Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 5 articles for you...
82
legal frameworkdigital rightsISP regulationsTrans-Pacific Partnership ISPs Required To Supply Infringer Information
The Trans-Pacific Partnership (TPP) will force internet service providers (ISPs) to give up the details of copyright infringers so that rights holders can protect and enforce their copyright through criminal and civil means with few limitations, according to the intellectual property chapter released by WikiLeaks over the weekend. . The TPP, which reached agreement last week after talks had stalled for years over digital rights and other issues, will regulate trade between Australia, the United States, New Zealand, Canada, Singapore, Vietnam, Malaysia, Japan, Mexico, Peru, Brunei, and Chile. . The TPP requires internet providers to reveal the identities of those infringing copyrights, influencing the enforcement of digital rights.. Copyright Enforcement, ISP Regulations, Digital Rights, TPP Regulations. . Alex
Mar 14, 2017
•
Government
82
security researchlegal frameworklegal implicationsCriticism of German Antihacker Law Encouraging Caution Among Researchers
Because you make pens, pencils, or any other sharp objects that are capable of stabbing and killing, you are liable for producing weapons. This is the logic I see behind the German Anti-Hacker law which states that offenders are defined as any individual or group that intentionally creates, spreads or purchases hacker tools designed for illegal purposes. These laws are based off of a "judgement call" and can only hinder the process of security researchers in their perpetual quest of closing zero-day vulnerabilities. How do you feel about laws like this being passed? . The link for this article located at Network World is no longer available. . The article on the German Anti-Hacker Law raises concerns about implications for security research and hacker tool regulation.. German Antihacker Law, Security Research, Cybersecurity Implications. . Brittany Day
Aug 14, 2007
•
Government
82
cyber threatsinformation securitylegal frameworkTech Challenges: Legal Frameworks Struggling to Adapt to Innovation
A legal system rife with outdated laws never designed to cope with such new technologies as VOIP is just one of the worries facing Stephen Treglia, chief of the technology crime unit in the district attorney's office of New York's Nassau County. . "This has been a tremendous curve for the legal system to adapt to," said Treglia at this week's InfoSecurity conference, where he and other experts discussed how they try to cope with multiple challenges, such as the botnet threat, controlling hackers and devising cost-effective ways to maintain voice and data communications during emergencies. He said federal and state lawmakers have had a hard time keeping up with the enormous technical changes brought about by IP-based communications and the Web. The link for this article located at ComputerWorld.com is no longer available. . Professionals at CyberLaw Insights tackle the obstacles encountered by regulatory bodies due to antiquated regulations in a technology-oriented landscape.. Legal Frameworks, Information Security Challenges, Cyber Threats. . Brittany Day
Oct 30, 2006
•
Government
81
communication lawcyber harassmentlegal frameworkExploring The New 'Annoy' Law's Impact On Internet Users
Q: So what does the rewritten law now say? The section as amended reads like this: "Whoever...utilizes any device or software that can be used to originate telecommunications or other types of communications that are transmitted, in whole or in part, by the Internet... without disclosing his identity and with intent to annoy, abuse, threaten, or harass any person...who receives the communications...shall be fined under title 18 or imprisoned not more than two years, or both.". . Q: So what does the rewritten law now say? The section as amended reads like this: 'Whoever...utiliz. rewritten, section, amended, reads, 'whoever, utiliz. . LinuxSecurity.com Team
Feb 03, 2006
•
Privacy
76
software updateopen sourcelegal frameworkGPL Update: Addressing Software Patents And Legal Challenges
The General Public License hasn't had a proper update for 13 years, and it's starting to show its age. It looks set to be updated though, to ensure it's more in tune with today's software models and potential legal battles. . Modernisation is coming to the General Public License, a legal framework that supports a large part of the free and open source software movements and that has received sharp criticism from Bill Gates. GPL author Richard Stallman says he's working on amendments that could deal better with software patents; clarify how GPL software may be used in some networked environments and on carefully controlled hardware; and lower some barriers that today prevent the mixing of software covered by the GPL and other licences. The link for this article located at ZDNet.co.uk is no longer available. . The Creative Commons License is undergoing updates to improve its applicability and flexibility to meet contemporary digital content practices.. GPL, legal updates, software patents, open source, software modernization. . Benjamin D. Thomas
Dec 23, 2004
•
Organizations/Events
82
digital signaturelegal frameworkauthenticationImportance Of Digital Signatures In European E-Commerce Law
Electronic signatures are backed by valid European laws and thus qualified digital signatures have great potential. Strong digital signatures have great importance to all businesses who must do electronic transactions with European partners because they have a very deep juridical value. Once again, a secure digital signature warrants the authentication, integrity, confidentiality, and non-repudiation of a signatory; these are the most desired guarantees in e-business. Strong digital signatures thus have widespread use for high value e-commerce situations: everyone wants to be sure her/his contract is valid and there is no hacker interference. . . .. People who do business on the Internet require security and trust. In electronic commerce and communication you can't see the person you are speaking with, you can't see the documents that prove one's identity, and you can't even know if the web site you are connected to belongs to the society it