Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 0 articles for you...
82
data securityencryptionprivacy lawECHR Rules Against Backdoor Encryption And Data Surveillance Laws
The European Court of Human Rights (ECHR) has made a major decision , ruling that laws requiring weakened encryption and extensive data retention violate the European Convention on Human Rights. In a recent case involving Russia's demand for Telegram to provide encryption assistance, the Court stated that such legislation cannot be considered necessary in a democratic society. . This landmark ruling has significant implications for data surveillance legislation across Europe, including the proposed Chat Control and the UK government's Online Safety Act, which aim to weaken encryption for the purpose of scanning digital communications for illegal content. What Are the Security & Privacy Implications of This Decision? The ECHR's decision carries profound implications for security practitioners and privacy-conscious individuals. The ruling highlights the importance of encryption for maintaining privacy and security in a democratic society. It questions the legitimacy of governments' attempts to weaken encryption for the sake of law enforcement and surveillance, as it ultimately compromises the protection and privacy of all users. Weakened encryption could have significant security consequences. Ransomware attacks targeting operational technology (OT) systems, such as those used in power plants and water treatment facilities, may become more prevalent. While traditional ransomware attacks have primarily focused on financial gain, the prospect of ransomware specifically designed to disrupt critical infrastructure's operational capabilities poses a new and alarming threat. Criminal groups, as well as nation-state attackers, could exploit these vulnerabilities, potentially causing physical harm and societal chaos. These implications prompt critical questions about the long-term consequences of backdoored encryption. Will weakened encryption actually lead to improved security, or will it create more vulnerabilities for criminals to exploit? Moreover, will governments be able to maintain control overthe technology needed to exploit these backdoors, or are they unintentionally opening the door for hostile actors to wreak havoc? As security practitioners, we must consider the potential impact on our work and be mindful of the broader implications. The ECHR's ruling becomes a rallying point for privacy advocates and those who understand the importance of encryption in safeguarding individual freedoms. It empowers us to push back against intrusive surveillance measures and fight for strong encryption standards. Additionally, this ruling resonates beyond legal frameworks and poses broader challenges for international cooperation on data security and privacy. With varying approaches to encryption laws across different countries, achieving a harmonized approach becomes more complex. This fragmentation can lead to confusion and exploitation by malicious actors seeking refuge in countries with lax encryption regulations. Our Final Thoughts on The ECHR's Decision The ECHR's decision on backdoored encryption serves as a critical reminder of the significance of encryption in safeguarding our privacy and security. It challenges governments, security practitioners, and the technology industry to balance collective safety and individual rights. As security professionals, it is our responsibility to advocate for strong encryption, subvert unwarranted surveillance measures, and ensure the protection of our digital infrastructure and personal data. . This landmark ruling has significant implications for data surveillance legislation across Europe, i. european, court, human, rights, (echr), major, decision, ruling, requiring. . Brittany Day
Feb 16, 2024
•
Government
82
risk managementcybersecurity techniquesdata surveillanceAnalyzing FOXACID: NSA Data Exploitation and Risk Management Techniques
As I recently reported in the Guardian, the NSA has secret servers on the Internet that hack into other computers, codename FOXACID. These servers provide an excellent demonstration of how the NSA approaches risk management, and exposes flaws in how the agency thinks about the secrecy of its own programs.. Here are the FOXACID basics: By the time the NSA tricks a target into visiting one of those servers, it already knows exactly who that target is, who wants him eavesdropped on, and the expected value of the data it hopes to receive. Based on that information, the server can automatically decide what exploit to serve the target, taking into account the risks associated with attacking the target, as well as the benefits of a successful attack. The link for this article located at Schneier on Security is no longer available. . Explore the tactics employed by the NSA's FOXACID infrastructure, emphasizing their strategies for mitigating potential threats and leveraging information efficiently.. NSA Operations,Risk Management,Cyber Surveillance,Data Exploitation. . Dave Wreski
Oct 09, 2013
•
Government
67
encryptionPGPprivacyPhil Zimmermann Discusses Privacy, Big Data, and Security Issues
Phil Zimmermann, creator of PGP, in a wide-ranging interview talks about the corrupting nature of big data, the end of privacy and the rise of the surveillance society. He also shared his thoughts on Moore. Phil Zimmermann might be a technologist, but he tends to get philosophical when it comes to the issues of privacy and security and how they intersect with our society. A cryptographer, in 1991, he created Pretty Good Privacy (PGP), an email encryption software and published it for free on the internet. Since then he has become an eloquent proponent for the need for privacy and tools. The link for this article located at GigaOM is no longer available. . Explore the deep insights of Phil Zimmermann as he examines privacy complexities, security significance, and the societal effects of expansive data landscapes in this engaging dialogue. Phil Zimmermann, Privacy Issues, Encryption Innovations. . LinuxSecurity.com Team
Aug 12, 2013
•
Cryptography
81
information securitydata privacyprivacy advocacyThe Intrinsic Value of Privacy Amid Surveillance Practices
The most common retort against privacy advocates -- by those in favor of ID checks, cameras, databases, data mining and other wholesale surveillance measures -- is this line: "If you aren't doing anything wrong, what do you have to hide?" Some clever answers: "If I'm not doing anything wrong, then you have no cause to watch me." "Because the government gets to define what's wrong, and they keep changing the definition." "Because you might do something wrong with my information." My problem with quips like these -- as right as they are -- is that they accept the premise that privacy is about hiding a wrong. It's not. Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect. . The link for this article located at Wired.com is no longer available. . Privacy is a vital human right that safeguards individual dignity and autonomy, ensuring control over personal information, free communication, and protection against intrusions.. Privacy Advocacy, Data Surveillance, Human Rights. . LinuxSecurity.com Team
May 18, 2006
•
Privacy
81
data protectiondata surveillanceprivacy invasionUK Policy Proposal for Data Surveillance and Privacy Invasion
ISPs can keep logs of who does what online if Home Secretary David Blunkett relaxes the Data Protection Act in response to terror fears. An emergency package of anti-terrorism measures rushed forward by the UK government to allow data surveillance across . . . . ISPs can keep logs of who does what online if Home Secretary David Blunkett relaxes the Data Protection Act in response to terror fears. An emergency package of anti-terrorism measures rushed forward by the UK government to allow data surveillance across the Internet was described by Internet think-tank Foundation for Information Policy Research (FIPR) as nothing to do with fighting terrorism but simply an invasion of consumer privacy. The link for this article located at ZDNet UK is no longer available. . ISPs can keep logs of who does what online if Home Secretary David Blunkett relaxes the Data Protect. online, secretary, david, blunkett, relaxes, protect. . LinuxSecurity.com Team
Oct 17, 2001
•
Privacy
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More