Why You'll Buy a Netbook On Black Friday Datamation: "Last year I told you the "10 Black Friday Secrets Retailers Don't Want You To Know." All these secrets still apply (and the retailers still don't want you to know them). What's different this year is that Black Friday will be dominated by netbook deals." (Nov 15, 2008)
Linux Today Features
KDE 4.2 is Flat Out Going to Rock moving parts of the kasper clan: "I've been running OpenSUSE 11 for a couple of months now, and thanks to the awesome nightly/weekly KDE 4.2/trunk packages, I'm thoroughly enjoying pretty-darned-bleeding-edge 4.2/trunk packages, but with half the carbs, and I am loving what I'm seeing!" (Nov 12, 2008)
Data encryption and Ubuntu, Part I (Nov 21, 2008, 19:03 UTC) (704 reads)
(0 talkbacks)
(feedback) IT Wire: "I am a strong believer that in certain circumstances you should have mechanism available to you to protect your own data and be avle to share that data only with people and organisations that you trust. I want to outline several ways of keeping your data private."
IETF: Should We Ignore the Kaminsky Bug? (Nov 21, 2008, 17:33 UTC) (629 reads)
(0 talkbacks)
(feedback) Network World: "The Internet engineering community is grappling with what to do about a serious flaw in the DNS discovered this summer, and the ongoing debate brings to mind a famous quotation from Voltaire: "The perfect is the enemy of the good.""
Building an OpenBSD Gateway - Part 1 (Nov 21, 2008, 01:03 UTC) (942 reads)
(0 talkbacks)
(feedback) Raiden's Realm: "If you're happy with the level of functionality you receive from your current router, then you can stop reading now if you like. However, if you want to crank up your gateway's functionality and security by astronomic proportions, then this tutorial is for you."
Window Kit: Investigating Windows Systems With Linux (Nov 20, 2008, 18:03 UTC) (1385 reads)
(0 talkbacks)
(feedback) Linux Magazine: "Criminals, intruders, and corporate saboteurs leave data behind on the hard disks of any computers they visit. Many of these computers are Windows systems, but you don’t need Windows to extract valuable forensic information from a Windows hard disk. In this article, I will describe some simple techniques for getting forensic data from a Windows disk using Linux."
Hardening The Linux Kernel With Grsecurity (Debian) (Nov 20, 2008, 10:03 UTC) (1043 reads)
(1 talkbacks)
(feedback) HowtoForge: "Security is based on three characteristics: prevention, protection and detection. Grsecurity is a patch for Linux kernel that allows you to increase each of these points."
Answers Trickle Out as Spammer Networks Remain Compromised (Nov 19, 2008, 19:16 UTC) (1308 reads)
(0 talkbacks)
(feedback) Washington Post: "At about 4:30 p.m. Eastern time last Tuesday, the volume of junk e-mail arriving at inboxes around the world suddenly plummeted by about 65 percent...But when McColo was taken offline by its Internet providers, so too were all of the botnet control servers located there, security experts said."
Unplugging The World's Biggest Spam Host-- Temporarily
(Nov 19, 2008, 18:16 UTC) (1405 reads)
(1 talkbacks)
(feedback) A number of stories have been published in the past few days about McColo getting shut down. Reportedly, worldwide spam volumes dropped significantly. McColo then got back online briefly, but was again disconnected due to public pressure.
cRAZY mAD wITH spam (Nov 16, 2008, 04:01 UTC) (1805 reads)
(1 talkbacks)
(feedback) BeginLinux: "I am involved in a very personal war .. a war on Spam not because I must, everybody else lives with it, but just because it makes me mad! Spam has made me so mad I have gone on a personal goal to cut the Spam on my servers to 0%...realistic, probably not. Die trying...yep that's me."
Enhance PC Security with Open Source Apps (Nov 14, 2008, 07:33 UTC) (1427 reads)
(0 talkbacks)
(feedback) Intranet Journal: "For Windows users, this has often felt like a fact of life.
Even while there are some great freeware options for PC security like AVG anti-virus or Zone Alarm firewall, wouldn't it be great if there were some open source options as well? As luck would have it, there are. In this article, I will highlight open source applications that will not only save you some money, but potentially put you back into the driver's seat with regard to your PC's security."
Bruce Schneier: Securing Your PC and Your Privacy (Nov 13, 2008, 04:34 UTC) (1897 reads)
(0 talkbacks)
(feedback) Datamation: "He might be called the international rock star of computer security. Having testified before Congress and given well-regarded speeches the world over, when Bruce Schneier talks about security, experts listen."
Worst-ever Software Security Blooper? (Nov 12, 2008, 20:04 UTC) (1647 reads)
(1 talkbacks)
(feedback) LinuxDevices: "T-Mobile has issued an over-the-air fix for a laughable Android security bug that caused anything typed into its G1 phone to be interpreted by a root shell process."
WPA Vulnerability Discovered (Nov 11, 2008, 21:19 UTC) (1252 reads)
(0 talkbacks)
(feedback) Wi-Fi Planet: "Our own security expert, Lisa Phifer, who has been following the news, called the flaw "more of a pinhole, than a crack.""
Problems with Penetration Testing (Nov 10, 2008, 23:33 UTC) (1289 reads)
(1 talkbacks)
(feedback) Security Watch: "Penetration testing is as popular as ever, yet it continues to miss the mark. As a means of validating the security of an application system, it fails miserably on several counts."
