FOSS Force News Wire

Jay Beale: Linux Security and Remembering Bastille Linux

Jay Beale Linux security

“Secure by design” doesn’t mean that Linux users should take a carefree approach to security. On the Internet, somebody’s always hiding behind the firewall trying to pick the lock.

The FOSS Force Video Interview

Security expert and co-creator of the Linux-hardening (and now Unix-hardening) project Bastille Linux. That’s Jay Beale. He’s […]

Continue reading Jay Beale: Linux Security and Remembering Bastille Linux

Encrypted File Sharing Service Tresorit Offers Linux Desktop Client, But…

Tresorit Linux Client

At first glance, Tresorit’s end-to-end file sharing service looks like it might be able to overcome its proprietary nature and win favor with some Linux users. Unfortunately, the service comes with another issue that might be an insurmountable deal breaker for some.

The FOSS Force Review

On Thursday I received an […]

Continue reading Encrypted File Sharing Service Tresorit Offers Linux Desktop Client, But…

Ghosts in the Voting Machines

Voting Machine

Whether or not foreign governments are planning on manipulating our election results in November, it’s past time we started taking the security of electronic voting seriously.

Op-ed

Even if it turns out that the FBI’s suspicions that Russian government forces are behind the hacking of the Democratic party turn out to […]

Continue reading Ghosts in the Voting Machines

Ubuntu Hacked, Linux Journal Extremists & More…

Bumblehive NSA

Also included: Microsoft shows love of Linux with gift of Skype and Torvalds continues to be Torvalds.

FOSS Week in Review

The biggest Linux story this week by mainstream tech sites’ standards was Skype working to include Linux users in its installed base by releasing a new Linux client to replace […]

Continue reading Ubuntu Hacked, Linux Journal Extremists & More…

David A. Wheeler: Working to Prevent the Next Heartbleed

David A. Wheeler Core Infrastructure Initiative

The Heartbleed bug revealed that some important open source projects were so understaffed that they were unable to properly implement best security practices. The Linux Foundation’s Core Infrastructure Initiative , formed to help open source projects have the ability to adopt these practices, uses a lot of carrot and very little stick.

[…]

Continue reading David A. Wheeler: Working to Prevent the Next Heartbleed

SourceForge Tightens Security With Malware Scans

SourceForge warning badge

After taking down the controversial DevShare program in early February, the new owners of popular software repository, SourceForge, have begun scanning all projects it hosts for malware in an attempt to regain trust that was lost by Dice Holdings, the site’s previous owners.

It appears as if the new owners at SourceForge are […]

Continue reading SourceForge Tightens Security With Malware Scans

ImageMagick’s ImageTragick: Exploits Not Yet Widespread

ImageMagick logo

Breaking News: Patched versions of ImageMagick now available. FOSS Force has now learned that the ImageTragick hole has been patched in versions 7.0.1-2 and 6.9.4-0. Websites using ImageMagick are urged to upgrade.

Security researchers are reporting that cracker/hackers are currently taking advantage of ImageTragick, the easy to exploit security vulnerability in ImageMagick, a popular open […]

Continue reading ImageMagick’s ImageTragick: Exploits Not Yet Widespread

WordPress Plugin ‘Ninja Forms’ Security Vulnerability

FOSS Force has just learned from Wordfence, a security company that focuses on the open source WordPress content management platform, that a popular plugin used by over 500,000 sites, Ninja Forms, contains serious security vulnerabilities.

In a blog post on Thursday morning, Wordfence writes:

Ninja Forms versions 2.9.36 to 2.9.42 contain multiple vulnerabilities. One of […]

Continue reading WordPress Plugin ‘Ninja Forms’ Security Vulnerability