Showing all newswire headlines

The Unix/Linux Bash security hole can be deadly to your servers. Here's what you need to worry about, how to see if you can be attacked, and what to do if your shields are down.

Autumn is one of those games that stretches the term game a little bit. There isn't a lot of interaction required, and it's more about relaxing and watching what happens.

MEN Micro announced two rugged, Linux-ready box PCs with 3rd Gen. Intel Core i7 CPUs: the video storage oriented “BL70S” and the wireless focused “BL70W.” The BL70S and BL70W are fanless industrial computers that operate from -40 to 85°C, and feature aluminum fins that facilitate conduction cooling. Earlier MEN Micro box computers had much the same appearance, including the circa-2011, AMD G-Series based BC1. Both computers support Linux, as well as Windows 7 and WES7.

This document describes how to install and configure Jailkit in Debian Wheezy Server. Jailkit is a set of utilities to limit user accounts to specific files using chroot() and or specific commands. Setting up a chroot shell, a shell limited to some specific command, or a daemon inside a chroot jail is a lot easier and can be automated using these utilities.

And the latest is that the bug, now officially known as Shellshock, is being exploited by a computer worm. But nobody seems to know the extent to which the attacks have been successful.

Arbor Solution has launched a rugged, Android-based “Gladius 5? handheld with a quad-core SoC, 5.5-inch touchscreen, dual SIMs, NFC, and barcode scanning.

Updated packages that resolve CVE-2014-6271 and CVE-2014-7169 (collectively known as “Shellshock”) have now been built for Fedora 19, 20 and 21 Alpha. These packages still need to make their way through the package release system and to the mirrors, but they should be available through the regular update channels shortly.

It is easy to see why new users get so frustrated with open source OSes. It should work out of the box with minimal hassle, so let's take the hard part out of it for them.

In today's Android roundup: Google could release Android L on November 1st. Plus: A guide on how to switch from iOS to Android, and how to repair a bent iPhone 6 Plus.

The vulnerability reported in the GNU Bourne Again Shell (Bash) yesterday, dubbed "Shellshock," may already have been exploited in the wild to take over Web servers as part of a botnet. More security experts are now weighing in on the severity of the bug, expressing fears that it could be used for an Internet "worm" to exploit large numbers of public Web servers. And the initial fix for the issue still left Bash vulnerable to attack, according to a new US CERT National Vulnerability Database entry. A second vulnerability in Bash allows for an attacker to overwrite files on the targeted system.

A parsing flaw related to functions and environments in Bash could allow attackers to inject code. The unaffected packages listed in GLSA 201409-09 had an incomplete fix.

After a series of clashes with Google, Europe's data privacy watchdogs have drawn up a list of measures they'd like to see the search giant implement.

One night earlier this year, while playing around with a new anonymous-sharing app called Secret, Benjamin Caudill was gripped by a familiar sensation: This thing is not secure.

If you are wondering how to deploy the OpenStack cloud and Trove, the database as a service on OpenStack in production, take a look at this video which goes into great detail about both.

When Red Hat declared they were going all in on the cloud and OpenStack this week, they effectively announced the end of the client-server era as the dominant computing paradigm inside organizations. Enterprise Linux and client-server aren't going away tomorrow of course, but it's fair to say the torch has been passed.

We just wrote about an audio equipment manufacturer trying to argue that it was criminal for someone to resell their products. While this was obviously crazy, never underestimate the lengths that some companies will go through these days to try to block people from selling products they (thought they had) legally bought. And guess what tool they're using to block you from actually owning the products you bought? Why copyright, of course. It's yet another example of how copyright is often used to block property rights rather than to create them.

Mod_Security is free and open source web application firewall for Apache and Nginx. It is very useful for protecting your web server from various attacks by blocking most of the known exploits using regular expressions and rule sets. Mod_security can detect attacks by monitoring and analyzing the HTTP traffic in real time.

The Blackwell series cemented Wadjet Eye Games' position as one of the most beloved modern developers of classic point-and-click adventures. Today the first three games will be available for purchase on Linux.

Toradex is adding a Freescale i.MX6-based model to its SODIMM-style Colibri family, with up 4GB eMMC flash, industrial temperature range, and Linux support. The “Colibri i.MX6? computer-on-module follows the same 67.6 x 36.77mm, SODIMM-style form-factor as earlier Colibri COMs like the Freescale Vybrid VF6xx based Colibri VF61. Toradex has already supported the Freescale i.MX6 on its larger Apalis iMX6 computer-on-module format.

In this guide we will show you how install HumHub on an Ubuntu VPS with Nginx and MariaDB. HumHub is a flexible open source social network application written in PHP on top of the Yii framework. HumHub has a bunch of great features such sharing documents and files, responsive design, user spaces, activity stream and many more.