Tags: encryption

Security Hygiene for Software Professionals

As software makers, we face a unique threat model. The computers or accounts we use to develop and deliver software are of more value to an attacker than what ordinary computer users have—cloud service keys can be stolen and used for profit, and the software we ship can be loaded with malware ...
Read 0 Comments

How to Password Protect a Folder on Linux/Unix without Encryption

As operating systems, Linux/Unix put the user's privacy and safety above all. While this has resulted in a product that many people swear by, it's also led to certain features that may not be easy to discern at first sight. For instance, the possibility of password protecting directories without...
Read 0 Comments

top-security-tutorials.jpg

security tutorials
Check out these top tutorials from Linux.com to help you improve your Linux server security.

Best Linux Server Security Tutorials on Linux.com

The first rule of Linux server security is to keep your server lean and mean. Only install the packages and run the services that you really need, writes Swapnil Bhartiya in his Linux.com tutorial on making your server more secure. “Even the most hardened servers can be hijacked by exploiting any...
Read 0 Comments

lets-encrypt-security.jpg

Let's Encrypt
We’re incredibly close to a Web that is more encrypted than not, says Josh Aas in this update from the Let’s Encrypt project.

3 Lessons in Web Encryption from Let’s Encrypt

As exciting as 2016 was for encryption on the Web, 2017 seems set to be an even more incredible year. Much of the infrastructure and many of the plans necessary for a 100 percent  encrypted Web really solidified in 2016, and the Web will reap the rewards in 2017. Let’s Encrypt is proud to have been...
Read 0 Comments

Google Ventures into Public Key Encryption

Google's Key Transparency project offers a model of a public lookup service for encryption keys. Google announced an early prototype of Key Transparency, its latest open source effort to ensure simpler, safer, and secure communications for everyone. The project’s goal is to make it easier for...
Read 0 Comments

Google Open-Sources Test Suite to Find Crypto Bugs

Working with cryptographic libraries is hard, and a single implementation mistake can result in serious security problems. To help developers check their code for implementation errors and find weaknesses in cryptographic software libraries, Google has released a test suite as part of Project...
Read 0 Comments

josh-aas-lets-encrypt.png

Josh Aas
Josh Aas of Let's Encrypt explains how the Achilles heel of managing web encryption is not encryption itself, but authentication, which requires trusted third parties, and secure mechanisms for managing the trust chain.

The Urgency of Protecting Your Online Data With Let's Encrypt

We understand that online security is a necessity, so why is only 48.5% of online traffic encrypted? Josh Aas, co-founder of Let's Encrypt, gives us a simple answer: it's too difficult. So what do we do about it? Aas has answers for that as well in his LinuxCon North America presentation. Aas...
Read 0 Comments

How to Fix the Cryptsetup Vulnerability in Linux

A new vulnerability has been found to affect encrypted Debian and Ubuntu systems. Here's how to put a temporary fix on the Cryptsetup issue. Linux enjoys a level of security that most platforms cannot touch. That does not, in any way, mean it is perfect. In fact, over the last couple of years a...
Read 0 Comments

Major Linux Security Hole Gapes Open

An old Linux security 'feature' script, which activates LUKS disk encryption, has been hiding a major security hole in plain sight. The security hole this time is with how Debian and Ubuntu, and almost certainly other Linux distributions, implement Linux Unified Key Setup-on-disk-format (LUKS)....
Read 0 Comments

Let's Automate Let's Encrypt

HTTPS is a small island of security in this insecure world, and in this day and age, there is absolutely no reason not to have it on every Web site you host. Up until last year, there was just a single last excuse: purchasing certificates was kind of pricey. That probably was not a big deal for...
Read 2 Comments

Pages

Click Here!