24 Results for security

Guest Post: What You Need to Know about Virtualization Security


One of the most important responsibilities of today's sysadmins and IT managers is to make sure any virtualized servers they're responsible for are locked down and protected from malicious or accidental mischief. Yvo Van Doorn, sales engineer at open source audit and authentication vendor Likewise, takes a look at what you need to know about keeping developing an effective game plan for virtualization security.

KeePass 2.13 Released, Sports Big Batch of New Features


If you're not familiar with KeePass, a terrific free, open source password manager for Windows, you really ought to get to know it. In fact, it's on our own Sam Dean's list of 10 free OSS security applications that you can trust. Already a robust application for locking down all your passwords, it just got better now that the development team released KeePass 2.13 with a batch of new features and improvements.

The app's database stores all your password and registration in one place, and secures them with a single master password that accessible to no one but the user. In fact, KeePass' encryption is so strong that even if you used every computer in the world to simultaneously attack it's database, decrypting it would take longer than the age of the universe.

Android Rootkit Points To Next-Gen Mobile Security Threats

Is the next wave of security threats going to focus on mobile platforms? Doomsayers have been saying so, for years, of course, and yet the number of malware problems that reach any level of severity on mobile platforms is very low. There are lots of differences between the desktop computing model and the mobile model that have to do with why, and other reasons. But a new Android rootkit raises interesting questions about future mobile threats.

OStatic Buffer Overflow...

Bad economy is a gift that keeps giving to Red Hat. Red Hat notched its fourth consecutive quarter of exceeding analyst expectations for profits.

How open is open core and is that open enough? If the center of a product is open source, does that mean it's truly open?

75 top open source security apps. Datamation's annual collection is exhaustive.

School leaders interested in open source-based Internet testing. A report includes findings from over 80 interviews.

Am I really running Ubuntu? Is there any real reason I can't switch from it?

Google Releases Open Source Webapp Security Tool

Google Open Source Programs

Security-minded developers will want to take note of Google's newest open source application security tool, skipfish. It's a fully automated web application that scans your web site looking for security holes and flaws.

Skipfish is designed to work will several different kinds of Web app frameworks, and is built to be speedy while still returning a low incidence of false positives. That's good news for developers but also for people with nefarious intent. As ZDnet's Garett Rogers points out, On the flip side, a tool that does a good job of detecting vulnerabilities like this, will naturally be used by people looking to abuse it as well.

Nmap Gets a Major Update

Nmap users have a lot to be excited about in the 5.20 release announced on Wednesday. The 5.20 release brings a bunch of changes and improvements to Nmap. The traceroute engine has been rewritten, Nmap now has more than 10,000 signatures to detect the operating system and version of devices, and Nmap has received numerous performance improvements and reduced memory consumption.

Network admins will no doubt be excited to learn that Nmap is now ready to identify Snow Leopard systems, Android Linux smartphones, and Chumby's, among other OSes that Nmap can now identify. How much has Nmap reduced memory consumption? According to the release notes, Nmap has seen a dramatic improvement:

BerliOS Hosting Site Hacked

BerliOS Logo

The BerliOS open source software portal was compromised and recently had its home page defaced, but no disclosure has been made on the site.

Rather than seeing the news from BerliOS, users have had to find out through LWN and Heise. There's no information on the attack at all on the developer services page and there seems to be no information on the front page either since the defaced page was removed.

Research Shows FOSS Bugs Get Rapid Response, Commercial Software Not So Much

Not that this should surprise anyone familiar with the open source community, but a new study shows bugs in open source software get fixed more quickly than issues in commercial software. Technology news Web site V3.co.uk got an early look at the results of research conducted by application security firm Veracode, which indicate security issues in open-source software typically take less than a week to remediate and report on, or three man hours of effort.

The news isn't all rosy, however. Evidently, only 24 percent of open source projects meet an acceptable level of security compared to an equally dismal 23 percent of commercial software. All code is pretty bad, whether commercial or open-source, but the fixes are done more quickly and efficiently with open source. There are more eyeballs on the code, and [programmers] seem to take more pride in their work, Veracode president and chief executive Matt Moynahan told V3.co.uk.

Likewise Software's New Starter Packs Make Upgrading Easier for Enterprise


We've written a number of times about open source security and authentication applicaiton vendor Likewise Software, because they're a quality company with a great product line. Likewise Open supports over 125 platforms and links Linux, Unix, or Mac systems to Active Directory domains in one easy step. Likewise Enterprise allows IT departments to authenticate users, create reports for regulatory audits, and control access to applications and data.

If your IT department has been considering giving Likewise a whirl, the free download of Likewise Open is available for the taking. If you're already a Likewise Open customer, then you'll want to listen up. Tomorrow, the company is formally announcing new ways to upgrade to Likewise Enterprise but we've got the skinny right now.

Five Power Tools for Pidgin


Pidgin is a great GTK2-based instant messenger application that supports a bevy of protocols, including ICQ, Yahoo!, MSN, Jabber, and AIM. It's a terrific app in its own right, but when you add some of these power tools, Pidgin is even better.

pidgin-hotkeys - Use this plugin to assign global hotkeys to quickly perform regular tasks like fetching messages, toggling the buddy list, or opening the preferences pane. Also available in German and Swedish.

View Page: 12 3

Promote Open Source Knowledge by sharing your thoughts, listing Alternatives and Answering Questions!