We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Launching its own initiative to thwart hackers, Intel Corp. on Monday unveiled a new security initiative, code-named LaGrande Technology, that it will integrate into future processors and chip sets to stymie efforts to steal data. While many computer users rely . . .
Securing wireless LANs isn't easy. Just ask any network manager who has the task of adding another way to authenticate users to yet another networked device. Funk Software Inc. this week is expected to reveal enhanced versions of its Odyssey Server and Steel-Belted Radius Enterprise Edition wireless authentication applications.. . .
Security researchers have discovered two potentially serious flaws with Check Point's flagship FireWall-1 firewall which give rise to both username guessing and sniffing issues. First, affected versions permit attackers to determine if a firewall username is valid without having to . . .
Although this problem doesn't affect UNIX and Linux variants, it does apply to more than just Microsoft Windows platforms. You should check it out even if you are running NetWare or OS/2 (both of which are definitely vulnerable) or any other . . .
"It used to be enough just to patch security problems, apologize and get on with business. But this case shows that (regulators) are now watching, and if you get burned, you may have a lawsuit on your hands," said Greg Shipley, chief technology officer of Neohapsis, a Chicago-based information security company that assisted the New York authorities on the case.. . .
The U.S. National Security Agency's contribution to open-source security, Security-Enhanced Linux, found broad approval and support in geek forums from Wired News to Slashdot that are typically suspicious of the government. . .
Although many Linux/UNIX diehards disagree, many, if not most system administrators nowadays are more comfortable working with a GUI, and therefore more favorably disposed towards an OS with one. But a problem with GUIs is that when they are running, but . . .
Phil Zimmermann's PGP is back in the hands of an independent company, after Network Associates agreed to sell the technology it mothballed back in March to a start-up specially created to market PGP. . .
Opera Software today released Opera 6.03 for Linux, a pure security upgrade that will implement changes in OpenSSL made public on Aug. 7, 2002 by the CERT Coordination Center (CERT/CC) as well as correct other bugfixes. . .
The scarcity of security companies peddling enterprise-class wares at LinuxWorld could mean that the job of making Linux definitively more secure than its proprietary counterparts will owe more to initiatives in Washington, DC, than Silicon Valley innovations. . .
A serious flaw in SSL certificate handling reported by Mike Benham, affecting IE and Konqueror, has already been fixed by KDE's Waldo Bastian, we're pleased to mention. . .
Macromedia has warned that its Flash Player, a ubiquitous application for playing multimedia files, has a vulnerability that could allow attackers to run malicious code on Windows and Unix-based operating systems. . .
A colossal stuff-up in Microsoft's and KDE's implementation of SSL (Secure Sockets Layer) certificate handling makes it possible for anyone with a valid VeriSign SSL site certificate to forge any other VeriSign SSL site certificate, and abuse hapless Konqueror and Internet Explorer users with. . .
The software, which the company said will not require a Web site to alter its existing authentication process, works with Linux, Solaris, Unix and Windows, among other operating systems. The software, which the company said will not require a Web site to alter its existing authentication process, was originally written for the Plan 9 operating system, a Unix-like OS. However, it works with a host of other operating systems as well, including Linux, Solaris, Unix and Windows.. . .
Nmap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), and TCP/IP fingerprinting (remote host operating system identification). Nmap also offers . . .
Copies of OpenSSH packages on popular download sites have been trojaned, developers have warned. Overnight it was realised that the tarball for OpenSSH 3.4p1 on the main openBSD (ftp.openbsd.org) mirror was compromised, after developers noticed that the checksum of the . . .
OpenSSH was trojaned yesterday. There is not little authoritative information on the situation. What is known is that the original file was exchanged with a trojaned file and was discovered because it had a different MD5 checksum. . .
DeScan.net claims that its port scanning service for companies uses a unique system of blind packet monitoring, heuristics and statistical analysis to identify abusive scanning behavior and the offending PC. . .
A Japanese start-up has come up with a mutant piece of hardware that it says may deliver "perfect security" for Web servers: a two-headed hard disk drive. Tokyo-based Scarabs has developed a prototype of the hard drive, which has a read-only. . .
There's been considerable discussion this weekend of the recent sale of SecurityFocus to mega-corporation Symantec for a sweet $75 million. At issue in particular is SF's BugTraq mailing list, which has for years been the most popular full-disclosure vulnerability list going.. . .
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
