News about Linux security, security alerts and exploits

 Bruce Almighty: Schneier preaches security to Linux faithful, Dec 27, 2007

Schneier is one of three keynote speakers at Linux.conf.au 2008 and speaks with Dahna McConnachie about his presentation, books and thoughts.

For any parent, myself included, setting your kids loose on the net is a daunting prospect. We have to do it because the net is a fact of life - it's in our schools, the workplace, public libraries and in many if not most homes of the developed world. Therefore, do we really have any option but to give them Linux?

Fedora has fixed a 'highly critical' flaw in the OpenOffice suite of products more than two weeks after it was first discovered.

Even criminals are branching out from the Windows operating system, eBay's security chief says.

Security experts have discovered TIFF-based buffer overflow vulnerabilities in OpenOffice.org that could allow attackers to remotely execute code on Linux, Windows or Apple Mac-based computers.

A few days late, SCO finally released its financial report, Form 10-Q, on Sept. 18 for the quarter ending on July 31. The news was bad. How bad? SCO admits that "there is substantial doubt about the company's ability to continue as a going concern."

Voice over IP outfit Skype has been caught snooping on parts of your PC operation again.

A vulnerability has been discovered in the NVIDIA graphic drivers, allowing for a Denial of Service.

Linux software vendor a la Mobile has released a security component that is designed to protect smartphones running the company's mobile operating system.

The Mozilla organization has released an update to its Thunderbird 2.x e-mail client that fixes two critical security holes. These same fixes were also recently implemented in Firefox 2.0.0.5.

Just days after a security researcher blasted its Java patching system, Sun Microsystems has issued a critical update to the consumer version of its Java software.

Microsoft patched fewer security flaws on its Windows Vista operating system than any other recently released desktop operating systems, the company boasted in a new study.

The FBI is in the process of locating and notifying the users of one million computers controlled by hackers through automated crime networks or "botnets," officials said Friday.

Malware targeting OpenOffice documents is spreading through multiple operating systems including Mac OS, Windows and Linux, according to Symantec.

Yoggie Security Systems has squeezed a complete hardware firewall for Windows systems into a USB key sized form-factor. The "Yoggie Pico" runs Linux 2.6 along with 13 security applications on a 520MHz PXA270, a powerful Intel processor popular in smartphones and other high-end consumer devices.

A newly-discovered worm targeting OpenOffice attempts to download indecent JPEG images onto compromised Windows, Mac and Linux PCs.

Users of the open-source Samba software are being urged to patch their code following the discovery of a critical bug in the file-and-print software.

Adding more fuel to the Linux versus Windows fire, a US research firm this week released a survey that noted only eight percent of Linux developers had ever seen a virus infect their systems.

I had my suspicions, but now they are confirmed. One day, security holes in the Microsoft family of operating systems will be the downfall of our electronic society.

A researcher from France Telecom has discovered the first remotely exploitable 802.11 WiFi bug on a Linux machine.

According to Symantec's tally, 40 Firefox vulnerabilities were disclosed between August and December 2006; Internet Explorer (IE), meanwhile, was hit with 54 bugs. Opera and Safari -- the browser Apple bundles with Mac OS X -- had four flaws each.

... almost one-third of the 39 Windows holes were high severity, and 20 were medium severity. Just two of the 208 Red Hat Linux security holes discovered were high severity

When Red Hat released the latest version of Red Hat Enterprise Linux desktop, the company fixed nearly 50 vulnerabilities, including some "critical" bugs.

Yoggie Security Systems has introduced inexpensive personal and small-business versions to its line of tiny, Linux-based firewalls for laptops and PCs.

In last month’s column, I said “I’m more secure on a Mac than I was on Windows XP.” Some of you asked how Linux fares in that comparison.

The One Laptop Per Child project, which proposes to give every child in the developing world a computer of his own, dazzled fans with the unveiling of its little green "$100 laptop" in November 2005. Now it's impressing hard-bitten security geeks with a plan to lock down the hundreds of millions of educational machines against spyware and computer intruders.

In what appears to be a twist on the conventional wisdom that Windows systems are more vulnerable to viruses than Linux systems, some of TomTom's GPS navigation gadgets appear to have infected Windows PCs with a "low risk" virus.

Linux distributor Debian issued a security advisory over the weekend, warning of several problems in Mozilla and associated products such as Mozilla Firefox.

According to the error report, this made it possible, under certain circumstances, to log onto an account using any password.

Alan Cox, one of the leading Linux kernel developers, has told a U.K. House of Lords hearing that neither open nor closed source developers should be liable for the security of the code they write.

The stable-kernel team has released the Linux kernel 2.6.19.2, which does away with a critical error that occurred when data was being written on hard disks and plugs a number of security holes.

 View older news this year: Sep Aug Jul Jun May Apr Mar Feb Jan
 View news from other years: 2007, 2006, 2005, 2004, 2003, 2002, 2001, 2000, 1999
 View older news in category Security this year: Aug Jul May Apr Feb Jan
 View Security news from other years: 2007, 2006, 2005, 2004, 2003