Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
82
governmentNSAoversightExamining NSA Integrity Issues Regarding Distorted Statements
The NSA has lied to the Congress, the courts, and perhaps even to the president himself, but no one seems to care. The Director of National Intelligence James R Clapper admitted he lied to Congress about the NSA metadata collection program. He said the NSA had no such program . General Keith Alexander, director of the National Security Agency, lied in 2012 that the NSA does not hold data on US citizens, and repeated similar misstatements, under oath, to Congress about the program: The link for this article located at The Guardian is no longer available. . General Keith Alexander, director of the National Security Agency, lied in 2012 that the NSA does no. congress, courts, perhaps, president, himself. . Alex
Sep 25, 2013
•
Government
67
data protectionencryptiondata privacyExploring Encryption Challenges for Effective Data Protection
It's a security practitioners dream to deploy a technology that ensures perfect data protection 100 percent of the time. Short of unplugging a computer and locking it in a vault, few technologies come as close as encryption to nearly unbreakable data security; take the data, run it through an encryption algorithm, and it's unreadable to anyone who doesn't possess the right key to reverse the process. It can be mathematically demonstrated that retrieval of encrypted data without the encryption keys is computationally impossible within the expected lifetime of the universe.. And while many strive for this level of certainty, practical issues in the use and deployment of encryption often limit benefits and negatively impact business operations. Reality has a very rude habit of shattering our security dreams. Encryption is everywhere in IT, from network communications and stored data, all the way down to smartphones and thumb drives. When applied correctly, it's incredibly effective at preserving data privacy and integrity. When misapplied, either because it was poorly deployed or is expected to solve a problem it cannot, an organization does not get added security, but instead spends unnecessary money and slows down operations. The link for this article located at Search Security is no longer available. . And while many strive for this level of certainty, practical issues in the use and deployment of enc. security, practitioners, dream, deploy, technology, ensures, perfect, protection. . LinuxSecurity.com Team
Sep 27, 2009
•
Cryptography
82
digital signaturelegal frameworkauthenticationImportance Of Digital Signatures In European E-Commerce Law
Electronic signatures are backed by valid European laws and thus qualified digital signatures have great potential. Strong digital signatures have great importance to all businesses who must do electronic transactions with European partners because they have a very deep juridical value. Once again, a secure digital signature warrants the authentication, integrity, confidentiality, and non-repudiation of a signatory; these are the most desired guarantees in e-business. Strong digital signatures thus have widespread use for high value e-commerce situations: everyone wants to be sure her/his contract is valid and there is no hacker interference. . . .. People who do business on the Internet require security and trust. In electronic commerce and communication you can't see the person you are speaking with, you can't see the documents that prove one's identity, and you can't even know if the web site you are connected to belongs to the society it says. You must also ask yourself: is this indeed the contract my business partner has sent to me or has someone unauthorized seen and changed it before it reached my desk? What will happen if I have problems with the contract and I must take it to a court of law? To answer these juridical necessities the European Union adopted a community framework for electronic signatures some time ago (directive 1999/93/EC of the European Parliament and the council of December 13, 1999, on a community framework for electronic signatures) that has been implemented in various European countries. The European directive is used for business in which European partners (persons or societies) or public administrations are involved. It also means that if an American organization enters into an electronic contract with a European society it has to respect European requirements to ensure the contract is valid. This paper will address these issues and then provide an overview of current trends within various countries in Europe. ... Electronic signatures are backed by valid European laws and thusqualified digital signatures have great potential. Strong digital signatures have great importance to all businesses who must do electronic transactions with European partners because they have a very deep juridical value. Once again, a secure digital signature warrants the authentication, integrity, confidentiality, and non-repudiation of a signatory; these are the most desired guarantees in e-business. Strong digital signatures thus have widespread use for high value e-commerce situations: everyone wants to be sure her/his contract is valid and there is no hacker interference. The PKI situation in Europe is still not consistent across all countries, however. Some countries, such as Italy, Austria, and Spain have well-developed infrastructure already in place; others such as Finland, Denmark, Germany, and France are still testing their PKI solutions. Further, some countries such as Holland and the United Kingdom have not even started deploying their public key infrastructure. The link for this article located at SecurityFocus is no longer available. . People who do business on the Internet require security and trust. In electronic commerce and commun. signatures, electronic, backed, valid, european, qualified, digital. . Anthony Pell
Jan 30, 2004
•
Government
67
encryptionkey exchangeconfidentialityUnderstanding IPSec: Encapsulation and Key Exchange Methods
Encapsulating security payloads, key exchange mechanisms and other components of establishing secure data transfers. In Part 2, we move on to encapsulating security payloads and key exchange mechanisms. IPSec ESP format, specified in RFC 2406, provides confidentiality, authenticity and integrity.. . .. Encapsulating security payloads, key exchange mechanisms and other components of establishing secure data transfers. In Part 2, we move on to encapsulating security payloads and key exchange mechanisms. IPSec ESP format, specified in RFC 2406, provides confidentiality, authenticity and integrity. The original packet is transparently encrypted by the IPSec layer before being sent and decrypted on the receiving side. An eavesdropper capturing packets in any intermediate node will not be able to recover the original contents of the packet (or, at least, he should not be able to do it in a reasonable amount of time). The link for this article located at Linux Journal is no longer available. . IPSec is a suite of protocols that secures Internet Protocol communications using encryption and integrity checks, protecting data transmission effectively. IPSec, Data Transfer Security, Key Exchange Mechanisms, Payload Encryption. . LinuxSecurity.com Team
Sep 09, 2002
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More