Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
67
security advisorydata encryptioncryptanalysisNew Practical Attack On AES-256: Security Risks Explored
Read Bruce Schneier's always on-target analysis of cryptography, this time with information on the new attack against AES. A new and very impressive attack against AES has just been announced. Over the past couple of months, there have been two (the second blogged about here) new cryptanalysis papers on AES. The attacks presented in the paper are not practical -- they're far too complex, they're related-key attacks, and they're against larger-key versions and not the 128-bit version that most implementations use -- but they are impressive pieces of work all the same. This new attack, by Alex Biryukov, Orr Dunkelman, Nathan Keller, Dmitry Khovratovich, and Adi Shamir, is much more devastating. It is a completely practical attack against ten-round AES-256: . Abstract. AES is the best known and most widely used block cipher. Its three versions (AES-128, AES-192, and AES-256) differ in their key sizes (128 bits, 192 bits and 256 bits) and in their number of rounds (10, 12, and 14, respectively). In the case of AES-128, there is no known attack which is faster than the 2128 complexity of exhaustive search. However, AES-192 and AES-256 were recently shown to be breakable by attacks which require 2176 and 2119 time, respectively. While these complexities are much faster than exhaustive search, they are completely non-practical, and do not seem to pose any real threat to the security of AES-based systems. In this paper we describe several attacks which can break with practical complexity variants of AES-256 whose number of rounds are comparable to that of AES-128. One of our attacks uses only two related keys and 239 time to recover the complete 256-bit key of a 9-round version of AES-256 (the best previous attack on this variant required 4 related keys and 2120 time). Another attack can break a 10 round version of AES-256 in 245 time, but it uses a stronger type of related subkey attack (the best previous attack on this variant required 64 related keys and 2172 time). The link for thisarticle located at Bruce Schneier is no longer available. . Abstract. AES is the best known and most widely used block cipher. Its three versions (AES-128, AES-. bruce, schneier's, always, on-target, analysis, cryptography, information. . LinuxSecurity.com Team
Aug 03, 2009
•
Cryptography
67
cryptanalysisblock cipherlearning techniquesOrganized Cryptanalysis Techniques for Effective Learning
Studying cryptanalysis is difficult because there is no standard textbook, and no way of knowing which cryptanalytic problems are suitable for different levels of students. This paper attempts to organize the existing literature of block-cipher cryptanalysis in a way that students can use to learn cryptanalytic techniques and ways to break new algorithms. . The link for this article located at Schneier.com is no longer available. . The link for this article located at Schneier.com is no longer available.. studying, cryptanalysis, difficult, because, there, standard, textbook, knowing. . LinuxSecurity.com Team
May 24, 2006
•
Cryptography
67
encryptioncryptographysecurity designInnovative CS2 Block Cipher Boosts Security and Efficiency
In this paper we describe our new CS2 block cipher which is an extension of the original CS-Cipher. Our new design inherits the efficiency of the original design while being upgraded to support a larger block size as well as use a slightly improved substitution box. We prove that our design is immune to differential and linear cryptanalysis as well as argue it resists several other known attacks. . . Unveil the groundbreaking CS2 Encryption Algorithm: an upgraded iteration of the CS-Cipher boasting superior safety and optimized performance.. CS2 Block Cipher, cryptographic algorithms, secure encryption methods. . LinuxSecurity.com Team
Mar 25, 2005
•
Cryptography
67
key managementencryption techniqueblock cipherExplore Block Ciphers and Character-Based Encryption Techniques
All of the cypher systems we have looked at so far have been single-key character cyphers. By this, we mean that the same key which is used to encrypt the plaintext into the ciphertext is used to recover the plaintext from . . . . All of the cypher systems we have looked at so far have been single-key character cyphers. By this, we mean that the same key which is used to encrypt the plaintext into the ciphertext is used to recover the plaintext from the ciphertext, and the cypher operates on only one character at a time. In these discussions the plaintext character space is taken to be the ASCII character set, as is the ciphertext character space. The key space is not necessarily the ASCII character set, but is a function, such that p=D(C(p)), where p is the plaintext, C is the encryption algorithm and key, and D is the decryption algorithm and key. Clearly, D is the inverse operation of C. The link for this article located at SierraTimes is no longer available. . All of the cypher systems we have looked at so far have been single-key character cyphers. By this, . cypher, systems, looked, single-key, character, cyphers. . LinuxSecurity.com Team
Oct 01, 2003
•
Cryptography
67
security advisoryencryptionsecurity researchAnalysis of MultiSwap Cipher in Microsoft DRM by Beale Screamer
An anonymous security researcher working under the pseudonym "Beale Screamer" reverse engineered the Microsoft Digital Rights Management subsystem and, by October 20th, the results were available on cryptome.org. As part of the reverse engineering effort Screamer found an unpublished block cipher, which he dubbed MultiSwap, being used as part of DRM. Screamer did not need to break the MultiSwap cipher to break DRM, but we thought it would be a fun excercise, and summarize the results of our investigation below.. . .. An anonymous security researcher working under the pseudonym "Beale Screamer" reverse engineered the Microsoft Digital Rights Management subsystem and, by October 20th, the results were available on cryptome.org. As part of the reverse engineering effort Screamer found an unpublished block cipher, which he dubbed MultiSwap, being used as part of DRM. Screamer did not need to break the MultiSwap cipher to break DRM, but we thought it would be a fun excercise, and summarize the results of our investigation below. The attacks described here show weaknesses in the MultiSwap encryption scheme, and could potentially contribute to an attack on DRM. However, the attack on DRM described by Beale Screamer would be much more practical, so we feel that these weaknesses in MultiSwap do not pose a significant threat to DRM at this time. We present these results to further the science of computer security, not to promote rampant copying of copyrighted music. The link for this article located at Nikita Borisov, Monica Chew, Rob Johnson, and David Wagner is no longer available. . An anonymous security researcher working under the pseudonym 'Beale Screamer' reverse engineered the. anonymous, security, researcher, working, under, pseudonym, 'beale, screamer', reverse, engineered. . LinuxSecurity.com Team
Oct 29, 2001
•
Cryptography
67
data encryptionblock ciphersymmetric cipherUnderstanding Block Ciphers in Perl: A Guide to Encryption Methods
Most well-known symmetric ciphers are block ciphers. The plaintext to be encrypted must be split into fixed-length blocks (usually 64 or 128 bits long) and fed to the cipher one at a time. The resulting blocks (of the same length) are . . . . Most well-known symmetric ciphers are block ciphers. The plaintext to be encrypted must be split into fixed-length blocks (usually 64 or 128 bits long) and fed to the cipher one at a time. The resulting blocks (of the same length) are concatenated to form the ciphertext. The ciphers in widespread use today vary in strength, key length, block size and their approach to encrypting data. Some of the popular ciphers (IDEA, Twofish, Rijndael) are implemented by eponymous modules in the Crypt:: namespace on the CPAN (Crypt::IDEA and so on). To decide which cipher to use for a particular application, one must consider the strength and speed required, and the computational resources available. The decision cannot be made without research, but IDEA is often considered the best practical choice for a general purpose cipher. The link for this article located at Perl.com is no longer available. . Explore the role of symmetric ciphers like AES, DES, and 3DES in data encryption, emphasizing their strengths, applications, and security considerations. symmetric encryption, block ciphers, Perl cryptography, IDEACipher, Crypt:: namespace. . LinuxSecurity.com Team
Jul 19, 2001
•
Cryptography
67
key managementcryptographydata encryptionExploring Data Encryption Standard and Triple-DES Techniques
The Data Encryption Standard, or DES, specified a block cipher with a 56-bit key that operated on 64-bit blocks. It was developed by IBM , in response to a request from the National Bureau of Standards for a cryptographic algorithm . . .. The Data Encryption Standard, or DES, specified a block cipher with a 56-bit key that operated on 64-bit blocks. It was developed by IBM , in response to a request from the National Bureau of Standards for a cryptographic algorithm to protect the "sensitive but unclassified" communications of the U.S. government. Because of advances in the speed of computers, a cipher having only a 56-bit key is no longer secure. One response to this has been the use of Triple-DES. The standard method of using Triple-DES is to encrypt a 64-bit block with DES using one key, decrypt it with another, and then encrypt it again either with the first key or with a third key. This gives a key length of either 112 bits or 168 bits; in addition, if all three 56-bit keys are the same, the decryption in the middle will undo one of the encryptions, allowing interoperability with equipment using ordinary DES. The link for this article located at SecurityFocus --Â Â is no longer available. . Explore the progression of the Advanced Encryption Standard (AES), its framework, and its impact on safeguarding data privacy.. Data Encryption Standard, Triple-DES, Encryption Techniques, Key Length Management. . LinuxSecurity.com Team
Jun 06, 2000
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More