You are here

Subscribe to Feed
The central voice for Linux and Open Source security news.
Përditësimi: 2 ditë 2 orë më parë

yescrypt - modern KDF and password hashing scheme

Pre, 16/03/2018 - 12:22md yescrypt is a password-based key derivation function (KDF) and password hashing scheme. It builds upon Colin Percival's scrypt and includes classic scrypt, a minor extension of scrypt known as YESCRYPT_WORM (named that for "write once, read [potentially] many [times]", which is how scrypt works), and the full native yescrypt also known as YESCRYPT_RW (for "read-write").

The Chrome extension that knows its you by the way you type

Pre, 16/03/2018 - 12:10md Using multi-factor authentication (MFA) is more secure than relying on passwords alone - but could it be made even better?

Warning - 3 Popular VPN Services Are Leaking Your IP Address

Pre, 16/03/2018 - 12:09md Researchers found critical vulnerabilities in three popular VPN services that could leak users' real IP addresses and other sensitive data.

Why a hard drive RAID array can save your bacon

Enj, 15/03/2018 - 11:28pd How valuable is your data? If your storage drive crashed, would it ruin your day? Your week? Your entire career? Only you can answer those questions for yourself and your organization. But I'll tell you, personally, I need my files -- not only to get my day-to-day job done, but to reference older information and even look at personal keepsakes (like all my digital photos).

Linus Torvalds slams CTS Labs over AMD vulnerability report

Enj, 15/03/2018 - 11:27pd CTS Labs, a heretofore unknown Tel Aviv-based cybersecurity startup, has claimed it's found over a dozen security problems with AMD Ryzen and EPYC processors. Linus Torvalds, Linux's creator, doesnt buy it. Torvalds, in a Google+ discussion, wrote:

Samba settings SNAFU lets any user change admin passwords

Mër, 14/03/2018 - 12:41md Samba admins: get patching and/or updating. Unless you're content to have your admin passwords overwritten by, well, anyone else using Samba.

Let's Encrypt free wildcard certificates now live

Mër, 14/03/2018 - 12:03md A project dear to its heart, Let's Encrypt has now made wildcard certificate support live in the next step to encrypt the Web. The certificate authority, which offers free SSL and TLS certificates to webmasters, said this week that support is now live for wildcard certificates, alongside ACMEv2.

FBI: we don't want a backdoor; we just want you to break encryption

Mar, 13/03/2018 - 12:19md "We're not looking for a 'back door'" that breaks encryption, the FBI said on Wednesday. Don't even know what that is, really, said director Christopher Wray: He thinks it's some type of "secret, insecure means of access" - is that right?

Firefox turns out the lights on two privacy-sucking features

Mar, 13/03/2018 - 12:18md Did you know that the websites you browse can ask your phone how far away your face is from the screen, and that they can determine the ambient light levels of the room you're in? No, me neither, and I do this stuff for a living.

SparkyLinux 5.3 Rolling Linux OS Debuts Based on Debian GNU/Linux 10 "Buster"

Hën, 12/03/2018 - 12:38md The developers of the Debian-based SparkyLinux GNU/Linux operating system announced over the weekend the release of the SparkyLinux 5.3 "Nibiru" Rolling ISO snapshot.

How Creative DDOS Attacks Still Slip Past Defenses

Hën, 12/03/2018 - 12:17md Distributed denial of service attacks, in which hackers use a targeted hose of junk traffic to overwhelm a service or take a server offline, have been a digital menace for decades. But in just the last 18 months, the public picture of DDoS defense has evolved rapidly.