This week's techmail is Store passwords with pwsafe which looks at the pwsafe CLI application that can keep track of all your passwords and login credentials in a safe and secure manner (and throws in strong password generation as a bonus). Really useful app.

This week's TechMail is Use encrypted filesystems with Linux Logical Volume Manager which discusses how to setup LVM with encryption right at install-time. I'm finding for myself that having information, particularly on laptops, encrypted is becoming increasingly important to me. The nice thing with LVM and having the entire drive …

This week's TechMail is: Get started with the security tool OSSEC, a quick run-down of what OSSEC is and how to use it. It's a pretty big "package", so I couldn't cover everything, just a single-server-use scenario which I think is what the majority of people would use it for …

Adam forwarded me a link to his latest blog post about Linux security. It's quite amusing to read (I suspect someone must have told him how uber secure Linux is). Anyways, it's completely true so for all the pundits who preach on how much more secure Linux is than Windows …

Some statistics, before I go on holidays until the end of the year.

Looking at bugfix updates, we've seen a steady increase since I've kept track (going back to 1999, although I think in 1999 it was only a half-year of doing updates).

• 1999: 13
• 2000: 24
• 2001: 25
• 2002 …

This week's techmail is Get a complete security toolkit with BackTrack 3. I was approached a month or so ago by an individual who does forensic work, mostly on Windows and Mac computers and he was in need of something to do forensics with Linux, and wanted a tool that …

Found another good comic inspired by the Debian OpenSSL issue (no, it will never get too old for me). Forget where I came across this one though... just saw it in my downloads folder as I was doing some cleaning up. It's quite funny though, because it also pokes at …

The announcement just went out for the newly formed oss-security group (which is a similar concept to the private vendor-sec group, but open to anyone interested in helping promote and work with security in open source projects). I've mentioned oss-security before, but the "official" PR just came out (thanks to …

In light of the recent Debian debacle and to get the word out to more people, this week's Techmail is Find and fix weak OpenSSL/OpenSSH keys: Debian-based Linux vulnerability which more or less reiterates what happened with the Debian OpenSSL... fun... and points to the dowkd.pl script that …

It's been an amusing morning reading more takes on the Debian OpenSSL issue. While I was in the know before most others due to vendor-sec, and was able to quickly verify this didn't affect Mandriva, the fallout still continues. For those that think otherwise, this is a big issue, and …