Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 10 articles for you...
81
privacybiometricscybersecurity implicationsImpact of DNA Fabrication on Privacy and Crime Investigation
I've filed this one under privacy . Bruce Schneier has always been a good source of privacy and biometrics issues, let alone crypto. This isn't good: The scientists fabricated blood and saliva samples containing DNA from a person other than the donor of the blood and saliva. They also showed that if they had access to a DNA profile in a database, they could construct a sample of DNA to match that profile without obtaining any tissue from that person. . [...] The planting of fabricated DNA evidence at a crime scene is only one implication of the findings. A potential invasion of personal privacy is another. Using some of the same techniques, it may be possible to scavenge anyone's DNA from a discarded drinking cup or cigarette butt and turn it into a saliva sample that could be submitted to a genetic testing company that measures ancestry or the risk of getting various diseases. Read on for a link to the paper, written by FSI Genetics. The link for this article located at Bruce Schneier is no longer available. . Examines the consequences of DNA fabrication at crime scenes and the associated privacy risks involved.. DNA Privacy,Biometrics Risks,Evidence Fabrication,Cybersecurity Implications. . LinuxSecurity.com Team
Aug 20, 2009
•
Privacy
77
cyber threatssecurity breachidentity verificationResearch Shows 90% Spoofing Success Rate for Fingerprint Systems
Sweaty hands might make you unpopular as a dance partner but they could someday prevent hackers from getting into your bank account. Researchers at Clarkson University have found that fingerprint readers can be spoofed by fingerprint images lifted with Play-Doh or gelatine or a model of a finger moulded out of dental plaster. The group even assembled a collection of fingers cut from the hands of cadavers. . In a systematic test of more than 60 of the carefully crafted samples, the researchers found that 90 per cent of the fakes could be passed off as the real thing. The link for this article located at Silicon.com is no longer available. . In a systematic test of more than 60 of the carefully crafted samples, the researchers found that 90. sweaty, hands, might, unpopular, dance, partner, someday, prevent, hackers. . LinuxSecurity.com Team
Dec 29, 2005
•
Server Security
82
biometricslawsuitfingerprint scannerIdentix Case: Legal Action Over Biometric Records Impacting Lives
At San Jose Superior Court today (11 May) biometrics company Identix will seek to have a product liability and slander lawsuit against it and the States of California and Oregon dismissed. Plaintiffs Roger Benson and Miguel Espinoza are seeking restitution for the damage inflicted on them by duplication in police records which gave them other people's criminal records. . . .. At San Jose Superior Court today (11 May) biometrics company Identix will seek to have a product liability and slander lawsuit against it and the States of California and Oregon dismissed. Plaintiffs Roger Benson and Miguel Espinoza are seeking restitution for the damage inflicted on them by duplication in police records which gave them other people's criminal records. Benson was wrongfully imprisoned for 43 days for carrying a firearm when a convicted felon, although the felony on his record had been committed by someone else, while Espinoza, had his restaurant business destroyed by a false record of a criminally negligent homicide conviction. The plaintiffs claim that their problems stemmed from Identix's Livescan 10-print, a fingerprint scanner used to enter fingerprint data into police systems. Two months ago Identix was re-confirmed as the winner of a Department of Homeland Security Blanket Purchase Agreement (BPA) for fingeprint systems, this being worth and estimated $27 million over five years. Identix is also supplying equipment for the UK Passport Service's ID card pilot, so one might reasonably consider that the stakes in San Jose Superior Court will be rather high. The case hinges on the origin of duplicate record ID numbers, but it is the fact that these actually existed that is of the broadest significance. Benson, whose case has been going through the courts longest, stepped into trouble when he was pulled in for a traffic violation and fingerprinted. This process was carried out using a Livescan system, which produced an Electronic Fingerprint Card (EFC). Each EFC is assigned a fingerprint control number, FPN, which isintended to be unique. Previous paper-based systems, which are still widely used in the US, use EFCs preprinted with a unique FPN, but this is not the case with EFCs produced with the Livescan system. Benson's EFC was created on February 6th 1998, and on September 10th 1998 one William Lee Kellog, charged with multiple felonies, was put through the booking process. Kellogg's EFC had the same FPN as Benson's. FPNs are widely used in criminal justice databases, and the duplicate records entered the Oregon Judicial Information Network (OJIN), where Kellogg's convictions were attached to Benson's record. A routine inspection in California the next year uncovered a handgun