LinuxSecurity.com - Latest News

The Computer Security Paradox

Fri, 09 May 2008 06:02:27 +0000

LinuxSecurity.com: One of the most prized rights of any American is the right to privacy and security. It's something people in some countries would kill for. Yet now there appears to be a very frightening trend growing. Your privacy and security are being thrown out the window wholesale in favor of easier access by law enforcement. A recent example of this can be seen with the announcement that Microsoft has been providing a tool to investigators that can effectively rip your Windows security to shreds in seconds, exposing all your private data to whoever wants to look at it.

A Guide to Cryptography in PHP

Thu, 08 May 2008 08:00:00 +0000

LinuxSecurity.com: In an ideal world, words like cryptography and security wouldn't even exist, but the real world is far from perfect, so software developers have to spend a good deal of time building security into applications. Cryptography is just one piece of the security puzzle, along with SSL/TLS, certificates, digital signatures, and so on. This article explains how to use PHP to implement the most common cryptographic algorithms. In addition to describing PHP's default encryption functions, you'll see how to use a wide variety of cryptographic libraries and packages. Building security into your web applications is an important skill to have. Have you thought about adding cryptography to your php programs? If so this article looks at ways of doing so.

Firefox Infects Vietnamese Users With Trojan Code

Thu, 08 May 2008 11:38:56 +0000

LinuxSecurity.com: Mozilla, the maker of the open source Firefox browser, is redoubling its efforts to check user created add-ons for viruses and Trojans after it discovered that a language pack on its official add-on page had been infected for months with rogue code, the organization reported Wednesday.

Computer Forensics Procedures, Tools, and Digital Evidence Bags: What They Are and Who Should Use

Thu, 08 May 2008 11:34:55 +0000

LinuxSecurity.com: Computer forensics is the application of computer investigation and analysis techniques to determine potential legal evidence. Since computers are vulnerable to attack by some criminals, computer forensics is very important. Understanding computer forensic procedures will help to capture vital information which can be used to prosecute an intruder that compromises a computer or network. Also, deciding on the specific tools for computers or other equipment that is needed to correctly analyze evidence is crucial. These tools are very useful but bigger companies that handle more equipment and information might benefit from something that can combine all these tools into one application.

sshpass - Non-Interactive SSH Password Authentication

Thu, 08 May 2008 10:31:31 +0000

LinuxSecurity.com: SH's (secure shell) most common authentication mode is called "interactive keyboard password authentication", so called both because it is typically done via keyboard, and because openssh takes active measures to make sure that the password is, indeed, typed interactively by the keyboard. Sometimes, however, it is necessary to fool ssh into accepting an interactive password non-interactively. This is where sshpass comes in. This article looks some of the security concerns with using sshpass. Do you use sshpass? If so do you think about the security issues with it.

Firefox 3: Site Identification button

Wed, 07 May 2008 09:08:57 +0000

LinuxSecurity.com: Ensuring that users are safe, secure, and protected while they browse the Web is one of the greatest challenges facing browser makers. Browser security involves a delicate balance between protecting the user from the dangers that exist on the Web and overly restricting the user's freedom to go where she wants and see what she wants while surfing.
One of my favorite new Firefox 3 security features is the Site Identification button. This button replaces and builds upon the ubiquitous "padlock" icon that has for so long been the primary security indicator used in browsers. Firefox 2, for example, indicates that the connection to a site is encrypted by changing the background color of the location bar and displaying a padlock icon.