Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 3 articles for you...
76
browser securitysecurity strategycommunity engagementLinux Foundation: Transforming Chromium Development for Enhanced Security
As Linux security admins, staying ahead of the curve is paramount, especially regarding the browsers you use and manage. On January 9, 2025, The Linux Foundation is unveiling "Supporters of Chromium-Based Browsers," an initiative supported by tech titans including Google, Meta, Microsoft, and Opera. This project is expected to transform the open development ecosystem surrounding Chromium (the foundation behind popular browsers such as Google Chrome and Microsoft Edge) through an open governance model and industry collaboration that promises greater transparency, security, and customization for Chromium-based browsers while aligning perfectly with open-source community's security needs. . This is a golden opportunity for us Linux security admins to engage with a community-driven project prioritizing security and innovation. We’ll have more control over updates and browser features, minimizing unnecessary integrations and tightening security measures where it counts. The collaborative nature of the initiative ensures continuous scrutiny and improvement of security features, fostering an environment where potential vulnerabilities are swiftly addressed. With its open-source approach, you can trust that compliance and security standards are met with thorough community verification. Let's examine this initiative in more depth and explore how it will enhance your browser security strategies, keeping your systems safe and efficient. Strengthening Open Development One of the most exciting aspects of the "Supporters of Chromium-Based Browsers" initiative is its dedication to open development. By providing a neutral space where developers and the open-source community can come together, this initiative seeks to support existing Chromium projects and any that emerge - encouraging innovation while freeing various stakeholders from restrictions associated with proprietary solutions. We can expect a steady flow of features and updates developed collaboratively by the community to addressusers' needs and concerns. Open development also means increased transparency. Since the code and development processes are open, it's easier to understand the security measures being implemented. This transparency builds trust and allows for better-informed decision-making when configuring and deploying these browsers in your environment. Governance and Industry Support A key distinguishing feature of this initiative is its open governance model, with a technical advisory committee overseeing development to ensure it meets community needs rather than solely serving single entities' interests. This governance model seeks to promote balanced decision-making processes where voices from various sectors - security experts, developers, and end-users can all have their say and be considered in decision-making processes. Major tech companies such as Google, Meta, Microsoft, and Opera provide financial backing and invaluable expertise and resources. These companies are committing to funding and development, which means that the project will have the resources needed to tackle significant challenges, including those related to security. This industry support translates to a more robust and reliable browser that benefits from the combined experience and resources of some of the biggest names in tech. Impact on Chromium vs. Chrome Understanding the differences between Chromium and Google Chrome is vital to fully grasp the impact this initiative will have on users. Although Chromium serves as the basis of Chrome, certain features and integrations specific to Google services (like Chrome Sync) or licensed codecs for H.264 and AAC are missing from it. It also excludes DRM modules such as Google’s Widevine. Though these differences seem like limitations, they present an opportunity from a security perspective. By avoiding deep integration with Google services, Chromium has a smaller attack surface, reducing potential vectors for exploitation. This is particularly beneficial for environments whereminimalism and security are paramount. Linux security admins can configure Chromium-based browsers to fit their specific security needs without the additional bloat and potential vulnerabilities associated with proprietary features. Security Through Community Collaboration One of the most significant advantages of the "Supporters of Chromium-Based Browsers" initiative is the potential for enhanced security through community collaboration. With more developers and organizations contributing to the project, there will be increased scrutiny of the code . This collaborative effort ensures that security vulnerabilities are identified and resolved quickly, benefiting from the diverse expertise within the community. Moreover, the transparent development process means that security measures are visibly, openly debated and implemented. This transparency lets administrators understand the security considerations behind each feature or update, making it easier to trust the browser’s security posture. This level of openness is invaluable in an era where trust is a critical security component. Control Over Updates and Features One of the primary challenges with proprietary browsers is the reliance on the vendor for updates and features. With Chromium, you have more control over these aspects, which is crucial for maintaining a secure environment. The initiative's open development model means that updates can be reviewed and customized to meet specific security requirements before deployment. For us Linux admins, this control is a significant advantage. It means we can apply updates that align with our organization's security policies and timelines rather than being at the mercy of a vendor's update cycle. We can also disable or enable features based on our security needs, ensuring the browser is as secure as possible for our specific environment. Enhanced Compliance and Auditing Compliance with security standards and the ability to conduct thorough audits are critical for any organization. Theopen-source nature of the "Supporters of Chromium-Based Browsers" initiative means that compliance and auditing processes can be more robust and community-verified. With the code openly available, verifying that the browser meets specific security standards and conducting comprehensive audits is easier. This means added assurance that your