Netbook users worried about storing sensitive data on their portables are being offered the world's first whole-disk encryption that will run useably on Intel's Atom processor.
You’ve just set up your Linux desktop. Naturally you want it to be as secure as possible. You’ve heard the rumors that, out of the box, Linux has outstanding security. Is it true? Do you really want to take a chance with that? Most likely not. But what can you do? There are tons of firewall tools you can use (take a look at my article “Build a custom firewall with fwbuilder” for an example). But outside of setting up a firewall on your machine, what can you do to boost the security on your desktop?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline. This week we have articles on cryptography, the government, host and network security, intrusion detection, and much more.
When is a 0day in OpenSSH not a 0day? When it's local exploit code. Not the kind that exploits a vulnerability in the system you are logged into, to escalate privilege for example. The kind that takes advantage of potential vulnerabilities in the gray matter between your ears to make a mess of your local system. A reader wrote in to advise us of a potential 0day in the current version of OpenSSH 5.3/5.3p1 released Oct 1, 2009.
Mozilla on Friday said that it had removed two Firefox add-ons from its Web site because they installed malware.
"Two add-ons in the experimental section of addons.mozilla.org were found to be containing malware," Mozilla said on its security blog. "These were not originally detected with the anti-malware scanning tools that we have been using. We have since increased the number of scanning tools, and will be taking additional steps to minimize the risk of further incidents."
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available.
After removing Google's Android driver code from the Linux kernel, Novell Fellow and Linux developer Greg Kroah-Hartman has argued that the mobile OS is incompatible with the project's main tree.
Kroah-Hartman deleted the Android drivers on December 11 - Android code is no more as of version 2.6.33 of the kernel release - and yesterday, with a post to his personal blog, he explained the move in detail.
