LWN.net Logo

Security index

This index covers articles that appeared in LWN on various security-related topics. Articles from 2007 on are indexed here.

Anonymity

Eavesdropping on Tor traffic (September 12, 2007)

TorProxy and Shadow (October 14, 2009)

Apache

Apache attacked by a "slow loris" (June 24, 2009)

AppArmor

Linux security non-modules and AppArmor (June 27, 2007)

The future of AppArmor (October 17, 2007)

TOMOYO Linux and pathname-based security (April 14, 2008)

Application binary interface (ABI)

Cascading security updates (February 27, 2008)

Authentication

Biometric

Fingerprint recognition using fprint (November 21, 2007)

Biometrics for identification (April 2, 2008)

Bypass

Authentication bypass in routers (March 5, 2008)

Backdoors

The backdooring of WordPress (March 7, 2007)

The backdooring of SquirrelMail (December 19, 2007)

Berkeley Internet Name Daemon (BIND)

Cache poisoning vulnerability found in BIND (July 25, 2007)

The dangers of weak random numbers (February 20, 2008)

Books

Book Review: Hacking VoIP (January 28, 2009)

Book review: Nmap Network Scanning (February 18, 2009)

Botnets

Storm worm gains strength (August 29, 2007)

ITU getting serious about botnets (November 28, 2007)

Storm botnet used to study spam (November 12, 2008)

Linux botnets (March 25, 2009)

Browser cookies

Session cookies for web applications (May 21, 2008)

Another kind of cookie (October 29, 2008)

Bug reporting

Counting vulnerabilities (June 22, 2007)

Cascading security updates (February 27, 2008)

Secrecy and the DNS flaw (July 9, 2008)

Injunction lifted against MIT students (August 20, 2008)

Partial disclosure (October 8, 2008)

Distribution advisories (November 26, 2008)

"Vishing" advisory targets Asterisk (December 17, 2008)

CAPTCHA

Breaking CAPTCHA (March 19, 2008)

CERT

GCC and pointer overflows (April 16, 2008)

Certifications

Red Hat and IBM get certified (June 20, 2007)

Fedora and CAPP (December 10, 2008)

chroot()

What chroot() is really for (October 3, 2007)

Cross-site scripting (XSS)

Extended Validation certificates and cross-site scripting (March 12, 2008)

Mozilla's Content Security Policy (July 1, 2009)

Cross-site scripting here at LWN (November 4, 2009)

Chrome reflective XSS protection (November 4, 2009)

Cryptography

BruCON: Can we trust cryptography? (September 30, 2009)

Desktop

Desktop malware risk gets raised and patched (February 25, 2009)

A desktop "secrets" API (July 29, 2009)

Linux malware: an incident and some solutions (December 23, 2009)

Detecting vulnerabilities

Capturing web attacks with open proxy honeypots (July 3, 2007)

Distributions

ParanoidLinux: from fiction to reality (October 1, 2008)

Tin Hat: secured by running from RAM (March 18, 2009)

Distribution security

LCA: How to improve Debian security (January 17, 2007)

Security hardening for Debian (February 6, 2008)

Eee PC security or lack thereof (February 13, 2008)

Debian, OpenSSL, and a lack of cooperation (May 14, 2008)

Debian vulnerability has widespread effects (May 14, 2008)

SELinux and Fedora (July 9, 2008)

Ubuntu, security response, and community contributions (July 16, 2008)

Fedora distributes new keys (September 10, 2008)

Distribution advisories (November 26, 2008)

Fedora and CAPP (December 10, 2008)

OpenVAS replacing Nessus in Debian (August 12, 2009)

Fedora 12 and unprivileged package installation (November 20, 2009)

Package managers

Trust and mirrors (July 16, 2008)

Attacks on package managers (April 8, 2009)

Document Object Model (DOM)

Finding bugs lurking in the DOM (January 30, 2008)

Leaking browser history (June 25, 2008)

Domain Name System (DNS)

DNSCurve: an alternative to DNSSEC (July 8, 2009)

TCP cookie transactions (December 16, 2009)

Cache poisoning

Cache poisoning vulnerability found in BIND (July 25, 2007)

Secrecy and the DNS flaw (July 9, 2008)