says. You must also ask yourself: is this indeed the contract my business partner has sent to me or has someone unauthorized seen and changed it before it reached my desk? What will happen if I have problems with the contract and I must take it to a court of law? To answer these juridical necessities the European Union adopted a community framework for electronic signatures some time ago (directive 1999/93/EC of the European Parliament and the council of December 13, 1999, on a community framework for electronic signatures) that has been implemented in various European countries. The European directive is used for business in which European partners (persons or societies) or public administrations are involved. It also means that if an American organization enters into an electronic contract with a European society it has to respect European requirements to ensure the contract is valid. This paper will address these issues and then provide an overview of current trends within various countries in Europe. ... Electronic signatures are backed by valid European laws and thusqualified digital signatures have great potential. Strong digital signatures have great importance to all businesses who must do electronic transactions with European partners because they have a very deep juridical value. Once again, a secure digital signature warrants the authentication, integrity, confidentiality, and non-repudiation of a signatory; these are the most desired guarantees in e-business. Strong digital signatures thus have widespread use for high value e-commerce situations: everyone wants to be sure her/his contract is valid and there is no hacker interference. The PKI situation in Europe is still not consistent across all countries, however. Some countries, such as Italy, Austria, and Spain have well-developed infrastructure already in place; others such as Finland, Denmark, Germany, and France are still testing their PKI solutions. Further, some countries such as Holland and the United Kingdom have not even started deploying their public key infrastructure. The link for this article located at SecurityFocus is no longer available. . People who do business on the Internet require security and trust. In electronic commerce and commun. signatures, electronic, backed, valid, european, qualified, digital. . Anthony Pell
Jan 30, 2004
•
Government
82
information securitylegal frameworkcommunicationsU.S. Information Security Law: Protecting Private Sector Communications
This is the second part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. In the first part of this series, we looked at the legal framework for protection of information systems . . . . This is the second part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. In the first part of this series, we looked at the legal framework for protection of information systems and the role of information security professionals in the creation of trade secret interests. In this installment, we will look at the legal framework for security of an enterprise's working environment from the perspective of information security professionals, with particular emphasis on the protection of communications. Of course, protecting communications necessarily depends on the security of the systems used to transmit and store them. Drawing a rigid line between protecting systems and protecting communications might not always be useful or possible. That said, for our discussion, treating the protection of communications separately from the protection of systems illustrates how the Computer Fraud and Abuse Act, 18 U.S.C.§ 1030 (the "CFAA"), and the Electronic Communications Protection Act, 18 U.S.C. §§ 2510-22 and §§ 2701-12 (the "ECPA"), two critically important federal information security statutes, work together. As discussed in the first article in this series, the primary thrust of the CFAA, with respect to private sector systems, is to prohibit access to protected computers without authorization or exceeding authorization, whether to obtain something of value or to damage systems or data. The primary concern of the ECPA is related, but distinct. The ECPA prohibits the unauthorized and unjustified interception, disclosure, or use of communications, including electronic communications[1]. In a situation in which a bad actor hacks into a corporate network and obtains access to sensitive email, theCFAA and the ECPA are both violated. But having discussed the CFAA in Article 1, our discussion of the legal framework for protecting communications will focus on the ECPA. The link for this article located at SecurityFocus is no longer available. . This is the second part of a four-part series looking at U.S. information security laws and the way . second, four-part, series, looking, information, security. . Anthony Pell
Apr 02, 2003
•
Government
82
law enforcementlegal frameworkprivacy concernU.S. Endorses EU Cybercrime Proposal Facing Privacy Opposition
The United States has endorsed the gist of a controversial European drive to tighten cybercrime laws over the protests of privacy, civil liberties and human rights advocates. The central provisions of the 41-nation Council of Europe's latest draft convention "are consistent . . . . The United States has endorsed the gist of a controversial European drive to tighten cybercrime laws over the protests of privacy, civil liberties and human rights advocates. The central provisions of the 41-nation Council of Europe's latest draft convention "are consistent with the existing framework of U.S. law and procedure," the Justice Department said in a Friday posting on its cybercrime Web site. At issue is the first multilateral pact drafted specifically to deal with the cross-border nature of much computer-related crime. When ready, it would be opened for signature worldwide in an effort to slash the procedural and jurisdictional obstacles that law enforcers say play into the hands of criminals operating through the Internet. The link for this article located at CNN is no longer available. . The United States has endorsed the gist of a controversial European drive to tighten cybercrime laws. united, states, endorsed, controversial, european, drive, tighten, cybercrime. . Anthony Pell
Dec 04, 2000
•
Government
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More