Security Projects - Page 3.25
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Public source code repositories, from Sourceforge to GitHub, from the Linux Kernel Archives to ReactOS.org, from PHP Packagist to the Python Package Index, better known as PyPI, are a fantastic source (sorry!) of free operating systems, applications, programming libraries, and developers’ toolkits that have done computer science and software engineering a world of good.
Since 41% of organizations are still not confident about their open-source software security, more innovations are needed to change this narrative. Even though software bill of materials offer more visibility, the Open Source Security Foundation seeks to alter SBOMs from just being a mechanism to be organism-based so that they address issues such as changes in metadata and compiler flags, according to Omkhar Arasaratnam, general manager of OpenSSF at The Linux Foundation.
Going back years there has been patches for allowing the Linux x86_64 kernel to build as Position Independent Executable (PIE) code to further enhance the system security. Antgroup engineers most recently have been tackling the Linux x86_64 PIE support and last week sent out a new patch series.
The Cybersecurity Certificate is a new addition to the Google Career Certificate program designed to help job seekers upskill and transition to tech. "Learners will get hands-on experience with industry-standard tools, such as Python, Linux and an array of security tools like security information and event management (SIEM) platforms.
Two of the most important Linux utilities are being rewritten in Rust to provide greater memory safety for the critical functionality they provide.
The latest version of Linux, Linux 6.3, has been released following a "nice, controlled release cycle," according to project boss Linus Torvalds. The release cycle required seven release candidates, which were supported by helpful developer behavior.
The latest Linux kernel boasts security, speed, and power improvements for Intel, AMD, ARM, and RISC-V architectures.
After being deprecated for several years, Security Enhanced Linux "SELinux" beginning with the Linux 6.4 kernel can no longer be run-time disabled.
Supply chain security represents a complex challenge for organizations across industries, but it might be getting just a bit easier today with the release of the SLSA (pronounced salsa) 1.0 specification.
Theo de Raadt has released OpenBSD 7.3 as the 54th release for this BSD operating system project.
A change sent in this Sunday ahead of the Linux 6.3-rc3 release is a late addition adding a throttling mechanism to protect the hypervisor from potentially malicious AMD Secure Encrypted Virtualization (SEV) guests. The change is to protect the AMD Secure Processor from being potentially overloaded with requests by nefarious guest VMs.
After being in development for years, Intel's shadow stack support is set to be merged for the upcoming Linux 6.4 cycle. The shadow stack support is part of Intel's Control-flow Enforcement Technology (CET) security functionality.
The developers of specialized security-testing distro Kali Linux have released the first version of 2023, which marks the project's tenth anniversary… but only in this incarnation.
Linus Torvalds merged to Linux 6.3 Git the TPM CRB support for Microsoft's controversial Pluton security co-processor that is initially found in the latest AMD Ryzen processors.
Linux distro openSUSE has begun enforcing Kernel Lockdown when Secure Boot is enabled, creating issues for many users.
Loongson engineers continue working to improve their MIPS64-derived, RISC-V-inspired LoongArch CPU architecture code. With the in-development Linux 6.3 kernel are yet more improvements, including now supporting Kernel Address Space Layout Randomization (KASLR) for better security.
Microsoft engineers continue to work heavily on enhancing the Linux support for Hyper-V considering that in the Azure public cloud at last report was more than 50% of their VMs running Linux. Microsoft has continued implementing more Hyper-V features within the Linux kernel and their latest is working on Virtual Trust Level (VTL) integration as part of Virtual Secure Mode (VSM) handling.
Back in 2020 Google and the Open-Source Security Foundation (OpenSSF) came up with a "Criticality Score" to rank the importance/criticality of open-source projects. The Criticality Score is a means of quantifying the importance of an open-source project such as if in need of funding or development assistance. Criticality Score 2.0 has now been published.
The first systemd release of 2023 is here, and it introduces a brand spanking new tool for building Unified Kernel Image (UKI) files.
While there has been much work on the Linux kernel's RISC-V CPU architecture support, a feature not tackled until now has been the Kernel Address Space Layout Randomization (KASLR) support for randomizing the kernel mapping to enhance system security.