Details of the DNS flaw revealed (August 13, 2008)

Email

Spam prevention

Backscatter increase clogs inboxes (April 9, 2008)

Encryption

Disk

"Evil Maid" attack against disk encryption (October 28, 2009)

DMCA

Another attempt at DMCA reform - sort of (February 28, 2007)

Email

Email privacy (November 7, 2007)

Filesystems

The Tahoe secure filesystem (April 30, 2008)

Mobile phone

GSM encryption crack made public (January 6, 2010)

Web

The future of unencrypted web traffic (January 2, 2008)

Deep packet inspection (July 23, 2008)

Firefox

Firefox security status (June 7, 2007)

Firefox 3 SSL certificate warnings (August 27, 2008)

Firefox security add-ons (January 21, 2009)

Firefox locks down the components directory (November 24, 2009)

GCC

GCC and pointer overflows (April 16, 2008)

Hardening

Security hardening for Debian (February 6, 2008)

Hardware

Attacking network cards (May 28, 2008)

Hijacking

X programs

OpenSSH bug falls through the cracks (April 9, 2008)

Identity management

Bandit: multi-protocol identity management (September 26, 2007)

OpenID 2.0 closing in on acceptance (October 31, 2007)

Information leak

Our devices are spilling our secrets (August 1, 2007)

Sanitizing kernel memory (May 27, 2009)

Page sanitization, part 2 (June 3, 2009)

Integrity management

Integrity management in the kernel (March 28, 2007)

System integrity in Linux (December 3, 2008)

Integrity management using Intel TXT (April 1, 2009)

Enabling DRM in the kernel? (May 20, 2009)

Internet

SCADA system vulnerabilities (June 11, 2008)

Deep packet inspection (July 23, 2008)

Pogoplug makes internet data sharing easy (December 9, 2009)

TCP cookie transactions (December 16, 2009)

Honeypots

Capturing web attacks with open proxy honeypots (July 3, 2007)

Routers

Home routers and security flaws (October 10, 2007)

The Onion Router (Tor)

Eavesdropping on Tor traffic (September 12, 2007)

TorProxy and Shadow (October 14, 2009)

Voice over IP (VoIP)

The Skype outage (August 22, 2007)

"Vishing" advisory targets Asterisk (December 17, 2008)

Book Review: Hacking VoIP (January 28, 2009)

A trojan for Skype (September 2, 2009)

Jails

What chroot() is really for (October 3, 2007)

Javascript

Web security vulnerabilities and Javascript (January 23, 2008)

All the malware that's fit to print (September 16, 2009)

Linux kernel

revoke() returns (December 18, 2007)

vmsplice(): the making of a local root exploit (February 12, 2008)

The rest of the vmsplice() exploit story (March 4, 2008)

Handling kernel security problems (July 16, 2008)

Kernel security, year to date (September 9, 2008)

System calls and rootkits (September 10, 2008)

DR rootkit released under the GPL (September 10, 2008)

The future for grsecurity (January 7, 2009)

Seccomp and sandboxing (May 13, 2009)

Sanitizing kernel memory (May 27, 2009)

Page sanitization, part 2 (June 3, 2009)

Fun with NULL pointers, part 1 (July 20, 2009)

Fun with NULL pointers, part 2 (July 21, 2009)

Null pointers, one month later (August 18, 2009)

/proc and directory permissions (October 28, 2009)

Another null pointer exploit (November 4, 2009)

Credentials

Credential records (September 25, 2007)

Linux/POSIX capabilities

LCA: How to improve Debian security (January 17, 2007)

Fixing CAP_SETPCAP (October 31, 2007)

Restricting root with per-process securebits (April 30, 2008)

Filesystem capabilities in Fedora 10 (January 7, 2009)

Another Linux capabilities hole found (April 15, 2009)

Netfilter

Passive OS fingerprinting added to netfilter (June 10, 2009)

Random number generation

On entropy and randomness (December 12, 2007)

Linux ASLR vulnerabilities (April 29, 2009)

Random numbers for ASLR (May 13, 2009)

Virtual file system (VFS)

A kernel security hole (January 16, 2008)

Linux malware

Linux malware: an incident and some solutions (December 23, 2009)

Linux Security Modules (LSM)

