We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Mozilla is out this week with Firefox 3.5.9 and 3.0.19 updates, fixing multiple security vulnerabilities in the open source Web browser's two branches, while announcing that the older of the two branches is being phased out.
Sony has announced that its latest firmware update will disable the "Other OS" option on the PS3. This means that the PS3 will no longer support the Linux OS.
Mozilla released Firefox 3.6.2 late Monday to fix a critical security hole involving Web-based font technology. "We strongly recommend that all Firefox users upgrade to this latest release. If you already have Firefox 3.6 you will receive an automated update notification within 24 to 48 hours. This update can also be applied manually by selecting 'Check for Updates...' from the Help menu," Mozilla's director of Firefox, Mike Beltzner, said in a blog post..
Mozilla confirmed the presence of an unpatched flaw in its browser on Thursday, with a post promising to release a fix at the end of the month. The flaw, discovered by security researcher Evgeny Legerov and reported by The Reg last month, creates a means to inject hostile code on vulnerable systems. The vulnerability is due to be fixed in version 3.6 of Firefox on 30 March.
Google [1] has patched 11 vulnerabilities [2] in the Windows version of Chrome [3], including one that earned its finder the first $1,337 check from the company's new bug bounty program. Like Apple [4], which updated Safari last week [5], Google beefed up the security [6] of its browser just days before the Pwn2Own browser [7] hacking [8] contest was to kick off in Canada.
Microsoft's Internet Explorer 9 is now out for developers to try out and test -- well kinda/sorta. You see the IE9 Test Drive Platform Preview isn't really a browser is it? IE9 as it is currently available lacks tabs. It lacks a back button and it lacks an address bar.
OPEN source industry veteran Matt Asay joined Canonical, the commercial sponsor of Ubuntu Linux, as its chief operating officer last month. In his new post, Asay is responsible for aligning the company
An update which fixes around 40 bugs is available for the PHP 5.2 development branch. Version 5.2.13 comes highly recommended for all PHP 5.2.x users, as it includes a number of security-related fixes. These include a bug when validating the safe_mode configuration variable in the tempnam() function which arises when the path does not end in /). An open_basedir/safe_mode bypass vulnerability in the session extension has also been fixed.
Cisco and several other investors have given $10.5 million to HyTrust, a start-up that is tackling some of the thornier security problems posed by the growing popularity of VMware's virtualization platform. Virtualization security remains a work in progress.
Most of this article was written on a six-year-old computer running Google's new Chromium OS. "Chromium OS" is the open-source version of the new Chrome OS that Google is developing for netbooks, tablets, and other lightweight machines. It's built from the source code that Google is making widely available, but it runs on standard hardware. Google's Chrome OS, in contrast, is designed to run on a new generation of stripped-down systems.
After rolling out the first Linux edition of its desktop encryption security software last month -- together with new support for the latest versions of Windows and Mac -- PGP Corp. on Monday announced major server updates that will let PGP be managed alongside myriad other approaches to encryption.
Now that Google has completed its acquisition of video compression outfit On2 Technologies, a representative of the Free Software Foundation has urged Mountain View to release On2's latest codec under an irrevocable free license and use it to replace Adobe Flash on YouTube.
John Johansen, a developer with commercial Ubuntu sponsor Canonical, has submitted an updated version of the AppArmor security framework to the Linux kernel developers for inspection. Johansen writes that, like the SELinux and Tomoyo solutions already integrated into the kernel, this fourth general posting of AppArmor uses Linux Security Modules (LSM) to hook into the kernel.
Is this the future of online banking? US company IronKey has come up with a USB drive that can be used to access accounts virtually without involving the operating system or applications that cause so many of today's security problems.
Russian security firm Intevydis has made a Windows exploit for a previously unknown security hole in Firefox 3.6 available to its customers. The exploit allows attackers to remotely gain control of a PC. Intevydis develops the commercial VulnDisco add-on for the also commercial Canvas exploit toolkit by vendor Immunity. On the Immunity forum, developer Evgeny Legerov praises his exploit for Windows XP (SP3) and Vista as being quite reliable. The developer says It was an interesting challenge to find the flaw
Mozilla on Wednesday patched five vulnerabilities, three of them critical, in older editions of Firefox and in the process extended the support life of Firefox 3.0 by at least one more month. The newest Mozilla browser, Firefox 3.6, already contains the patches.
The open source engine that forms the basis for Google's Chrome has spawned an ostensibly new browser, Comodo's cleverly named
Sturdy and secure USB flash memory storage solution is rapidly deployable with a SAAS-based configuration and management tool. IronKey has built its Enterprise D200 and S200 USB flash drives to withstand just about anything thrown at it. And I made it my goal to find out how much of a beating it could actually take.
Former U.S. military security specialist Christopher Tarnovsky found a weakness in Infineon's SLE66 CL PE and presented the results of his hack at the Black Hat 2010 computer security conference. The Infineon chip is used in PCs, satellite TV hardware, and gaming consoles to protect secure data.
The stable version of Google Chrome for Windows has been updated with three critical security fixes and an announcement that the first payouts to crowd-sourced security researchers have been delivered.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
