Security Projects
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Are you running Linux just because you think it's safer than Windows? Think again. Sure, security is a built-in (and not a bolt-on) feature and extends right from the Linux kernel to the desktop, but it still leaves enough room to let someone muck about with your /home folder.
This describes how to set up ssl certificates to enable encrypted connections from PgAdmin on some client machine to postgresql on a server machine. The assumption is that postgresql (compiled with ssl support) and openssl are already installed and functional on the server (Linux). PgAdmin is already installed on the client (either Windows or Linux).
If Marcus Ranum were your CISO, this would be his resolution for 2011: To plan a "War Games" style exercise. "It's very enlightening for everybody," says Ranum, a noted security thought-leader, :and it actually helps a great deal in helping sell the need for security to the entire executive team."
So far, the analyses of OpenBSD's crypto and IPSec code have not provided any indication that the system contains back doors for listening to encrypted VPN connections. The OpenBSD developers started the code audit to investigate allegations made by Gregory Perry, the former CTO of crypto company NetSec. In an email to OpenBSD founder Theo de Raadt, Perry had accused developer Jason Wright and others of having built back doors into the IPSec stack. De Raadt made the email public and presented Perry's allegations for discussion.
Marking nearly 10 years of Openwall GNU/*/Linux, the Openwall Project developers have released version 3.0 of Openwall. Openwall GNU/*/Linux, also known as Owl for short, is a small, security-enhanced distribution of Linux aimed at servers, appliances and virtual appliances.
The Ethical Hacker Network (EH-Net) is more than a free online magazine for security professionals as it also acts almost like an educational portal for newbies interested in security. Every year like a Christmas tradition, EH-Net features a holiday hacking challenge written by security attack and defense guru Ed Skoudis. The 2010 skills challenge is The Nightmare Before Charlie Brown's Christmas.
Exploitation of just ONE software vulnerability is typically all that separates the bad guys from compromising an entire machine. The more complicated the code, the larger the attack surface, and the popularity of the product increases the likelihood of that outcome. Operating systems, document readers, Web browsers and their plug-ins are on today
Google has released the Android 2.3 Gingerbread source code, one day after Samsung's Nexus S smartphone went on sale in the US. The Nexus S is the first device to run the new Android operating system and comes equipped with Near Field Communications technology used to make micro-payments via the smartphone.
WikiLeaks has gone down, returned, gone down again, returned and other sites have been taken down by supporters of WikiLeaks like Visa.com. From a technical standpoint, what is happening exactly and what will happen next in this ongoing cyberspace saga? HuffPost Tech asked SafeCentral CTO Ray Dickenson to help us break it all down based on his Internet security expertise.
Joseph Idziorek, graduate in electrical and computer engineering, has been researching computer security. The study conducts research on sites that have been experiencing denial of service attacks, in which hackers try to get unauthorized access and hinder them.
A disproportionate number of people downloading the open source DIY tool being used to launch DDoS attacks on companies deemed hostile to Wikileaks appear to be based in the UK, new figures have suggested.
German mail service Deutsche Post recently launched a contest called Security Cup in which teams of hackers compete for money to find the company
With Red Hat Enterprise Linux 6 now cutting its way into the enterprise-calibre open source operating systems space, there is much to talk about as the terms security and virtualisation are increasingly used to highlight its key new features.
You've probably heard the phrase, "Failure is the key to success." But are security professionals really learning from their mistakes? As identity theft and online risks keep growing, is our industry rising to the challenge or repeating the miscues of the past? While security technology is improving, the bad guys also have access to better tools. So are the good guys working smarter?
Google has released a test version of its Chrome browser that extends its renowned security sandbox to Adobe's heavily abused Flash player.
Isn't he in jail now or very shortly? The bloke behind Pirate Bay wants to set up an alternative to the domain name outfit ICANN. Peter Sunde says that he has been suspicious of ICANN for a long time. ICANN is the non-profit corporation is tasked with managing both the IPv4 and IPv6 Internet Protocol address spaces as well as handling the management of top-level domain name space including the operation of root nameservers.
Is computer hacking a sport? Should it be rewarded with trophies, awards, and maybe even, jobs? A growing trend points to yes. What used to be a frowned upon and shady underworld of computer hackers is now emerging as a network of professionals that boasts teamwork and helps provide insight into the world of cyber security.
According to a report from the Open Source Observatory and Repository for European public administrations (OSOR), France's social security system, the Caisse Nationale d'Allocations Familiales (CNAF), is now using the open source PostgreSQL database management system (DBMS).
When Microsoft's hot new Kinect motion-sensitive controller was released earlier this month, Phil Torrone and Limor Fried saw an opportunity to subvert what was being presented as a closed system.