Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 3 articles for you...
82
NSAbackdoorsecurity oversightNSA's Criticism On Dual_EC_DRBG Flaw and Its Cryptographic Implications
It was a mistake for the National Security Agency to support a critical cryptographic function after researchers presented evidence that it contained a fatal flaw that could be exploited by US intelligence agents, the agency's research director said.. The comments by NSA Director of Research Michael Wertheimer were included in an article headlined The Mathematics Community and the NSA published this week in a publication called Notices. The article responds to blistering criticism from some mathematicians, civil liberties advocates, and security professionals following documents provided by former NSA subcontractor Edward Snowden showing that the agency deliberately tried to subvert widely used crypto standards. One of those standards, according to The New York Times, was a random number generator known as Dual EC_DRBG, which was later revealed to be the default method for generating crucial random numbers in the BSAFE crypto toolkit developed by EMC-owned security firm RSA.. Concerns arise over NSA's endorsement of the compromised Dual EC_DRBG; essential insights on encryption and safeguarding strategies emerge.. NSA Support of Dual EC_DRBG,Cryptography Security Flaws,Encryption Policy Oversight,Random Number Generation Issues. . Dave Wreski
Jan 15, 2015
•
Government
82
cyber defenseinformation assuranceencryption policyExploring NSA Encryption Insights and Strategies for Collaboration
Does business really have anything to learn from government? I pondered this notion, listening to Margaret Salter, one of the top encryption policy experts at the National Security Agency, on IE Radio this week.. This normally secretive agency within the Department of Defense is flirting with more openness and a higher public profile. More than once I heard, "We don't generally do a lot of things like this" from NSA personnel while trying to arrange a time for Salter to appear on IE Radio. Salter is technical director of the vulnerability analysis and operations group within the NSA's Information Assurance Directorate. But since she also spoke at the RSA conference in San Francisco a few months ago, it's clear that agency personnel are getting out more, and that's good news because they have an interesting story to tell. And while not overly generous on details for obvious national security reasons, what they do choose to share may help government and industry learn from each other, as Salter stated this week. For instance, take the NSA insistence on two types of encryption on any communication, an article of faith in Agency orthodoxy. In a series of crypto-interoperability trials that Salter oversees, one uses Transport Layer Security (TLS) on both the client and browser, along with digital certificates; another uses a WPA2 client, using Extensible Authentication Protocol (EAP) TLS, passing X.509 certificates, with client devices running IPSec. The link for this article located at Internet Evolution is no longer available. . This normally secretive agency within the Department of Defense is flirting with more openness and a. business, really, anything, learn, government, pondered, notion, listening. . Alex
May 21, 2010
•
Government
67
security policylegal implicationsencryption policyCourt Rules Source Code Is Protected Speech: Impacts on Encryption Policy
The U.S. Court of Appeals for the Sixth Circuit has ruled that computer source code is protected by the First Amendment. The ruling could have significant implications on the United States' encryption policies. This article discusses the case and the lessons it teaches about encryption.. . .. The U.S. Court of Appeals for the Sixth Circuit has ruled that computer source code is protected by the First Amendment. The ruling could have significant implications on the United States' encryption policies. This article discusses the case and the lessons it teaches about encryption. The author of this article, Shubha Ghosh, is a member of the GigaLaw.com Editorial Board and an associate professor of law at Georgia State University College of Law in Atlanta. He has written on a wide variety of legal topics, including cyberspace, intellectual property, employment and antitrust issues. He is licensed to practice law in the state of California. The link for this article located at GigaLaw is no longer available. . The federal judiciary's decision safeguards software algorithms via the First Amendment, transforming regulations surrounding cryptography.. Source Code, Encryption Policy, Free Speech, Cybersecurity. . LinuxSecurity.com Team
Jan 13, 2002
•
Cryptography
67
cryptographic toolsencryption policygovernment regulationAustralia's Silence on US Encryption Ban Amid Global Debate