Linux security non-modules and AppArmor (June 27, 2007)

Smack for simplified access control (August 8, 2007)

SMACK meets the One True Security Module (October 2, 2007)

The future of AppArmor (October 17, 2007)

LSM: loadable or static? (October 24, 2007)

Kernel-based malware scanning (December 4, 2007)

TOMOYO Linux and pathname-based security (April 14, 2008)

OLS: Smack for embedded devices (August 6, 2008)

Snet and the LSM API (January 28, 2009)

Restricting the network (January 6, 2010)

Mobile phones

Android's first vulnerability (November 5, 2008)

Android application security (February 4, 2009)

What lessons can be learned from the iPhone worms? (November 11, 2009)

GSM encryption crack made public (January 6, 2010)

Networking

Filesystems

The Tahoe secure filesystem (April 30, 2008)

Obfuscation

Hiding open ports with shimmer (January 9, 2008)

Wireless

USB device authorization (July 17, 2007)

One Laptop Per Child (OLPC)

Bitfrost: the OLPC security model (February 7, 2007)

OLPC's software update problem (July 3, 2007)

OpenOffice.org

BadBunny? Only if you invite it in (June 12, 2007)

OpenSSH

OpenSSH bug falls through the cracks (April 9, 2008)

OpenSSH and keystroke timings (September 17, 2008)

SSH plaintext recovery vulnerability (November 19, 2008)

Crying wolf over OpenSSH (July 15, 2009)

Distributed brute force ssh attacks (October 21, 2009)

OpenSSL

Debian, OpenSSL, and a lack of cooperation (May 14, 2008)

Debian vulnerability has widespread effects (May 14, 2008)

Organizations

oCERT and oss-security (June 4, 2008)

PHP

Tools

Scanning for PHP vulnerabilities with Pixy (June 27, 2007)

Physical security

"Evil Maid" attack against disk encryption (October 28, 2009)

PostgreSQL

SE-PostgreSQL uses SELinux for database security (July 18, 2007)

Privacy

Our devices are spilling our secrets (August 1, 2007)

Eavesdropping on Tor traffic (September 12, 2007)

Email privacy (November 7, 2007)

Another kind of cookie (October 29, 2008)

Python

Reviving Python restricted mode (March 4, 2009)

Race conditions

Exploiting races in system call wrappers (August 15, 2007)

Exploiting symlinks and tmpfiles (September 19, 2007)

Random number generation

On entropy and randomness (December 12, 2007)

The dangers of weak random numbers (February 20, 2008)

Debian, OpenSSL, and a lack of cooperation (May 14, 2008)

Debian vulnerability has widespread effects (May 14, 2008)

Linux ASLR vulnerabilities (April 29, 2009)

Random numbers for ASLR (May 13, 2009)

Reference

The Application Security Desk Reference (June 18, 2008)

Research

Auctions

Security research: buy low, sell high? (July 11, 2007)

Rootkits

System calls and rootkits (September 10, 2008)

DR rootkit released under the GPL (September 10, 2008)

Ruby

Ruby security flaws expose release process problems (July 2, 2008)

Samba

Eee PC security or lack thereof (February 13, 2008)

Secure Sockets Layer (SSL)

TLS renegotiation vulnerability (November 18, 2009)

Certificates

Extended Validation certificates and cross-site scripting (March 12, 2008)

Firefox 3 SSL certificate warnings (August 27, 2008)

SSL man-in-the-middle attacks (December 24, 2008)

SSL certificates and MD5 collisions (January 14, 2009)

SSL flaws revealed at Black Hat (August 5, 2009)

Security Enhanced Linux (SELinux)

SE-PostgreSQL uses SELinux for database security (July 18, 2007)

SELinux and Fedora (July 9, 2008)

OLS: SELinux from academia to your desktop (July 30, 2008)

Newer kernels and older SELinux policies (September 24, 2008)

SELinux permissive domains (October 15, 2008)

SHA-1

Dealing with weakness in SHA-1 (June 17, 2009)

Signing code

Java cryptography and free distributions (March 14, 2007)

Integrity management in the kernel (March 28, 2007)

Enabling DRM in the kernel? (May 20, 2009)

Software updates

Forcing updates (February 11, 2009)

The Firefox extension war (May 6, 2009)

