TrueCrypt Audit Cryptanalysis Finds No Backdoors

The results are in from the cryptanalysis phase of the TrueCrypt audit, and they show—nothing. Well, maybe not “nothing,” but certainly no signs of a deliberate backdoor from the NSA or any government entity, fears of which date back to the autumn of 2013, post-Snowden, and ignited talk to have t...

Minimalistic CLI Tool to Manage Encrypted Volumes: Tomb

Tomb is an 100% free and open source system for file encryption on GNU/Linux, facilitating the backup of secret files. Tomb is written in code that is easy to review and links commonly shared components. Tomb generates encrypted storage folders to be opened and closed using their associated...

Oracle Linux 6 : dracut (ELSA-2013-1674)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1674 advisory. 004-336.0.1 - do not strip modules with signatures. orabug 17458249 Jerry Snitselaar - scsiwait module removed in 3.8. Mute errors. orabug 16977193 Maxim Uvarov...

CVE-2001-1079

CVE-2001-1079 concerns the creation of keyfile directories with world-writable permissions in PSSP 3.2 with DCE 3.1 authentication on AIX. The underlying issue is that a local user can exploit these permissions to delete key files, leading to a denial of service. The description specifies the aff...