Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Peter Smith Releases Linux Network Security Online - Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

  Open source trounces proprietary software for code defects, Coverity analysis finds (Apr 18)
 

Forget bad headlines generated by the Heartbleed flaw, when it comes to code defects open source is still well ahead of proprietary software, generating fewer coding defects for every size of project, according to a new analysis by scanning service Coverity.
  Why a hacker got paid for finding the Heartbleed bug (Apr 15)
 

Thank the hackers. This week's Heartbleed vulnerability has everyone running scared (see box below to read what you might do to protect yourself). The serious crack in the foundations of the supposedly secure internet was revealed earlier this week by a software engineer probing website security in his spare time.
  Galaxy S5 fingerprint scanner hacked with glue mould (Apr 16)
 

The researchers fooled the new handset using a mould made out of glue. The fingerprint sensor on Samsung's Galaxy S5 handset has been hacked less than a week after the device went on sale.
  'Snowden effect' has changed cloud data security assumption, survey claims (Apr 16)
 

Edward Snowden's revelations of sophisticated NSA spying has made many senior IT staff distinctly edgy about their use of the cloud with nine out of teen paying closer attention to where data is stored, a survey of global attitudes has found.
  (Apr 14)
 

A federal appeals court on Friday overturned the conviction of a prominent computer hacker whose imprisonment had highlighted a growing debate over whether the government is overreaching in its campaign against cybercrime.
  (Apr 17)
 

Canadian mounties have arrested a teenager who, they say, used the Heartbleed Internet bug to hack into the country's tax agency.
  Hackers From China Waste Little Time in Exploiting Heartbleed (Apr 15)
 

For those who don't feel the urgency to install the latest security fixes for their computers, take note: Just a day after Heartbleed was revealed, attacks from a computer in China were launched.
  Tests confirm Heartbleed bug can expose server's private key (Apr 14)
 

Four researchers working separately have demonstrated a server's private encryption key can be obtained using the Heartbleed bug, an attack thought possible but unconfirmed.
  Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker (Apr 15)
 

Twee UK parenting website Mumsnet is the second high-profile organisation to claim it has fallen victim to the infamous Heartbleed OpenSSL vulnerability.
  (Apr 18)
 

Heartbleed has dominated tech headlines for a week now. News outlets, citizen bloggers, and even late-night TV hosts have jumped on the story, each amping up the alarm a little more than the last one. But while it's true Heartbleed is a critical flaw with widespread implications, several security experts we've spoken with believe the sky-is-falling tone of the reporting is a bit melodramatic.
  (Apr 21)
 

Q: I'm nervous about keeping my online banking safe on my regular PC. Should I buy a Chromebook and use it just for that?A: Cheap laptops running Google's Chrome OS have a lot going for them as long as you don't need conventional, disk-based apps and rarely lack for bandwidth.