Here's a quick list of some of my older writings that are related to the current NSA spying documents: "The Internet Is a Surveillance State ," 2013. The importance of government transparency and accountability, 2013. The dangers of a government/corporate eavesdropping partnership, 2013. "Why Data Mining Won't Stop Terror," 2006. "The Eternal Value of Privacy," 2006. The dangers of our...

LinuxSecurity.com: Inside Fort Meade, Maryland, a top-secret city bustles. Tens of thousands of people move through more than 50 buildings-the city has its own post office, fire department, and police force. But as if designed by Kafka, it sits among a forest of trees, surrounded by electrified fences and heavily armed guards, protected by antitank barriers, monitored by sensitive motion detectors, and watched by rotating cameras.

LinuxSecurity.com: Alexandru Cornea discovered a vulnerability in libdbus caused by an implementation bug in _dbus_printf_string_upper_bound(). This vulnerability can be exploited by a local user to crash system services that use libdbus, causing denial of service. Depending on the dbus [More...]

LinuxSecurity.com: Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More...]

LinuxSecurity.com: Updated python-keystoneclient packages that fix one security issue and multiple bugs are now available for Red Hat OpenStack 3.0 (Grizzly) Preview. [More...]

Edward Snowden broke the law by releasing classified information. This isn't under debate; it's something everyone with a security clearance knows. It's written in plain English on the documents you have to sign when you get a security clearance, and it's part of the culture. The law is there for a good reason, and secrecy has an important role in...

LinuxSecurity.com: Several security issues were fixed in telepathy-gabble.

LinuxSecurity.com: Edward Snowden broke the law by releasing classified information. This isn't under debate; it's something everyone with a security clearance knows. It's written in plain English on the documents you have to sign when you get a security clearance, and it's part of the culture. The law is there for a good reason, and secrecy has an important role in military defense.

LinuxSecurity.com: Mozilla, maker of the popular Firefox web browser, and dozens of political, technology and business groups launched a campaign Tuesday calling for action against federal agencies snooping on citizens on the Internet.

LinuxSecurity.com: Google does not participate in any government program involving a lockbox or other equipment installed at its facilities to transfer court-ordered data to the government, a company spokesman says, refuting with some finality one of the lingering theories about the NSA's PRISM program.

LinuxSecurity.com: Under the banner Stopwatching.us, the Mozilla Foundation, the EFF and 86 other civil liberties organisations have launched a campaign that calls for "a full accounting of the extent to which our online data, communications and interactions are being monitored".

LinuxSecurity.com: Multiple vulnerabilities has been found and corrected in wireshark: * The ASN.1 BER dissector could crash (CVE-2013-3557). * The CAPWAP dissector could crash (CVE-2013-4074). * The HTTP dissector could overrun the stack (CVE-2013-4081). [More...]

LinuxSecurity.com: An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...]

SANSFIRE 2011

Interesting. Crazy as these theories are, those propagating them are not -- they’re quite normal, in fact. But recent scientific research tells us this much: if you think one of the theories above is plausible, you probably feel the same way about the others, even though they contradict one another. And it’s very likely that this isn't the only news...

LinuxSecurity.com: PHP could be made to crash or run programs if it received specially craftedinput.

LinuxSecurity.com: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having [More...]

Ignore the sensationalist headline. This article is a good summary of the need for trust in IT, and provides some ideas for how to enable more of it. Virtually everything we work with on a day-to-day basis is built by someone else. Avoiding insanity requires trusting those who designed, developed and manufactured the instruments of our daily existence. All these...

LinuxSecurity.com: DNS without DNSSec (DNS Security Extensions) is not secure. It's that simple.

LinuxSecurity.com: File storage and sharing using consumer-oriented cloud services can be a security problem for companies that want to avoid sensitive data leaks. ownCloud aims to solve the issue by offering commercial cloud services installed within a company's own datacenter.