Security Projects
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
German software engineer Lennart Poettering recently presented run0, a new tool in systemd v256 that aims to address the security concerns associated with the widely used sudo command. Let's explore run0's implications for Linux admins and security practitioners.
The latest release of Debian, one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and innovation in open-source OSes. As security practitioners and Linux administrators, we always seek stable and innovative operating systems that can meet our needs while keeping our systems secure.
A significant change has been merged into the x86 fixes for Linux 6.9, requiring the seeding of RNG (Random Number Generation) with RdRand for CoCo (Confidential Computing) environments. The change focuses on CoCo virtual machines, designed to be as isolated as possible, assuming the VM host is untrusted. RdRand is critical as a hardware random number generator instruction for entropy to guest VMs. Security expert and WireGuard developer Jason Donenfeld authored this change.
Recent enhancements have been made to GitHub Actions, a feature of GitHub that enables automation and CI/CD processes for developer teams. The updates focus on boosting security and power for GitHub-hosted runners, virtual machines that execute workflows.
Tails 6.1 has been released as the latest version of the renowned Linux distribution focused on privacy and anonymity. This critical analysis will delve into the release's key updates and improvements, discuss the implications for security practitioners, and explore potential long-term consequences.
Integrating the Graph for Understanding Artifact Composition (GUAC) in the open-source security framework has tremendous potential to improve software supply chain security. GUAC is an initiative introduced by Google, Kusari, Purdue University, and Citi that aggregates software security metadata into a high-fidelity graph database.
Openwall has released Linux Kernel Runtime Guard (LKRG) 0.9.8 with significant updates and improvements. For those unfamiliar with Linux Kernel Runtime Guard (LKRG), it is a kernel module that performs runtime integrity checking of the Linux kernel and detects security vulnerability exploits against the kernel.
Ubuntu and Fedora are two prominent Linux distributions, each offering its own set of strengths and features. Ubuntu, created by Canonical Ltd., boasts a user-friendly interface, stable performance, and a vast repository of pre-installed and downloadable software. On the other hand, Fedora prides itself on being an innovative and secure platform, perfect for experienced Linux users who desire the latest technological advancements.
Chinese tech giant Huawei has proposed introducing a "SandBox Mode" for the Linux kernel, aimed at bolstering memory security. This mode would create an environment where native kernel code can be executed but with access restricted only to predefined memory addresses.
The release of Linux kernel 6.7 introduces various security features and updates. One notable improvement mentioned in the article is the update to the crypto subsystem, which focuses on reducing the use of insecure and obsolete crypto hashing algorithms. Removing SHA1 support for signing kernel modules or importing X.509 certificates and eliminating MD4 and MD5 hashing raises important security concerns. This highlights the Linux community's commitment to staying ahead of emerging threats and ensuring the robustness of the platform.
The release of SystemRescue 11 is an Arch Linux-based Live Linux toolkit for system recovery and rescue tasks. It has a Linux 6.6 long-term support kernel that supports recent hardware and adds new features. The release also includes new tools, such as bcachefs tools, Blocksync, a fast block device sync utility, The Sleuth Kit for raw filesystem inspection, and Timeshift snapshot-based backup.
The recently released Parrot OS 6.0 has garnered attention among Linux administrators, infosec professionals, internet security enthusiasts, and sysadmins. This latest version of the security-oriented distribution for ethical hacking and penetration testing brings several significant updates and improvements. In this analysis, we will delve into the key features and implications of Parrot OS 6.0, consider its long-term consequences, and explore its impact on security practitioners.
An important change has been made in the AppArmor Linux kernel security module. The change involves switching from using the insecure SHA1 algorithm to the more secure SHA256 algorithm for AppArmor policy hashes.
Tsurugi Linux is a free and open-source distribution crafted specifically for digital forensics and Open-Source Intelligence (OSINT) investigations. Tsurugi Linux offers a user-friendly experience with a logical forensic analysis menu sequence, allowing users to navigate the various stages of an investigation easily.
Notable virtualization changes and enhancements have been integrated into the Linux kernel 6.8 . Significant features include enhanced support for confidential VMs, software-protected VMs, and improvements for specific architectures like x86 and ARM. These changes offer intriguing possibilities for Linux admins, infosec professionals, Internet security enthusiasts, and sysadmins but also raise important considerations for security and long-term consequences. Let's have a look at these changes and their implications for the security of your Linux systems.
The boundaries between desktop and mobile computing continue to blur in the ever-evolving technology landscape. Termux is a powerful terminal for Android that allows users to access the full capabilities of a Linux distribution from their mobile device.
OpenSSH will remove DSA keys from its support in the near future. Let's examine the OpenSSH team's reasoning for making this change, the process, and the proposed timeline.
The launch of Linux Kernel 4.13 has brought significant advancements in Thunderbolt security and device integration. This article explores the key features of the new kernel version and their implications for Linux admins, infosec professionals, internet security enthusiasts, and sysadmins.
Debian 10, known as “Buster,” was first released on July 6, 2019, and has earned the reputation of being a reliable Linux distribution for individuals and businesses alike. However, the security support for this version of Debian is ending, with Debian 10 reaching its End of Life (EOL) on June 30, 2023.
In the world of open source, there are few names as synonymous with security than OpenSSH. The latest version of the software—version 9.6—has been released, bringing major improvements to the platform.