in Benson's truck, and as his Oregon record said he was a thrice convicted felon, he was arrested for being in violation of the California Penal Code. The plaintiffs' complaint alleges that the defendants have known since 1996 "that Livescan machines had the identified propensity of creating defective EFCs," and that they therefore knew that this was corrupting criminal justice databases and court records. It is not clear from the evidence presented that the blame rests entirely with the Livescan equipment, but it does seem clear that Oregon was aware that duplication incidents were occurring (a list of 97 of these was compiled), and it has certainly taken Benson some considerable time, against considerable opposition, to clear his name. The link for this article located at TheRegister is no longer available. . VeriCheck is being sued for purportedly providing erroneous ID documentation that impacts people's reputations and legal backgrounds.. Identix Lawsuit, Biometric Errors, Fingerprint Data, Criminal Record, Justice System. . Anthony Pell
May 11, 2004
•
Government
81
data protectionbiometricsprivacy advocacyCivil Liberties Groups Unite Against Biometric Data in Passports
Cross-border sharing of biometric data could infringe human rights, warns an international coalition of civil liberties groups. . . .. Civil liberties groups from both sides of the Atlantic have joined forces to oppose the proposed introduction and cross-border sharing of biometrics and RFID in more than one billion passports worldwide. Human rights organisations from Europe, North America, Australia and Asia have sent an open letter to the International Civil Aviation Organisation (ICAO) railing against plans to create an international 'identity register' that would force the inclusion of biometrics and controversial RFID tracking tags in all passports by 2015. Among the 39 groups who put pen to paper are: Privacy International, the Foundation for Information Policy Research, the Electronic Frontier Foundation and the American Civil Liberties Union. The ICAO will be meeting in Cairo next week and will be discussing the scheme. If the ICAO approves it, facial mapping and tracking tags would become mandatory, with fingerprinting also on the drawing board, depending on the preferences of individual governments. The link for this article located at ZDNet UK is no longer available. . International human rights organizations collaborate to challenge the distribution of biometric information in travel documents, advocating for the safeguarding of civil freedoms.. Biometric Data,Rfid Technology,Civil Liberties,Privacy Rights,International Coalition. . LinuxSecurity.com Team
Mar 31, 2004
•
Privacy
81
security measurescivil libertiessurveillanceExamining Privacy And Surveillance Technologies In The USA
The convergence of privacy-invading technologies and Washington's appetite for surveillance have put civil liberties on the run. This is especially true in the war against terrorism. Controversial initiatives have included biometric face cameras, wiretap enhancements, invasive computer-assisted airline passenger screening, . . . . The convergence of privacy-invading technologies and Washington's appetite for surveillance have put civil liberties on the run. This is especially true in the war against terrorism. Controversial initiatives have included biometric face cameras, wiretap enhancements, invasive computer-assisted airline passenger screening, escalated e-mail monitoring fostered by the USA Patriot Act, and the Pentagon's Total Information Awareness data-mining project (now renamed the "Terrorism" Information Awareness, or TIA). Even a national ID card was proposed. In the right circumstances, data-mining technologies and "biometrics" -- such as voice prints, retina, iris and face scanners, digitized fingerprints, and even implantable chips -- can benefit us. That's because data-mining and biometrics, at least in principle, are about enhancing convenience, service, authentication, and individual security more than they are about invading privacy. Biometrics, for example, promises increased privacy and security by guarding against identity theft in our myriad marketplace transactions. We'll see their use in cell phones, laptops, car doors, doorknobs and office keys -- basically everywhere. They can increase security in online commerce, help locate a lost youngster, relay medical information to doctors, and much more. The link for this article located at CATO is no longer available. . Intrusive technology confronts protective strategies within the United States' monitoring initiatives.. Privacy Technologies, Surveillance Measures, Civil Liberties, Biometric Technologies, Data Mining. . LinuxSecurity.com Team
Jun 26, 2003
•
Privacy
74
network managementidentity theftPKIUnderstanding Authentication Challenges for Network Managers
