Want to use your face to sign in or run process that needs authentication in your computer? There’s a new project to do the job in Linux! It’s Gaze, a free open-source Rust written app that provides simple GTK4 + libadwaita user interface for managing facial authentication, while, a CLI tool is also available for […]
Read MoreFrom Copy Fail to Dirty Frag to Fragnesia and ssh-keysign‑pwn: AI‑driven bug hunters are turning the Linux kernel into a shooting gallery.
The post Fragnesia, ssh-keysign‑pwn, and the Month of Living Dangerously on Linux appeared first on FOSS Force.
…
Two kernel zero‑day fixes, two quick Tails releases, and one Tor‑backed project determined to keep its privacy‑minded users safe — this is open source security hygiene in action.
The post Dirty Frag, Copy Fail, and How Tails Under Tor Delivers ‘O…
If you recently downloaded the Cemu emulator for Linux from the project’s GitHub, be aware: it may have added malware to your system. The team behind the Wii U emulator discovered that both Linux builds of Cemu 2.6 on Github, the AppImage and a s…
Read MoreUse-after-free bug in Exim’s GnuTLS BDAT handling lets remote attackers corrupt memory, with no workaround other than upgrading to version 4.99.3.
The post Exim Mail Server Hit by “Dead.Letter” TLS Flaw, Admins Told to Upgrade appeared first on FOSS Fo…
A trusted Debian dev turns scary new kernel bugs into a temporary one‑click fix until distros ship permanent patches.
The post A Simple One-Click Mitigation for ‘Copy Fail’ and ‘Dirty Frag’ for Debian, Ubuntu, Mint, and Other Debian‑Based Distros appea…
If you haven’t tried Ubuntu’s ‘Permission Prompting’ feature for a while, there’s more reason to do so in the latest release. Canonical’s Oliver Calder has shared an update on recent improvements to the security feat…
Read More‘Copy Fail’ puts Linux users on alert as kernel patches race out and distros scramble to push them to the update channel.
The post Is It Panic Time? Linux’s Big Bad ‘Copy Fail’ Security Exploit appeared first on FOSS Force.
Ubuntu 26.04’s sudo-rs now includes a keypress toggle for password feedback. Switch between visible asterisks and silent input without editing a config file.
You’re reading Ubuntu 26.04’s sudo-rs gets a password feedback toggle, a blog post from …
Want to password protect your files in Linux? Here’s a stupid simple app to do the job for beginners. There are quite a few ways to secure your data in Linux, e.g., encrypt the whole disk, encrypt a folder, or compress files into encrypted archive. For individual files, the GPG (GNU Privacy Guard) command line […]
Read MoreUbuntu engineers are debating ways to reduce the number of features present in the signed version of GRUB, the boot loader used on systems with Secure Boot enabled. Canonical engineer Julian Klode proposes dropping support for /boot on btrfs, HFS+, XFS…
Read MoreA deterministic password manager that generates, rather than stores, your logins — and makes versioning old passwords surprisingly handy.
The post Master Key for Linux’s Different Take on Password Management appeared first on FOSS Force.
Ubuntu 26.04 LTS finally breaks the longstanding security tradition by now displaying the asterisk feedback when typing sudo password in terminal or command console. As you know, most Linux distributions by default do not show any feedback when user is inputting password in terminal or any other command console for sudo authentication. This is NOT […]
Read MoreCIQ brings NIST‑approved post‑quantum crypto into Rocky Linux, turning quantum risk into a practical planning issue for sysadmins and regulated Linux shops.
The post Your Encryption May Not Survive Quantum — But Rocky Linux from CIQ’s Might appea…
CIQ brings NIST‑approved post‑quantum crypto into Rocky Linux, turning quantum risk into a practical planning issue for sysadmins and regulated Linux shops.
The post Your Encryption May Not Survive Quantum — But Rocky Linux from CIQ’s Might appea…
We fixed Heartbleed. We didn’t fix the open source funding problem that still asks the people securing our infrastructure to volunteer while we overpay commodity app builders.
The post Sudo, Heartbleed, and the Lessons We Still Haven’t Learned appeared…
Emergency Tails 7.4.1 update patches critical OpenSSL flaws that could let malicious Tor relays deanonymize users.
The post Tails 7.4.1 Ships Fast to Patch OpenSSL Bug Threatening Anonymity appeared first on FOSS Force.
The update from the Arch Linux project says that details of the attack will not be made available as long as it’s still ongoing.
The post Arch Linux Posts First Update on Ongoing DDoS Attack appeared first on FOSS Force.
Security researchers found that a free VPN extension for Chrome with over 100k is taking screen grabs of users’ browsing and uploading them to a remote server.
You’re reading Free VPN Extension Found Taking Screenshots, Uploading Them, a blog post from…
Arch’s AUR has been busy battling DDoS attacks and malware. Trouble’s not over—and it’s anybody’s guess what’s next… if anything.
The post Arch’s AUR Battles DDoS Attacks and Persistent Malware All Summer (So Far) appeared first on FOSS Force.
…