Collaborate Disseminate
For sensitive application it is necessary to protect against sensitive data being written to disk on application crash. Some distributions (like Ubuntu) have daemons (apport, whoopsie) collecting crash information and sending… Continue reading How to robustly disable core dumps in application code regardless of Linux distribution configuration [migrated]
Imagine user downloads and burns installation USB stick on their compromised Linux system. Are there any known malware that is capable of spreading via Linux distributions installation media so that after reinstallation syste… Continue reading Malware spreading via installation media
There was a bunch of security fixes of Firefox vulnerabilities published this year. Is there statistics for wide spread (not targeted) exploits of them for Linux platform?
Continue reading Statistics for exploits of vulnerabilities in Firefox on Linux [on hold]
As a regular developer I’m curious about looking at new projects. Let’s say today I want to contribute to open source project in Python. This project is on GitHub and I a kind of confident in people behind this project. The o… Continue reading What would be reasonable approach for sandboxing new project to be protected against security holes made by chance?
I want to verify that router was not affected by DNS changer virus. Router provided by local Internet provider, runs custom firmware with web admin which does not contain DNS settings, no telnet/ssh/upnp. Is it possible to ve… Continue reading Check router for DNS changer virus
Are there known Windows viruses which are capable of ARP spoofing? If so, how widespread are they?
Continue reading Are there known Windows viruses which are capable of ARP spoofing?
Can too restrictive MAC profile (e.x. AppArmor profile) decrease application security?
For example: could it be that too restrictive environment for web browser will protect host system very well while disabling some internal browser sec… Continue reading Can too restrictive Linux MAC policy decrease security?
New Galaxy S8 & S8+ provide Samsung’s new AI assistant called Bixby. This thing was claimed to upload photos and voice records to somewhere. Is it a risk for company confidential information leakage? What about others lik… Continue reading Should smartphones with AI assistants be restricted for use in office?
This question already has an answer here:
Which security measures does PyPI and similar third-party software repositories take?
3 answers
Will I increase my security level by running Firefox from inside a Docker container (XUbuntu) under a non root user?
Does it make sense to do so to protect against different kind of malware & browser holes?
Continue reading Running Firefox from inside a Docker container