LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 22nd, 2014
Linux Advisory Watch: September 19th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Cryptography
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.



SanDisk ships its first self-encrypting SSDs  14 May 2014 
Source: Network World - Posted by Dave Wreski   
SanDisk today released its first self-encrypting SSDs, a line of drives aimed at enterprises. SanDisk's new X300s SSD uses both the Trusted Computing Group's Opal 2.0 specification and Microsoft Encrypted Hard Drive hardware-based encryption to protect data on the drive.
 
Fake Digital Certificates Found in the Wild While Observing Facebook SSL Connections  13 May 2014 
Source: The Hacker News - Posted by Dave Wreski   
Visiting a website certified with an SSL certificate doesn't mean that the website is not bogus. Secure Sockets Layer (SSL) protect the web users in two ways, it uses public key encryption to encrypt sensitive information between a user's computer and a website, such as usernames, passwords, or credit card numbers and also verify the identity of websites.
 
Internet Subversion  12 May 2014 
Source: Schneier on Security - Posted by Dave Wreski   
In addition to turning the Internet into a worldwide surveillance platform, the NSA has surreptitiously weakened the products, protocols, and standards we all use to protect ourselves. By doing so, it has destroyed the trust that underlies the Internet. We need that trust back.
 
TLS 1.3 Working Group Has Consensus to Deprectate RSA Key Transport  09 May 2014 
Source: ThreatPost - Posted by Dave Wreski   
The IETF working group responsible for the TLS 1.3 standard is closing in on a decision to remove RSA key transport cipher suites from the protocol.
 
Heartbleed was a headache, but far from fatal  09 May 2014 
Source: TechWorld - Posted by Dave Wreski   
It's been a month since the Heartbleed Bug set off a stampede to patch software in everything from network gear to security software as it quickly became evident that vulnerable versions of the OpenSSL encryption code had been very widely deployed.
 
11 reasons encryption is (almost) dead  05 May 2014 
Source: Network World - Posted by Dave Wreski   
Everyone who has studied mathematics at the movie theater knows that encryption is pretty boss. Practically every spy in every spy movie looks at an encrypted file with fear and dread. Armies of ninjas can be fought. Bombs can be defused. Missiles can be diverted.
 
Heartbleed postmortem: OpenSSL's license discouraged scrutiny  02 May 2014 
Source: InfoWorld - Posted by Dave Wreski   
Weeks after the OpenSSL debacle, the question still stands: Why did so few people show up to work on such widely-used and important code? Since the problem arose, funds have flowed in to fix it at the behest of corporate giants, but before the crises, few volunteers participated. One leading open source expert has suggested a reason: licensing.
 
Hacker claim about bug in post-Heartbleed OpenSSL encryption likely a scam  28 April 2014 
Source: PC World - Posted by Dave Wreski   
Security experts have expressed doubts about a hacker claim that there’s a new vulnerability in the patched version of OpenSSL, the widely used cryptographic library repaired in early April.
 
Targeted Attack Uses Heartbleed to Hijack VPN Sessions  22 April 2014 
Source: ThreatPost - Posted by Alex   
A targeted attack against an unnamed organization exploited the Heartbleed OpenSSL vulnerability to hijack web sessions conducted over a virtual private network connection.
 
Fixing OpenSSL's Heartbleed flaw will take MONTHS, warns Secunia  22 April 2014 
Source: The Register UK - Posted by Dave Wreski   
Expunging the Heartbleed bug from vulnerable computers and gadgets is likely to take months, according to a leading vuln research firm. The cautionary assessment by Secunia comes as more and more products are judged to be vulnerable to the infamous OpenSSL security flaw.
 
<< Start < Prev 1 2 3 Next > End >>

Results 21 - 30 of 1116
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Snowden: New Zealand Is Spying, Too
DDoS attackers turn fire on ISPs and gaming servers
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.