms' that they feel could help secure "critical" open-source projects.
Facebook's Magma brings open-source mobile cores to carrier-grade LTE and 5G. Moving ahead, Magma will run with the Linux Foundation using a vendor-neutral governance framework.
CrowdSec is (and will always remain) an open-source & free security solution able to analyze visitor behavior & provide an adapted response to all kinds of attacks. The solution also enables users to protect each other. Each time an IP is blocked, all community members are informed so they can also block it.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