With identity theft on the rampage, network managers are being hit by an increasing barrage of software, hardware and services for user authentication. Organizations are implementing technologies ranging from traditional passwords/PINs to PKI and SSL certificates, tokens, fingerprint readers, and even . . . . With identity theft on the rampage, network managers are being hit by an increasing barrage of software, hardware and services for user authentication. Organizations are implementing technologies ranging from traditional passwords/PINs to PKI and SSL certificates, tokens, fingerprint readers, and even voiceprints. Each solution carries its own infrastructure, along with its own technical ins-and-outs. Observers agree that the authentication market is highly fractionalized. "Everybody and his brother is getting into authentication," contended Steven Hunt, VP of Research at Giga Information Group. "Companies are recognizing that these products are using multiple and overlapping infrastructures. Passwords, for instance, have a whole help desk infrastructure behind them. The entire thing can be very confusing for administrators. The pressure is on for vendors to come up with a single shared process for authentication," he added "Everyone has been thinking they can do authentication is a slightly better way. The market is still very, very immature," concurred Scott Blake, president of information security at BindView Corporation. A recent report from IDC characterized the hardware authentication market, at least, as "a loose confederation of clones." "Although similar technologies are being used among token, smart card, and biometrics vendors, the applications for which they are being used vary dramatically depending on the type of market, whether for commercial/corporate or government markets. The overall hardware authentication market remains highly fragmented, with many applications," summed up the IDC analysts. The link for this article located at CrossNodes is no longer available. . Withidentity theft on the rampage, network managers are being hit by an increasing barrage of softw. identity, theft, rampage, network, managers, being, increasing, barrage, softw. . Anthony Pell
Dec 13, 2002
•
Network Security
78
encryptionaccess controlbiometricsSony FIU-600: Advanced Biometric Access Control Solution for Security
The new FIU-600 model builds on the same encryption technology as Sony's FIU-710 Puppy, although this time as a stationary identification device for verifying employee access to multiple company PCs. The FIU-710 is designed as a mobile fingerprint passkey that . . . . The new FIU-600 model builds on the same encryption technology as Sony's FIU-710 Puppy, although this time as a stationary identification device for verifying employee access to multiple company PCs. The FIU-710 is designed as a mobile fingerprint passkey that scans, stores, and matches a user's fingerprint internally. Less expensive than its predecessor, the FIU-600 uses an upgraded version of the FIU-710 technology without the crypto capabilities, the company said, although it is designed with the ability to export templates and scan up to 1,000 fingerprint images inside the device. The link for this article located at Internet.com is no longer available. . The new FIU-600 model builds on the same encryption technology as Sony's FIU-710 Puppy, although thi. fiu-600, model, builds, encryption, technology, sony's, fiu-710, puppy, although. . LinuxSecurity.com Team
Nov 06, 2002
•
Vendors/Products
82
securitypublic sectorbiometricsExploring National ID Policies and Emerging Tech Innovations
Although the loud public debate about a U.S. national ID card has quieted, interest in its usage continues in both private and public business sectors. While the debate persists about exactly when it will come to pass and what form factor it will take, quiet tests of new technologies continue. . .. Although the loud public debate about a U.S. national ID card has quieted, interest in its usage continues in both private and public business sectors. While the debate persists about exactly when it will come to pass and what form factor it will take, quiet tests of new technologies continue . By 2005, comprehensive, enterprisewide personalization will be achieved by recognizing and combining role management, permissions, contextual content, content generation, user and content profiling, recommendations, multi-layered taxonomies, and so forth. This will appear through integration among various enterprise portal, content management, information categorization and retrieval, security, analytics, and application platforms. Numerous issues need to be addressed during the next five to seven years to successfully implement a national identity policy. The first and most challenging is defining what constitutes identity, and whether it should be a single physical manifestation or a policy with any number of instantiations. Is identity merely a physical description, or should it include biometrics? How much of a person's identity (i.e., business, personal, and historical) should be maintained or shared? Given issues related to state government (e.g., driver's licenses) and current processes, it is likely that this will be a policy with numerous instantiations. The link for this article located at ZDNet is no longer available. . Although the loud public debate about a U.S. national ID card has quieted, interest in its usage con. although, public, debate, about, national, quieted, interest, usage. . Anthony Pell
Oct 16, 2002
•
Government
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More