Despite calls for a ban on 'uncrackable' encryption products in the US, the Australian government isn't saying whether it will support the Americans Australia's Department of Defence won't disclose if it will answer the US government's call to arms in . . . . Despite calls for a ban on 'uncrackable' encryption products in the US, the Australian government isn't saying whether it will support the Americans Australia's Department of Defence won't disclose if it will answer the US government's call to arms in restricting encryption technologies, and despite widespread support in the States for a ban on cryptography, experts say it's unlikely to happen. ZDNet previously reported that the question of restricting the use of encryption tools is a matter of serious debate in the US, where officials have been quick to blame the use of cryptography for the surveillance breakdown that failed to detect signs of the recent US-focused terrorist attacks. The link for this article located at ZDNet.co.uk is no longer available. . Despite calls for a ban on 'uncrackable' encryption products in the US, the Australian government is. despite, calls, 'uncrackable', encryption, products, australian, government. . LinuxSecurity.com Team
Sep 21, 2001
•
Cryptography
67
export regulationsencryption policycybersecurity debateBush Slams Clinton's Outdated Encryption Policy in Cybersecurity Debate
Responding to a question about encryption technology in an ongoing Internet debate, Texas Gov. George W. Bush today castigated President Clinton and Vice President Gore for what he called "outdated" technology policy. "The Clinton administration has repeatedly been slow to recognize . . . . Responding to a question about encryption technology in an ongoing Internet debate, Texas Gov. George W. Bush today castigated President Clinton and Vice President Gore for what he called "outdated" technology policy. "The Clinton administration has repeatedly been slow to recognize the realities of the international market for encryption products regulated by our nations export laws," Bush said in a written response posted on the Web White & Blue Web page. "Rather than act in a timely way to keep export limits in line with technology available from foreign sources, the administration has threatened exporters with outdated rules blocking sales of widely available commercial technology," Bush said. The link for this article located at NewsBytes is no longer available. . Responding to a question about encryption technology in an ongoing Internet debate, Texas Gov. Georg. responding, question, about, encryption, technology, ongoing, internet, debate, texas, georg. . LinuxSecurity.com Team
Nov 02, 2000
•
Cryptography
67
cybersecuritydata privacyencryption policyUS Encryption Export Policy Update: Effects on EU and Allied Countries
The United States on Monday announced an update to its encryption export policy affecting companies that sell encryption software to users in the 15 European Union nations and in eight other countries that are U.S. allies. . The United States on Monday announced an update to its encryption export policy affecting companies that sell encryption software to users in the 15 European Union nations and in eight other countries that are U.S. allies. The link for this article located at InfoWorld is no longer available. . The United States on Monday announced an update to its encryption export policy affecting companies . united, states, monday, announced, update, encryption, export, policy, affecting, companies. . LinuxSecurity.com Team
Jul 17, 2000
•
Cryptography
67
data privacyencryption policycryptography regulationUS Encryption Policy Changes And Proposed Restrictions On Technology
While the Clinton administration has relaxed the international export of encryption technologies, there are still some other "draconian proposals" in the pipeline, according to the Electronic Privacy Information Center's (EPIC) third annual report on the state of encryption policies. The . . .. While the Clinton administration has relaxed the international export of encryption technologies, there are still some other "draconian proposals" in the pipeline, according to the Electronic Privacy Information Center's (EPIC) third annual report on the state of encryption policies. The report, titled "Cryptography and Liberty 2000: An International Survey of Encryption Policies," said, however, that the movement toward the relaxation of regulations of encryption technologies has largely succeeded. The link for this article located at ComputerUser is no longer available. . The Obama presidency relaxed regulations on data sharing, yet strict initiatives remain, affecting innovation and civil liberties.. Encryption Policies,Cryptography Regulation,Data Privacy,Tech Legislation. . LinuxSecurity.com Team
Apr 13, 2000
•
Cryptography
67
security complianceencryption policyconsumer softwareChina Eases Encryption Rules For Consumer Software And Mobile Devices
A Reuters report today said the government agency responsible for enforcing Internet rules has exempted a wide range of consumer software and equipment -- including mobile phones and Microsoft Windows, and added it would not insist on keeping trusteeship of . . .. A Reuters report today said the government agency responsible for enforcing Internet rules has exempted a wide range of consumer software and equipment -- including mobile phones and Microsoft Windows, and added it would not insist on keeping trusteeship of company encryption keys. The link for this article located at E-Commerce Times is no longer available. . The Chinese authorities ease restrictions on encryption for consumer applications and hardware, such as smartphones. Discover further details!. China Encryption Regulation, Consumer Software Security, Mobile Device Policy. . LinuxSecurity.com Team
Mar 13, 2000
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More