10 ways you might be breaking the law with your computer: UPDATED 10 Things: "Legislation that affects the use of Internet-connected computers is springing up everywhere at the local, state and federal levels. You might be violating one of them without even knowing." (Mar 12, 2010)
Linux Today Features
Linux Today Sticky Page On this page we'll maintain links to important articles and documents that pertain to Free Software, Linux, and the tech industry. Please submit your suggestions to editors@linuxtoday.com. Thank you! (Jun 15, 2009)
Small Features
The 10 Most Downloaded Open Source Apps Of All Time! Geek Trio: "Everyone loves open source software. After all… its free! Many times I’ve heard the question, “what is the most popular open source application of all time?” I decided to find out." Mar 10, 2010
Two front ends for Clamav (Mar 10, 2010, 21:32 UTC) (1546 reads)
(0 talkbacks)
(feedback) Experimenting with GNU/Linux: "There are several graphical front ends for clam av which can make your life easy. The most popular among them are clamtk and Klamav."
Multiple Apache Web Server Flaws Patched (Mar 9, 2010, 19:36 UTC) (1116 reads)
(0 talkbacks)
(feedback) Serverwatch: "The Apache HTTP Web Server is the most widely deployed Web server on the Internet today, which means that vulnerabilities in the open source server can have a devastating impact. That also makes security updates like the new 2.2.15 release critical, since it addresses several security vulnerabilities in Apache's flagship HTTP Web server."
Ok, Be Afraid if Someone's Got a Voltmeter Hooked to Your CPU (Mar 8, 2010, 00:02 UTC) (4483 reads)
(3 talkbacks)
(feedback) Bradley M. Kuhn: "Boy, do I hate it when a FLOSS project is given a hard time unfairly. I was this morning greeted with news from many places that OpenSSL, one of the most common FLOSS software libraries used for cryptography, was somehow severely vulnerable."
Windows Security Gets Boost from Open Source ClamAV (Mar 4, 2010, 23:33 UTC) (2914 reads)
(2 talkbacks)
(feedback) eSecurityPlanet: "The open source ClamAV project is often used on servers as a way to scan and secure e-mail gateways and Windows file shares. Now ClamAV is coming to the Windows desktop too, by way of the cloud."
RSA Authentication Weakness Discovered (Mar 4, 2010, 19:03 UTC) (2504 reads)
(2 talkbacks)
(feedback) Help Net Security: "The most common digital security technique used to protect both media copyright and Internet communications has a major weakness, University of Michigan computer scientists have discovered."
Microsoft warns Windows XP users, 'don't touch the F1 key' (Mar 3, 2010, 03:02 UTC) (5462 reads)
(7 talkbacks)
(feedback) Computerworld: "Microsoft has warned Windows XP users not to press the F1 key when prompted by a website, as part of its reaction to an unpatched vulnerability that hackers could exploit to hijack PCs running Internet Explorer (IE)."
The Perils of Sudo With User Passwords (Feb 26, 2010, 23:33 UTC) (4162 reads)
(0 talkbacks)
(feedback) Longitude Tech Blog: "The consensus among new Unix and Linux users seems to be that sudo is more secure than using the root account, because it requires you type your password to perform potentially harmful actions."
Phishing, SQL Injection Attacks Surged in 2009 (Feb 26, 2010, 04:33 UTC) (1498 reads)
(0 talkbacks)
(feedback) eSecurityPlanet: "Hackers continued to have great success taking advantage of vulnerabilities in applications, such as Adobe Systems' Acrobat, and Web browsers from Mozilla and Microsoft to compromise unsuspecting users' machines or data, according to IBM's annual X-Force Trend and Risk Report."
VeriSign Debuts New Online Trust Seal (Feb 24, 2010, 03:03 UTC) (1845 reads)
(1 talkbacks)
(feedback) eSecurity Planet: "How do you know that the site you're visiting isn't infected with malware? VeriSign is trying to make the answer easier for users to know with the introduction of its new VeriSign Trust Seal."
Chuck Norris is not a Linux virus (Feb 23, 2010, 22:03 UTC) (4302 reads)
(4 talkbacks)
(feedback) Sure, It's Secure: "Get a grip people. A recent story about the so-called Chuck Norris botnet implies that it breaks Linux's security. Wrong."
Hackers Leverage Global Authority Void (Feb 23, 2010, 15:33 UTC) (1753 reads)
(3 talkbacks)
(feedback) Datamation: "The best weapon against the online thieves, spies and vandals who threaten global business and security would be international regulation of cyberspace."
Wiretapping the Internet: Legal and Dangerous? (Feb 23, 2010, 12:33 UTC) (1843 reads)
(1 talkbacks)
(feedback) eSecurity Planet: "Various jurisdictions around the world have legal requirements to ensure that voice and data traffic can be wiretapped in the interest of public safety and national security. According to an IBM researcher, that same requirement for wiretapping, or lawful intercept of data, could potentially be abused by an attacker."
2 China Schools Said to Be Tied to Online Attacks (Feb 22, 2010, 08:03 UTC) (2046 reads)
(1 talkbacks)
(feedback) NY Times: "But the company has contacted computer security specialists to confirm what has been reported by other targeted companies: access to the companies’ servers was gained by exploiting a previously unknown flaw in Microsoft’s Internet Explorer Web browser."
Metasploit Gains Further Commercial Adoption (Feb 18, 2010, 17:32 UTC) (1228 reads)
(0 talkbacks)
(feedback) eSecurityPlanet: "The open source Metasploit framework is often the place where security vulnerabilities become usable enabling security researchers to test out exploits and fix flaws. Until recently, Metasploit was typically used only as a standalone community project, but that's no longer the case."
16 Feb 2010: Red Hat's Top 11 Most Serious Flaw Types for 2009 (Feb 17, 2010, 23:33 UTC) (1949 reads)
(0 talkbacks)
(feedback) Mark Cox: "The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors was published today listing the most widespread issues that lead to software vulnerabilities. During the creation and review of the list we spent some time to see how closely last years list matched the types of flaws we deal with at Red Hat."
2010 CWE--SANS Top 25 Most Dangerous Programming Errors (Feb 17, 2010, 20:03 UTC) (2414 reads)
(1 talkbacks)
(feedback) CWE: "The Top 25 list is a tool for education and awareness to help programmers to prevent the kinds of vulnerabilities that plague the software industry, by identifying and avoiding all-too-common mistakes that occur before software is even shipped."
Rogue PDFs account for 80% of all exploits, says researcher (Feb 17, 2010, 17:03 UTC) (2403 reads)
(5 talkbacks)
(feedback) Computerworld: "Just hours before Adobe is slated to deliver the latest patches for its popular PDF viewer, a security firm announced that by its counting, malicious Reader documents made up 80% of all exploits at the end of 2009."
Security Expert Releases New Linux Distribution for Ethical Hacking and Penetration Testing (Feb 16, 2010, 23:33 UTC) (2684 reads)
(0 talkbacks)
(feedback) IT Backbones: "Dr. Ali Jahangiri, the well known security expert and author of Live Hacking: The Ultimate Guide to Hacking Techniques & Countermeasures for Ethical Hackers & IT Security Experts, is pleased to announce the launch of the Live Hacking CD, a new Linux distribution designed for ethical hacking"
Mozilla Retracts Add-On Malware Accusation (Feb 12, 2010, 20:33 UTC) (2684 reads)
(1 talkbacks)
(feedback) eSecurityPlanet: "Sometimes you get it right, and sometimes, well, you don't.
Mozilla last week said it had identified malware in two Firefox add-ons and pulled both from its Add-Ons Mozilla (AMO) Web site."
32% of computers with AV protection are infected (Feb 11, 2010, 03:03 UTC) (4854 reads)
(1 talkbacks)
(feedback) Help Net Security: "A SurfRight report shows statistics that give credibility to the lately popular opinion that one anti-virus solution is no longer enough to be sure your computer isn't infected."
New Russian botnet tries to kill rival
(Feb 10, 2010, 16:02 UTC) (3069 reads)
(3 talkbacks)
(feedback) Network World: "An upstart Trojan horse program has decided to take on its much-larger rival by stealing data and then removing the malicious program from infected computers."
OpenDNSSEC 1.0.0 released (Feb 10, 2010, 00:02 UTC) (2131 reads)
(0 talkbacks)
(feedback) Help Net Security: "Internet engineers continue to enhance Internet security with the release of OpenDNSSEC, a tool which simplifies the process of signing one or more zones with DNSSEC."
House Passes Cybersecurity Bill (Feb 7, 2010, 12:02 UTC) (2622 reads)
(0 talkbacks)
(feedback) NY Times: "The House today overwhelmingly passed a bill aimed at building up the United States’ cybersecurity army and expertise, amid growing alarm over the country’s vulnerability online."
Fake Firefox Update Pages Push Adware (Feb 6, 2010, 04:02 UTC) (3702 reads)
(0 talkbacks)
(feedback) Threat Center Live Blog: "Adware pushers are capitalizing on the success of Firefox, packing ad serving software in with the program in an effort to increase their reach."
10 Kernel Vulnerabilities in Ubuntu 6.06, 8.04, 8.10, 9.04 and 9.10 (Feb 5, 2010, 22:32 UTC) (4462 reads)
(3 talkbacks)
(feedback) Softpedia: "Canonical announced a few hours ago the immediate availability of a new Linux kernel security update for the following Ubuntu distributions: 6.06 LTS (Dapper Drake), 8.04 LTS (Hardy Heron), 8.10 (Intrepid Ibex), 9.04 (Jaunty Jackalope) and 9.10 (Karmic Koala)."
Hacking for Fun and Profit in China’s Underworl (Feb 4, 2010, 18:33 UTC) (2526 reads)
(0 talkbacks)
(feedback) NY Times: “Microsoft and Adobe have a lot of zero days,” he said, while scanning Web sites at home. “But we don’t publish them. We want to save them so that some day we can use them.”
Flash Is at Risk, But It's Not All Adobe's Fault (Feb 1, 2010, 23:03 UTC) (2737 reads)
(0 talkbacks)
(feedback) eSecurityPlanet: "Mike Bailey, a senior security analyst with Foreground Security, is now turning the focus to how common programming bugs can enable Flash objects to attack Web sites."
Nmap 5.20 Released (Jan 26, 2010, 01:34 UTC) (1538 reads)
(0 talkbacks)
(feedback) Insecure.org: "Happy new year, everyone. I'm happy to announce Nmap 5.20--our first
stable Nmap release since 5.00 last July! It offers more than 150
significant improvements..."
The IE Fix is in (Jan 26, 2010, 00:04 UTC) (1765 reads)
(0 talkbacks)
(feedback) Sure, It's Secure: "First, the good news, Microsoft's fixed the IE bug used to attack Google. The bad news: the bug had been known for months."
Tor Project servers hacked (Jan 25, 2010, 20:33 UTC) (1471 reads)
(0 talkbacks)
(feedback) The H Open: "This is because, in early January, two of the project's seven directory authorities (moria1 and gabelmoo) as well as the metrics.torproject.org statistics server were found to have been hacked."