Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -2 articles for you...
79
software developmentmemory safetycommunity feedbackC++ Community Launches Safe C++ Proposal to Enhance Memory Safety
Software development has always presented long-established programming languages with opportunities and challenges, including C++, which has long been a mainstay. However, C++ has come under scrutiny due to memory safety concerns. Because of its robust security features, developers often use Rust as an alternative language. . However, an initiative within the C++ community seeks to address these concerns with its proposal " Safe C++ ," published in the September mailing list of Working Group 21 . This initiative represents a significant movement to strengthen C++ safety features to ensure it remains an invaluable tool for future generations. To help you understand the importance of these recent efforts, I'll explain the proposal and experts' involvement in it, as well as the response of the open-source community to this monumental initiative. Understanding This Proposal At its core, the Safe C++ proposal recognizes Rust's excellent safety model, particularly its ownership and borrowing system. Rust's focus on avoiding memory management errors such as null pointer dereferencing, buffer overflows , and use-after-free vulnerabilities has established itself as an industry standard, earning praise inside and outside its community for this exceptional approach. Adopting these principles within the C++ ecosystem would significantly boost reliability and security, something highlighted in the Safe C++ proposal. Key to this proposal is the Safe Standard Library, which seeks to integrate reliable memory-safe implementations of core data structures and algorithms into the C++ Standard Library. The goal is straightforward: developers can safely reduce memory-related bugs by writing code from its inception. This library serves as the backbone of Safe C++, becoming more secure automatically rather than leaving developers to adopt best practices reactively. Stringent restrictions on unsafe operations further this transition. Safe C++ developers, for instance, are prohibited from performing tasks thatmight lead to unpredictable lifetime, type, and thread safety behaviors. Not only are such tasks discouraged, but they're actively prevented by compiler frontends, statically analyzed in compiler middle ends, or managed via runtime panic/abort mechanisms, ensuring many familiar sources of vulnerabilities are eliminated as soon as they arise. Rust's safety model goes beyond simply restricting usage and introduces novel capabilities. Safe C++ features advanced pattern matching and sophisticated borrow-checking systems that track references to prevent use-after-free bugs. Such improvements promise safer yet more expressive C++ code, leveraging Rust's groundbreaking approaches. Experts' Involvement in This Initiative This proposal showcases its considerable expertise. Founded by Sean Baxter, an accomplished developer with experience at NASA's Jet Propulsion Lab and NVIDIA, and Christian Mazakas, staff engineer for the C++ Alliance, its president, Vinnie Falco, highlighted its importance as a milestone for C++ ecosystem development. Baxter's dedication to evolving the C++ toolchain led him to develop Circle , a new C++ compiler with an integrated Rust-style borrow checker— reflecting his commitment to improving C++ through practical solutions. This historical background proves that his proposal is not an immediate reaction but part of an insightful long-term plan for improving it. Though Safe C++ may seem attractive, one may ask why not simply adopt Rust. The proposal responds by emphasizing the difficulties inherent in transitioning a vast existing codebase and community to a foreign language like Rust. Its unfamiliarity could alienate existing C++ developers, while interoperability tools needed for merging both languages would add additional layers of complexity - something evolving C++ to incorporate some aspects of Rust may help with. In such an approach, evolving C++ to include some of the best features of Rust appears more reasonable and inclusive. Safety issues surroundingprogramming languages have long been the subject of debate. Notable figures like Microsoft Azure CTO Mark Russinovich and government bodies like America's National Security Agency have issued dire warnings of memory safety vulnerabilities. Such warnings have galvanized tech industries to tackle them, making initiatives like Safe C++ timely and essential. Interesting C++ enhancement strategies don't stop with Safe C++ alone. Its creator, Bjarne Stroustrup, has proposed improving it through "profiles," sets of rules enforced by compilers to guarantee various safety properties. Critiques of this approach, like Baxter's paper "Why Safety Profiles Failed," argue that existing efforts have fallen short and that adopting Rust constructs into C++ provides more effective solutions. Examining Community Involvement in the Safe C++ Initiative Community participation is integral to this transformative process. Understanding