Spam

Backscatter increase clogs inboxes (April 9, 2008)

Storm botnet used to study spam (November 12, 2008)

Talpa

Kernel-based malware scanning (December 4, 2007)

The TALPA molehill (August 6, 2008)

TALPA strides forward (August 27, 2008)

TOMOYO Linux

TOMOYO Linux and pathname-based security (April 14, 2008)

Tools

Finding buffer overflows with Parfait (July 29, 2009)

Access control

Smack for simplified access control (August 8, 2007)

Browser exploit detection

Finding bugs lurking in the DOM (January 30, 2008)

Firewall

All aboard the SmoothWall Express (August 29, 2007)

Hiding open ports with shimmer (January 9, 2008)

Fuzzing

Fusil: a Python fuzzing library (March 11, 2009)

Network vulnerability scanner

OpenVAS replacing Nessus in Debian (August 12, 2009)

OS detection

Passive OS fingerprinting added to netfilter (June 10, 2009)

Password guessing prevention

Preventing brute force ssh attacks (October 24, 2007)

Distributed brute force ssh attacks (October 21, 2009)

Penetration testing

Mobile phone or penetration tool? (September 24, 2008)

PHP code scanning

Scanning for PHP vulnerabilities with Pixy (June 27, 2007)

Policy management

Centralizing policy rules with PolicyKit (November 14, 2007)

SQL injection scanning

Find SQL injection vulnerabilities with sqlmap (September 3, 2008)

Transport Layer Security (TLS)

TLS renegotiation vulnerability (November 18, 2009)

Virtualization

LinuxCon: Secure virtualization with sVirt (September 23, 2009)

Virus scanning

DazukoFS: a stackable filesystem for virus scanning (February 11, 2009)

Voting machines

Securing our votes (August 8, 2007)

Voting machine integrity through transparency (March 26, 2008)

Vulnerabilities

Authentication bypass

Authentication bypass in routers (March 5, 2008)

Cross-site request forgery (CSRF)

Cross-site request forgery (October 17, 2007)

Cryptographic splicing

Cryptographic splicing makes for a Wordpress vulnerability (May 7, 2008)

Denial of service

Apache attacked by a "slow loris" (June 24, 2009)

HTTP response splitting

HTTP response splitting (October 17, 2008)

Image handling

Image handling vulnerabilities (April 23, 2008)

Information leak

Linux ASLR vulnerabilities (April 29, 2009)

Macro language (ab)use

BadBunny? Only if you invite it in (June 12, 2007)

Privilege escalation

vmsplice(): the making of a local root exploit (February 12, 2008)

The rest of the vmsplice() exploit story (March 4, 2008)

Standards, the kernel, and Postfix (August 20, 2008)

Another Linux capabilities hole found (April 15, 2009)

A privilege escalation flaw in udev (April 22, 2009)

Fun with NULL pointers, part 1 (July 20, 2009)

Fun with NULL pointers, part 2 (July 21, 2009)

Null pointers, one month later (August 18, 2009)

Attacks against WordPress installations (September 9, 2009)

On the importance of return codes (December 2, 2009)

Race conditions

Exploiting races in system call wrappers (August 15, 2007)

SQL injection

Find SQL injection vulnerabilities with sqlmap (September 3, 2008)

Temporary files

Exploiting symlinks and tmpfiles (September 19, 2007)

Web application flaws

The backdooring of WordPress (March 7, 2007)

Home routers and security flaws (October 10, 2007)

Cross-site request forgery (October 17, 2007)

The backdooring of SquirrelMail (December 19, 2007)

Web security vulnerabilities and Javascript (January 23, 2008)

Cryptographic splicing makes for a Wordpress vulnerability (May 7, 2008)

Attacks against WordPress installations (September 9, 2009)

Web browsers

Leaking browser history (June 25, 2008)

The Firefox extension war (May 6, 2009)

Google's Native Client (June 3, 2009)

Mozilla's Content Security Policy (July 1, 2009)

Google's Chromium sandbox (August 19, 2009)

Firefox extension vulnerabilities (August 26, 2009)

Firefox locks down the components directory (November 24, 2009)

Web sessions

Session cookies for web applications (May 21, 2008)

Copyright © 2010, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds