Few IT managers have the luxury of looking ahead more than a year or two.
Nicholas Carr, the author of "Does IT Matter?", takes readers on a trip one decade into the future to see how IT will change and what those changes mean for IT professionals, hardware and software vendors, and corporations of all sizes.
Register now for your free Internet.com membership to download your complimentary eBook. Membership will also give you access to:
What Linus Torvalds thinks about BSD Internet News: "It's soo rude that it's 'funny' - that is if you're not an OpenBSD developer or have a particular affection for monkeys." (Jul 16, 2008)
Linux Today Features
SCO Goes Down and Sun's in Trouble Practical Technology: "The decision is in, and SCO has gone down in defeat. The U.S. District Court in Utah has ruled in favor of Novell in SCO vs. Novell, the keystone case in SCO’s long, and ultimately unsuccessful war against Linux." (Jul 17, 2008)
SECURITY: Attack Code Published for DNS Flaw (Jul 24, 2008, 00:32 UTC) (624 reads)
(0 talkbacks)
(feedback) ZDNet: "Exploit code for the flaw, which allows the insertion of malicious DNS records into the cache of the target nameserver, has been added to Metasploit, a freely distributed attack/pen-testing tool."
Researcher Spills Beans on DNS Flaw Specs (Jul 23, 2008, 23:15 UTC) (622 reads)
(2 talkbacks)
(feedback) LinuxInsider: "Although Dan Kaminsky -- the security researcher who discovered the massive DNS flaw widely reported two weeks ago -- asked the security community not to reveal details about the vulnerability for 30 days, a reverse engineering expert posted a theory about it on his blog. Later, the security firm Matasano confirmed the hypothesis, only to later apologize for doing so."
Google Blogger "hosts 2% of world's malware" (Jul 23, 2008, 21:17 UTC) (587 reads)
(0 talkbacks)
(feedback) PCPro: ""Blogger accounts for around 2% of malware," according to Sophos's senior technology consultant, Graham Cluley. "It's head and shoulders above the rest [of the blogging services].""
SELinux and Fedora (Jul 23, 2008, 15:45 UTC) (675 reads)
(0 talkbacks)
(feedback) LWN: "Red Hat has undoubtedly done more to make SELinux usable than any other organization, but has it actually reached the point where it can be enabled by default for all desktops? The Fedora project clearly thinks so. Not only is SELinux enabled, but the installer no longer has an option to disable it or to put it into "permissive" mode."
The Pwnie Awards- Nominations Are Up! (Jul 22, 2008, 17:15 UTC) (651 reads)
(0 talkbacks)
(feedback) The Pwnie Awards: "It seems like hardly a week goes by without a new vulnerability in WordPress or one of its many plugins. Many of them are actively being exploited to own popular WordPress blogs and use them to serve spam or client-side exploits to unsuspecting visitors. The popularity of WordPress combined with the abysmal security practices of WordPress plugin developers places the entire Internet at risk and is worthy of a nomination."
Is Open Source Development Insecure? (Jul 22, 2008, 13:30 UTC) (1019 reads)
(5 talkbacks)
(feedback) Internetnews: ""In particular Microsoft blazed this path of having a security lead someone who is within the development organization and whose primary responsibility is security and that's critical," West argued. "That's not happening in open source projects today.""
Encrypt The System Manually Upon Installation (Ubuntu 8.04) (Jul 20, 2008, 13:30 UTC) (1973 reads)
(0 talkbacks)
(feedback) HowtoForge: "Another howto by me concerning encryption. However this one will be pretty intense on graphics. I have a step-by-step guide on how to do a manual full encryption of the system."
Piracy and Malware - Pfft! (Jul 17, 2008, 20:15 UTC) (1437 reads)
(1 talkbacks)
(feedback) Brendan Scott's Weblog "A variant of this argument is that the downloads expose the kids to evil pornographers. Therefore piracy is bad and the government should pass laws to stop it."
SECURITY: Debunking the Linux Virus Myth (Jul 17, 2008, 18:00 UTC) (2864 reads)
(1 talkbacks)
(feedback) MYLRO.org: "There are numerous reasons why a Linux PC is more secure from malicious software than a Windows PC. The most obvious is the way a user interacts with his operating system. Virus and worm writers make heavy use of social engineering to trick users into opening a file. One day you receive an attachment disguised as an image that promises you a heaven of naked movie stars, and without thinking twice, you click and open."
Trend Micro: Antivirus Industry Lied for 20 Years (Jul 16, 2008, 18:14 UTC) (3487 reads)
(5 talkbacks)
(feedback) ZDNet: "In the antivirus business, we have been lying to customers for 20 years. People thought that virus protection protected them, but we can never block all viruses. Antivirus refresh used to be every 24 hours. People would usually get infected in that time and the industry would clean them up with a new pattern file."
Firefox 2.0.0.16 Today; 3.0.1 Tomorrow? (Jul 16, 2008, 17:30 UTC) (1579 reads)
(0 talkbacks)
(feedback) Internet News: "Barely two weeks after Mozilla patched Firefox to version 2.0.0.15, the 2.0.0.16 version is out patching a pair of critical flaws. Users of the newer Firefox 3.x version however will have to wait until later today to get their fixes in the 3.0.1 update. Both Firefox 2.x and 3.x are at risk from the same two flaws."
SECURITY: Kernel Vulnerability in Ubuntu 8.04, 7.10, 7.04 and 6.06 LTS (Jul 16, 2008, 14:51 UTC) (1861 reads)
(1 talkbacks)
(feedback) Softpedia: "A security vulnerability was discovered yesterday in the Linux kernel packages of the Ubuntu 8.04, 7.10, 7.04 and 6.06 LTS distributions (also applies to Kubuntu, Edubuntu and Xubuntu). This kernel vulnerability could lead to DoS (Denial of Service) attacks and loss of privacy."
SECURITY: Flaws Found in BSD, Linux Software Updaters (Jul 15, 2008, 21:15 UTC) (1871 reads)
(3 talkbacks)
(feedback) ZDNet: "The software update mechanisms used by most BSD and Linux operating systems can be tricked into installing buggy or known-to-be-compromised software on users' systems, creating serious security risks, according to new research."
Fedora's FreeIPA Offers Identity, Security Services (Jul 13, 2008, 16:00 UTC) (1837 reads)
(1 talkbacks)
(feedback) LinuxWorld: "Fedora 9, released last month, included the first release of FreeIPA, a new free/open source project that comes out of Red Hat with the goal of becoming a complete and integrated security information management solution..."
SECURITY: Preventing DNS Poisoning in Linux (Jul 12, 2008, 00:00 UTC) (3800 reads)
(2 talkbacks)
(feedback) Practical Technology: "...[L]et me repeat what Paul Mockapetris, DNS' (Domain Name System) inventor, had to say about this security hole: Patch your DNS servers right now..."
Reminder: Physical Access = Root Access (Jul 10, 2008, 20:15 UTC) (3017 reads)
(7 talkbacks)
(feedback) The Open Source Advocate: "Today I needed to reset a password on an Ubuntu system. While doing this, I was reminded of just how simple it is to get root access on a default install of Ubuntu..."
SECURITY: UnConfusing The Issue Of Disabling Root On Linux or Unix (Jul 7, 2008, 07:30 UTC) (2543 reads)
(0 talkbacks)
(feedback) The Linux and Unix Menagerie: "Loosely following up on a few previous posts regarding securing Linux and Unix and even more fun with Unix and Linux security, today we're going to look at something vaguely security-related, and also vaguely scary..."
Easily Track Intrusion Attempts on Your Web Site (Jul 1, 2008, 02:00 UTC) (1805 reads)
(0 talkbacks)
(feedback) DeveloperWorks: "Detect intrusions, and prevent attacks from ruining your Web designs and application programming using Snort, a free and open source Network Intrusion Prevention System (NIPS) and Network Intrusion Detection System (NIDS) tool. In the first article in this series, you installed Snort and made sure it could detect packets, log traffic, and be prepared to detect intrusions. In this article, learn what the data inside those packets means, and how you can use that data to infer whether attacks are occurring and alert system administrators to those attacks."
Ubuntu's Role in Bug Management for the Whole Free Software Stack (Jun 27, 2008, 16:30 UTC) (2517 reads)
(0 talkbacks)
(feedback) here be dragons: "A distribution occupies a very specific niche in the free software ecosystem. Among other things, we need to accept some responsibility for ALL the software defects ('bugs') that users actually experience across the entire stack..."
SECURITY: Linux Security: Easy as 1-2-3 (Jun 27, 2008, 12:00 UTC) (2959 reads)
(0 talkbacks)
(feedback) Enterprise Networking Planet: "But you can certainly beef up the security of a given Linux system to make it more secure than it would otherwise be--while still enabling it to do its job--and it's that process, known as hardening, that is the subject of this article..."
SECURITY: Open-Source Smart Card Project Launched (Jun 25, 2008, 12:00 UTC) (1763 reads)
(0 talkbacks)
(feedback) Computerworld UK: "A Dutch charity is funding an open-source project to design smart card software that offers stronger protection of personal data in light of security vulnerabilities found with cards used today..."
My Linux Box is INFECTED! (Jun 10, 2008, 03:45 UTC) (6722 reads)
(33 talkbacks)
(feedback) Blog of Helios: "Hey, I wasn't doing anything a million other websurfers weren't doing... all I wanted was a link to a live webcam somewhere in Felton California..."
SECURITY: SSL with Firefox 3 (Jun 6, 2008, 20:15 UTC) (3356 reads)
(0 talkbacks)
(feedback) Join the Revolution!: "For me this is a very exciting event and a great opportunity to show you which changes and improvements will effect us, specially in relation to SSL secured web sites..."
SECURITY: Surprise ARP Attack Draws Attention (Jun 6, 2008, 16:30 UTC) (2560 reads)
(0 talkbacks)
(feedback) Computerworld Australia: "In the recently reported attack, H D Moore's Metasploit Project had all Internet traffic redirected to a defaced page, announcing that a group called sunwear had hacked the site for fun..."
Barracuda Tries to Gobble-Up SourceFire (Jun 3, 2008, 15:00 UTC) (1771 reads)
(0 talkbacks)
(feedback) Socialized Software: "Over the last few years there has been a lot of fanfare around open source companies and their liquidation events..."
SECURITY: When Snort is Not Enough (Jun 3, 2008, 06:00 UTC) (2512 reads)
(1 talkbacks)
(feedback) SearchSecurityChannel: "As an independent security consultant I offered a course to customers called Network Security Operations, which covered network-centric intrusion detection, response and forensics..."
SECURITY: Locking Down ssh Authorized Keys (Jun 2, 2008, 06:00 UTC) (3647 reads)
(0 talkbacks)
(feedback) Joey Shy Jo: "The way .ssh/authorized_keys is typically used is not secure. Because using it securely is hard, and dumping in passwordless ssh keys is easy..."
SECURITY: Samba Dinged by 'Highly Critical' Flaw (May 29, 2008, 12:45 UTC) (3890 reads)
(4 talkbacks)
(feedback) Zero Day: "Researchers at Secunia have flagged a 'highly critical' vulnerability in Samba, the widely deployed open-source software for networked file sharing and printing..."
eBook library