that collaborative input is crucial, the developers of Safe C++ have sought feedback from a diverse set of stakeholders—including developers, researchers, and industry leaders—on their proposal, resolved outstanding design questions quickly, and created a stable language and standard library within 18 months for mainstream evaluation. This collaborative spirit is further demonstrated through the creation of SafeCPP.org , which serves as a central point for updates and discussions regarding this proposal. Engaging the community this way reflects a dedication to transparency and furthers communal advancement. Community reactions have ranged from enthusiastic support to cautious skepticism. Some developers are passionate about how this initiative could revitalize C++ by directly addressing its drawbacks. Yet, others question if its complexity and scope may present challenges that impede seamless integration as promised by this proposal. What are your thoughts on this proposal? Connect with us @lnxsec , and let's have a discussion! Our Final Thoughts on This Progress TowardSecuring C++ The Safe C++ proposal marks an essential moment in C++ development, seeking to protect it from memory-related bugs by drawing upon Rust's proven safety model. Integrating robust safety features directly into standard libraries and using compiler enforcement for unsafe operations are integral parts of its goal of revolutionizing the C++ safety landscape. Community collaboration will be integral to its success, marking another chapter in C++ history as we move toward modern security standards while honoring the C++ legacy. . An initiative seeks to enhance C++ security by implementing Rust-like memory safety, ensuring future robustness in programming.. software, development, always, presented, long-established, programming, languages, opportunities. . Brittany Day
Nov 04, 2024
•
Security Projects
82
open sourcecybersecurity strategycrypto softwareBush Cybersecurity Strategy Review: Insights from Open Source Voices
Crypto software developer Bob Crowley suggests the Open Source community may want to take a hard look at the Bush administration's draft document for the "National Strategy to Secure Cyberspace" and send some comments to the White House in the next six weeks. . . .. Crypto software developer Bob Crowley suggests the Open Source community may want to take a hard look at the Bush administration's draft document for the "National Strategy to Secure Cyberspace" and send some comments to the White House in the next six weeks. Cowley, senior v.p. of Research Triangle Software had a booth at Bob Young's Lulu Tech Circus in Raleigh, North Carolina, last weekend. The Bush cybersecurity plan hasn't received a lot of attention in the Open Source community, but Crowley suggested that it should. Crowley, whose company makes crypto software, isn't completely down on the Bush plan, although he suggests, like some others have, that the plan is a bit short on concrete proposals to implement. There's a lot of "shoulds" with voluntary compliance in the 65-page, 86-recommendation document, and as Crowley says, "doesn't that leave us essentially in the same position we're in?" The link for this article located at NewsForge is no longer available. . Crypto software developer Bob Crowley suggests the Open Source community may want to take a hard loo. crypto, software, developer, crowley, suggests, source, community. . Anthony Pell
Oct 03, 2002
•
Government
76
security eventtechnology trendsDEF CONFuture of DEF CON Events: Seeking Community Feedback and Strategies
Having just finished my 9th DEF CON, I have a few thoughts - I am looking for feedback from the community to help decide the next steps for the future of DEF CON. First, let me give you a brief history so you can see where I am coming from and to allow you to decide where you think we should go in future shows.. . .. Having just finished my 9th DEF CON, I have a few thoughts - I am looking for feedback from the community to help decide the next steps for the future of DEF CON. First, let me give you a brief history so you can see where I am coming from and to allow you to decide where you think we should go in future shows. I have long thought that DEF CON cannot last forever in its current form due to several factors: Growth, Core Attendees, and the changing nature of the technology underground. Growth causes all kinds of problems. The incredible and exponential growth of DEF CON makes it more and more difficult to comprehend the ramifications of running such a large conference. It requires more people to be involved in organizing the show, more insurance to cover more damage, more planning, more Con events, and more volunteer staff to make things run more smoothly. The link for this article located at defcon is no longer available. . Considering the feedback from the 9th DEF CON, aiming for collective input to enhance future events and strategic developments.. DEF CON, Community Feedback, Event Strategies, Growth Insights. . Anthony Pell
Jul 23, 2001
•
Organizations/Events
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More