browsers comply with industry standards and that you can prove this compliance through thorough, transparent audits. The community-driven nature of the project ensures that compliance is not just about meeting the minimum standards but continuously evolving to address new security threats and challenges. Community and Industry Backing Major industry players' support of this initiative cannot be understated. Google, Meta, Microsoft, and Opera are providing financial backing and bringing their extensive expertise. This level of support ensures that the project will have the resources it needs to tackle significant security challenges and push the envelope regarding innovation. This backing means that the initiative is not a fringe project but a well-supported, mainstream effort with a higher probability of long-term success. These major players' combined resources and expertise ensure the project will benefit from the latest security research and development advancements. This is crucial for staying ahead of emerging threats and ensuring that the browsers you deploy are at the cutting edge of security technology. Our Final Thoughts on This Promising Chromium Browser Development Initiative The "Supporters of Chromium-Based Browsers" initiative by the Linux Foundation marks an exciting development for open-source communities and Linux security admins. By prioritizing open development, transparency, and community collaboration, this initiative promises browsers that are feature-rich but also secure and customizable. We have an incredible opportunity with this initiative to engage in an endeavor that brings together Open Source and security principles. Byplaying an active role, we can help shape the future of Chromium-based browsers so they meet the highest security standards tailored specifically for our environment. Seize this chance to enhance your browser security strategies and keep your systems safe in 2025 and beyond! . Participate in a collaborative effort aimed at bolstering web safety for Linux system operators while simplifying enhancements and upgrades.. Chromium browsers, open development, security collaboration, Linux admins, community driven. . Brittany Day
Jan 13, 2025
•
Organizations/Events
82
security initiativedeveloper collaborationopen source securityOpenSSF and Industry Leaders Unite to Address Open Source Security
In 2022, the Open Source Software Foundation (OpenSSF) set its sights on fixing security problems with the open software supply chain. including joining forces with companies including Apache, Google, Apple, and AWS, and meeting at the White House with the U.S. government's executive branch. . 2022 was a heck of a year for open source security troubles, but at the same time, the Open Source Security Foundation (OpenSSF) did its best to help secure vital programming infrastructure. In 2021, not 2022, things went awry in a big way for open source software security. I am, of course, referring to the Log4J vulnerability . It’s been over a year, and it’s still hanging around. This, in turn, woke people outside the developer and security worlds to the dangers to the software supply chain. I’d predicted that open source and Linux developers would take security much more seriously in 2022 . It looks like I was right. To meet these security needs, OpenSSF and numerous other developer players, including Apache, Google, Apple, and AWS, met at the White House with the US government’s executive branch. As White House National Security Advisor Jake Sullivan said when he called for the meeting, it was a “national security concern” that volunteers maintained foundational open source software. Well. Yes, we, the open source community, knew that. Of course, it’s not like the proprietary software development companies have covered themselves with glory. . The year 2023 highlighted major initiatives by OpenSSF aimed at tackling security issues in open source, especially in response to crises such as the vulnerability in Log4J.. OpenSSF, Open Source Security, Supply Chain Efforts. . Brittany Day
Jan 25, 2023
•
Government
76
security initiativesopen source securityindustry collaborationOpenSSF Membership Now Exceeds 100, Enhancing Software Security
The Open Source Security Foundation (OpenSSF), a cross-industry organization hosted at the Linux Foundation that brings together the world’s most important software supply chain security initiatives, today announced many new members from leading technology firms in sectors that span software development, cybersecurity, data science, platform-as-a-service, semiconductors, finance, think tanks, academics, and more, bringing the total number of OpenSSF members to over 100. . New general member commitments include those from Airbyte, Anaconda, BoostSecurity, ControlPlane, Cybozu, Docker, Endor Labs, FOSSA, HackerOne, Phylum, Qualys, Trail of Bits, VicOne, and AMD Xilinx. New associate members include FS-ISAC, OpenForum Europe, and Nanyang Technological University. “We are delighted to welcome new members to the OpenSSF,” says Brian Behlendorf, General Manager of OpenSSF. “As attacks continue to target critical infrastructure, both industry and governments around the world are paying attention and are proactively seeking ways to improve the security posture of the open source software we all depend on.” . The Open Source Security Foundation has proudly gathered more than 100 participants from diverse industries, all dedicated to the improvement and fortification of open-source software safety.. OpenSSF, Software Security, Membership Growth, Open Source Engagement. . Brittany Day
Jan 15, 2023
•
Organizations/Events
82
network protectionsecurity measurescybersecurityCybersecurity Measures Post 2001: Government And Industry Collaboration
