Linux.com

NewsVac: News from around the Web

• Which Top Apps Have the Most Security Holes? 11 months, 2 weeks ago
  
  Some of the most-used applications on Windows today are also some of the most vulnerable to security flaws. And it's often the user's fault.
• MySQL 5.1 Takes Off Despite Controversy 11 months, 2 weeks ago
  
  Ten days after first being officially released as generally available (GA), software, Sun Microsystems is now claiming its open source MySQL 5.1 database server is being well received. It's a claim that stands in contrast to the initial claim of MySQL founder Monty Widenius who last week published a long diatribe discussing the multiple failures of MySQL 5.1.
• RIM Aims to Boost Security Technology 11 months, 2 weeks ago
  
  Research in Motion is making a $66 million dollar hostile bid to acquire security cryptography company Certicom Corp.
• Microsoft and RSA partner on Data Loss Prevention 11 months, 3 weeks ago
  
  Microsoft and EMC's RSA on Thursday announced an expanded technology partnership around digital rights management in the enterprise.
• Growth in Internet crime calls for growth in punishment 11 months, 3 weeks ago
  
  Internet crime is now more prevalent and more professional than ever before. F-Secure believes that against a background of steeply increasing Internet crime, the obvious inefficiency of the international and national authorities in catching, prosecuting and sentencing Internet criminals is a problem that needs to be solved.
• Expand your user-authentication options with mouse dynamics 11 months, 3 weeks ago
  
  In this article, learn how to apply the open source tools cnee and Perl in mouse-click dynamics to measure the more subtle characteristics of human-computer interaction. Also, learn how to use the number and hold time of mouse-click events to help authenticate users.
• Set up a SSH-based point to point connection 11 months, 4 weeks ago
  
  OpenSSH version 4.3 introduced a new feature: the ability to create on-the-fly "Virtual Private Networks" via the tunnel driver (the so-called "tun" driver). This allows you to create a network interface that bridges two physically disparate network segments in different locations. This article explains how to use SSH to set up SSH-based point to point connections with OpenSuse 11.0 which can then be used to create routes that create virtual private networks.
• Mobile eID security issues examined by ENISA 1 year ago
  
  In the near future, we will pay our taxes, buy metro tickets or open bank accounts over our phone. Mobile devices, national ID-cards, smart phones and PDAs, will play an ever more important role in the digital environment. However, as is the case with many new technologies, the pervasive use of mobile devices also brings new security and privacy risks. ENISA looks at different use-cases for electronic authentication using mobile devices. They identify the security risks which need to be overcome, give an opinion about their relevance, and present mechanisms that help in mitigating these risks.
• Worst-ever software security blooper? 1 year ago
  
  T-Mobile has issued an over-the-air fix for a laughable Android security bug that caused anything typed into its G1 phone to be interpreted by a root shell process. Prior to the fix, hackers briefly enjoyed root shell access, leading to such fun as Debian installations on
• Yoggie opens up its miniature hardware firewall 1 year ago
  
  Yoggie Security Systems launched its new Open Firewall Pico and Open Firewall SOHO, the first open hardware firewalls based on its Gatekeeper technology. The Open Firewall products are extremely powerful Linux-based miniature computers with 520 MHz ARM CPU, 128 RAM and 128 Flash memory. These unique products will enable developers, security professionals and hobbyists to experiment with Yoggie's own open source hardware firewall for the first time.
• Chinks Appear in WPA's Wireless Security Armor 1 year ago
  
  A partial crack could signal problems ahead, given today's wide reliance on WPA for wireless security.
• Install and Configure Nagios to Administer a Networking System 1 year ago
  
  Learning Nagios 3.0 is a new book from Packt that will introduce Nagios to System Administrators who are interested in monitoring and maintaining their systems. Written by Wojciech Kocjan, this book will help users understand how Nagios works, and help set up and configure its latest version.
• G1 is Jailbroken 1 year ago
  
  Well, it didn't take too long. G1 is jailbroken. Full system access, read and write, has been obtained. And this method is quite easy. A few folks at the xda-developers forum discovered you can start telnet on the device by downloading PTerminal from Android Market, and then you can telnet to the device from your computer.
• Critical vulnerability in Adobe Reader 1 year ago
  
  Core Security Technologies issued an advisory disclosing a vulnerability that could affect millions of individuals and businesses using Adobe’s Reader PDF file viewing software. Engineers from CoreLabs determined that Adobe Reader could be exploited to gain access to vulnerable systems via the use of a specially crafted PDF file with malicious JavaScript content. Successful exploitation of the vulnerability requires that users open a maliciously crafted PDF file thereby allowing attackers to gain access to vulnerable systems and assume the privileges of a user running Acrobat Reader. Adobe Reader version 9, which was released in June 2008, is not vulnerable to the reported problem.
• Android-Powered G1 Mobile Phone Flaw Patched 1 year ago
  
  On October 24th, as Lisa reported, a serious vulnerability was discovered in the Google Android powered G1 mobile phone. Though security researchers classified the flaw in the Android browser as serious, Google assured users that the risk wasn't necessarily as dire as it seemed, due to the way the Android operating system restricts each application to its own area.
• More News