LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: June 29th, 2009
Linux Advisory Watch: June 26th, 2009
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Cryptography
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.



IBM develops a way to process encrypted data  29 June 2009 
Source: SC Magazine - Posted by anthony   
A researcher at IBM has developed a way to analyze encrypted data without decoding it, according to a statement from IBM. The breakthrough method leverages a concept called “fully homomorphic encryption,” and stems from achievements an IBM researcher, Craig Gentry, developed on a problem that has stymied researchers for nearly 30 years.

Write Comment

 
LJ Discusses The Risks of Not Encrypting Information  22 June 2009 
Source: Linux Journal - Posted by anthony   
This is a good article on the risks of not encrypting information on laptops, backup tapes, and other media, and the implications of having that data stolen. It would have been nice to have some solutions to these issues too, but perhaps that's for another article. Anyone have a favorite encryption strategy? GnuPG just released a new version. Does everyone have their key?For many companies, the data is the crown jewels. Millions of bytes are circulated every day on networks that, but for a little bit of probing, are as frail as a strand of hair and less well protected. We spend millions of dollars securing and reducing the risk of penetration from the outside, yet very few companies take the basic steps to secure their data internally. There are simple things that we can all do - such as IPSec on the wire, encryption in the backend and proper security on the desktops. We must think about more than a simple username and password scheme when it comes to securing our data from the bad guys, because, quite often, the bad guys are none other than that cute redhead who just asked you to reset her password. And it wasn’t for her account.

Write Comment

 
[Announce] GnuPG 2.0.12 released  17 June 2009 
Source: GnuPG / Werner Koch - Posted by Dave Wreski   
The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data, create digital signatures, help authenticating using Secure Shell and to provide a framework for public key cryptography. It includes an advanced key management facility and is compliant with the OpenPGP and S/MIME standards.

Write Comment

 
"Lost" Puzzle in Wired Magazine  20 May 2009 
Source: Bruce Schneier - Posted by Dave Wreski   
Bruce Schneier has details on the puzzle he created for Wired. Read on to see the puzzle and try and solve it!

For the April 09 issue Wired Magazine, I was asked to create a cryptographic puzzle based on the television show Lost. Specifically, I was given a "clue" to encrypt.

Here are details of the puzzle and solving attempts. Near as I can tell, no one has published a solution.

Write Comment

 
Crypto-Gram Newsletter, May 2009  15 May 2009 
Source: Bruce Schneier - Posted by Dave Wreski   
A free monthly newsletter providing summaries, analyses, insights, and commentaries on security: computer and otherwise.

  • Fourth Annual Movie-Plot Threat Contest Winner
  • Book Review: The Science of Fear
  • An Expectation of Online Privacy
  • News
  • Malicious Contamination of the Food Supply
  • Unfair and Deceptive Data Trade Practices
  • Schneier News
  • Mathematical Illiteracy
  • Conficker
  • Comments from Readers

Great discussion of the Google, Facebook, and other online sites, and their terms of service.Take Google, for example. Last month, the Electronic Privacy Information Center (I'm on its board of directors) filed a complaint with the Federal Trade Commission concerning Google's cloud computing services. On its website, Google repeatedly assures customers that their data is secure and private, while published vulnerabilities demonstrate that it is not. Google's not foolish, though; its Terms of Service explicitly disavow any warranty or any liability for harm that might result from Google's negligence, recklessness, malevolent intent, or even purposeful disregard of existing legal obligations to protect the privacy and security of user data. EPIC claims that's deceptive.

Write Comment

 
RSA Offers Encryption Toolkit Free To Developers  27 April 2009 
Source: Dark Reading - Posted by Dave Wreski   
RSA, the Security Division of EMC, here today launched a program that for the first time gives developers its encryption technology tools for free.

RSA traditionally had licensed only its BSAFE encryption technology, which can cost customers tens of thousands of dollars, but company officials say the timing is right to give developers easier access to tools for building more security features into applications from the ground up, rather than tacking them on later.

Write Comment

 
Linux BIND 9 Security: Transaction Signatures (TSIG) Configuration  27 January 2009 
Source: cyberciti.biz - Posted by Ryan W. Maple   
Vivek Gite submitted a nice article on implementing TSIG in BIND: Transaction signatures (TSIG) is a mechanism used to secure DNS messages and to provide secure server-to-server communication. This includes zone transfer, notify, and recursive query messages. TSIG uses shared secrets and a one-way hash function to authenticate DNS messages, particularly responses and updates.This tutorial discusses the security mechanisms implemented in BIND v8.2+ / v9.x to secure DNS messages and name servers Click-through to read more!

Write Comment

 
Set Up A Fully Encrypted Raid1 LVM System  08 December 2008 
Source: HowToForge - Posted by Bill Keys   
For this Howto I use Debian Lenny (still testing and not "stable" for the simple reason as - contrary to Debian Etch and/or Ubuntu 8.04/8.10 - the install routine does setup the initrd correctly so that you can set up encrypted swap and also an encrypted raid1 lvm during install). This Howto will be heavy on screen shots again - a lot of them are repetitive as I setup multiple partitions at once. If you are interested in setting up an encrypted RAID1 LVM system take a look at this article. It will show you step by step how to do this on your Linux machine.

Write Comment (1 Comments)

 
Data Encryption and Ubuntu  03 December 2008 
Source: ITWire - Posted by Bill Keys   
In a continuing series of articles highlighting that GNU/Linux is a viable replacement operating system, today we're exploring how to encrypt emails using the popular Ubuntu distribution. In the previous article we looked at the basics of using PGP, creating and backing up PGP keys and using them to encrypt files locally. Now we'll look at how to send someone an encrypted email. This article will show you ways to encrypt your email communication. Do you use any software to keep your email private?

Write Comment (1 Comments)

 
Automatically mount Encrypted Filesystems at Login With pam_mount  07 November 2008 
Source: Linux.com - Posted by Bill Keys   
The pam_mount project lets you unlock an encrypted filesystem automatically when you log in. The same password used to log in is used as the key to unlock the encrypted filesystem, so you only need to type it once. Using this method, you can easily share a laptop and have only a single user's home directory unlocked and mounted when he logs in. And pam_mount can mount any filesystem, not just encrypted filesystems, so you can use it, for example, with an NFS share that you are interested in but which you might not like to leave mounted when you are not logged in. Did you ever wanted to know how to mount an encrypted filesystem automatically? This article will show you how.

Write Comment

 
<< Start < Prev 1 2 3 Next > End >>

Results 1 - 10 of 854
    
Partner:

 

Latest Features
Review: Googling Security: How Much Does Google Know About You
A Secure Nagios Server
Never Installed a Firewall on Ubuntu? Try Firestarter
Review: Hacking Exposed Linux, Third Edition
Security Features of Firefox 3.0
Review: The Book of Wireless
April 2008 Open Source Tool of the Month: sudo
Yesterday's Edition

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
  Security Projects ,   Latest News ,  Newsletters ,  SELinux ,  Privacy ,  Home,
 Hardening ,   About Us,   Advertise,   Legal Notice,   RSS,   Guardian Digital
  Home Security Systems, Surveillance Cameras

(c)Copyright 2009 Guardian Digital, Inc. All rights reserved.