Recently, there's been increased criticism of the federal government's efforts to secure the Internet. The September departure of Amit Yoran from the Department of Homeland Security was widely cited as indicative of problems that run deep, not just through DHS, but the entire government. While everyone agrees there's much work to do, it's important to recognize the accomplishments of the past few years. . The al Qaeda attack in 2001 was clearly a turning point. Immediately afterward, government and industry officials worked side by side to restore services to lower Manhattan and the Pentagon. Across the nation, industry leaders re-examined business-continuity plans while governments began the arduous task of building protective measures into both physical and Web infrastructures. While the government was creating the DHS, computer-security experts began drafting a strategy for securing the nation's computer networks. Homeland Security's National Cyber Security Division, formed in 2003, has collaborated with industry, academia, and the international community to improve cybersecurity. It created the US-CERT in 2003 to act as our nation's single point of contact for Internet-security readiness. Network administrators subscribe to this warning system and use it together with private services to understand new Internet threats and vulnerabilities, such as viruses, worms, and weaknesses in popular software. Also, the FBI and the Secret Service have formed cybercrime investigative teams that have bagged numerous fraudsters and thieves in the private sector. The link for this article located at Marcus Sachs, C. Wayne Crews is no longer available. . The 9/11 terrorist attacks reshaped partnerships between public entities and private firms, fostering improved strategies for protecting digital infrastructure. Cybersecurity Strategy, Network Protection, Government Collaboration, Internet Security. . Joe Shakespeare
Dec 03, 2004
•
Government
82
cyber attackbusiness engagementcyber securityNational Cyber Security Summit Highlights Industry Collaboration Efforts
This was the message from yesterday's National Cyber Security Summit in Santa Clara, Calif. The summit, backed by technology trade groups and the U.S. Chamber of Commerce, brought together power players from the tech industry and high-ranking officials from the Department . . . . This was the message from yesterday's National Cyber Security Summit in Santa Clara, Calif. The summit, backed by technology trade groups and the U.S. Chamber of Commerce, brought together power players from the tech industry and high-ranking officials from the Department of Homeland Security. The meeting's purpose was for both a formal status check of the business community's efforts (or lack thereof) to embrace cybersecurity guidelines and to brainstorm ways for industry to get involved in helping the government ward off hacker and worm attacks. One of the summit's unstated goals was to resolve bickering about whose fault it is that the business community -- which controls 85 percent of the systems that run the nation's computer infrastructure -- has done far less than the government thinks it should to guard against cyber attacks. The link for this article located at Washinton Post is no longer available. . Discussions at the Global Data Protection Forum highlight collective efforts to strengthen online security protocols across sectors.. Cybersecurity Summit, National Security, Industry Collaboration, Cyber Attack Prevention, Technology Trade Groups. . Anthony Pell
Dec 05, 2003
•
Government
82
homeland securityprivate sectorindustry collaborationGovernment And Industry Unite Through New Homeland Security Council
An industry group has been created to connect private-sector companies with the Department of Homeland Security. Executives of the new Homeland Security Business Executive Council announced the launch of the nonpartisan, nonprofit group today in Washington. . . .. An industry group has been created to connect private-sector companies with the Department of Homeland Security. Executives of the new Homeland Security Business Executive Council announced the launch of the nonpartisan, nonprofit group today in Washington. The Department of Homeland Security supports the creation of the group, an administration official said. The Washington-based council will explore the role private industry should play in homeland security, foster public-private partnerships to enhance security and communicate industry concerns to the department and legislators, according to Michael Meldon, president The link for this article located at GNC.com is no longer available. . An innovative coalition has emerged, linking private enterprises with the Department of Homeland Security to bolster security initiatives.. Homeland Security, Business Collaboration, Private Sector Partnership. . Anthony Pell
Jun 18, 2003
•
Government
76
security insightslaw enforcementcomputer crimeExpert Solutions For Businesses On Computer Crime Collaboration
How businesses should deal with law enforcement was a topic of discussion at INT Media Group's recent E-Security Conference and Expo in Vienna, Va. In separate sessions, attendees heard from David Green, principal deputy chief of the Department of Justice Computer . . . . How businesses should deal with law enforcement was a topic of discussion at INT Media Group's recent E-Security Conference and Expo in Vienna, Va. In separate sessions, attendees heard from David Green, principal deputy chief of the Department of Justice Computer Crime and Intellectual Property Section (CCIPS), and Bryan Palma, a special agent with the U.S. Secret Service Electronic Crimes Task Force. Both speakers explained how industry and law enforcement can work together to stem computer crime. Green succeeded in bringing humor to this serious subject, such as when he lamented the challenges the DOJ faces in prosecuting and sentencing perpetrators of computer crimes, many of whom turn out to be 14 or 15 years old. "We're looking at grounding as an alternative sentence," he said. And in talking about insider attacks, he said, "A very low percentage of these insider attacks come from gruntled ex-employees; they're always disgruntled." The link for this article located at Earthweb is no longer available. . Companies tackling digital offenses with law enforcement perspectives shared by professionals during INT Media's latest symposium.. Computer Crime Solutions, Law Enforcement Collaboration, Insider Threat Solutions. . Anthony Pell
Jun 14, 2002
•
Organizations/Events
81
data protectiononline safetyprivacy campaignLeading Internet Firms Announce Public Service for Online Privacy
WASHINGTON (AP) -- Internet industry titans are putting aside their differences, just this once, to agree on a public service campaign on online privacy to be announced Tuesday. . WASHINGTON (AP) -- Internet industry titans are putting aside their differences, just this once, to agree on a public service campaign on online privacy to be announced Tuesday. . Tech giants collaborate for a nationwide initiative focused on digital security, aiming to tackle issues surrounding user data safeguarding.. Data Privacy, Online Safety, Industry Collaboration, Digital Rights. . LinuxSecurity.com Team
Jul 26, 2000
•
Privacy
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More