50 Must-Have Open Source Tools for Security (Nov 10, 2008, 21:33 UTC) (2511 reads)
(1 talkbacks)
(feedback) Datamation: "The area of open source security software is growing rapidly, with a cornucopia of apps for every use: anti-spam, firewalls, forensics, encryption, log monitoring, passwords – the list is growing even as you read this."
Researchers Hijack Storm Worm to Track Profits (Nov 10, 2008, 16:33 UTC) (1067 reads)
(0 talkbacks)
(feedback) Washington Post: "A single response from 12 million e-mails is all it takes for spammers to turn annual profits of millions of dollars promoting knockoff pharmaceuticals, according to an unprecedented new study on the economics of spam."
Android: Not So Open After All? (Nov 9, 2008, 02:02 UTC) (3633 reads)
(10 talkbacks)
(feedback) InformationWeek: "Google caught wind of it, and pulled a move eerily similar to what Apple has done in the past with the iPhone. Google issued an over-the-air firmware update that buttoned Android back up."
Script To Blind Test Local Ports On Linux And Unix (Nov 8, 2008, 03:02 UTC) (1661 reads)
(0 talkbacks)
(feedback) The Linux and Unix Menagerie: "Today, we're going to take a look at simply and quickly getting as much dirty information about open ports on your own localhost as possible (By localhost, we mean, the server you're currently logged into and by dirty, we mean "not necessarily useful, but, probably, interesting and, maybe, useful" ;)"
DRM Firmware Adopted by Mobile Linux Stack (Nov 7, 2008, 17:05 UTC) (1069 reads)
(0 talkbacks)
(feedback) LinuxDevices: "A Tokyo-based vendor of embedded security technology says its DRM product will be ported to Access's Linux stack for mobile devices. Discretix says its Content Protection for Recordable Media Client offers software-based protection for music, video, and other premium content on SD cards and mobile handsets."
Once Thought Safe, WPA Wi-Fi Encryption is Cracked (Nov 6, 2008, 20:52 UTC) (1834 reads)
(0 talkbacks)
(feedback) IT World: "Security researchers say they've developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard used to protect data on many wireless networks."
Video: Mastering IPTables, Final Installment (Nov 5, 2008, 17:34 UTC) (1217 reads)
(0 talkbacks)
(feedback) Linux Journal: "Hello and welcome to the third and final installment of the IPTables
tutorial. Now that you have all the tools necessary to create basic
firewall scripts, I am going to give a better overview of the entire
IPTables system and how it works."
ICANN Almost Cracks Down on Spammy Domain Registrar (Nov 1, 2008, 04:32 UTC) (1778 reads)
(2 talkbacks)
(feedback) LinuxInsider: "An Estonian domain name registrar received a late stay of execution from the international body that regulates the domain name system. The Internet Corporation for Assigned Names and Numbers was threatening to pull EstDomains' registrar status because EstDomains' president was convicted of fraud."
Graphical Remote Control Desktops for Linux (Oct 31, 2008, 10:01 UTC) (2443 reads)
(2 talkbacks)
(feedback) LinuxPlanet: "A. Lizard takes us on a tour of secure remote graphical Linux administration over the Internet; through firewalls, routers, dynamic home IP addresses, Wake-on-LAN, and other perils. We will learn how to securely administer both Linux and Windows remotely. The journey begins with today's part 1 of three parts."
Solving Privacy Issues in Ubuntu 8.10 Intrepid Ibex (Oct 30, 2008, 19:36 UTC) (1996 reads)
(3 talkbacks)
(feedback) Begin Linux: "One of the new features in Ubuntu 8.10 is the ability to create an encrypted directory for content you do not want others to access. Oh, by the way, did you know that anyone can read your files that are in your home directory? Here is an example of sue logged in and able to open files in mike's home directory. However, note that they are opened read-only so they cannot be changed. Still, who is looking at your stuff?"
More Results from Realeyes (Oct 30, 2008, 18:06 UTC) (861 reads)
(0 talkbacks)
(feedback) Realeyes Technology: "For the past few weeks, I have been learning a lot about the site where the Realeyes pilot project is being run. After seeing several reports of incidents from Europe and Asia, it occurred to me that I could create a rule to monitor non-US IP addresses."
Ultimate Security Proxy With Tor (Oct 28, 2008, 01:32 UTC) (1907 reads)
(0 talkbacks)
(feedback) HowtoForge: "Nowadays, within the growing web 2.0 environment you may want to have some anonymity, and use other IP addresses than your own IP. Or, for some special purposes - a few IPs or more, frequently changed. So no one will be able to track you. A solution exists, and it is called Tor Project, or simply tor."
Virtual Linux Desktops, Real Security (Oct 27, 2008, 19:03 UTC) (2123 reads)
(0 talkbacks)
(feedback) ZDNet: "Deep inside a nameless government department — you will probably guess its identity, but nobody can say it officially — a Linux desktop revolution has taken hold. For this particular organisation, however, the big deal is not the fact that Linux is involved, but the way in which it is being used."
Security Flaw Is Revealed in T-Mobile’s Google Phone (Oct 27, 2008, 18:03 UTC) (1852 reads)
(1 talkbacks)
(feedback) New York Times: "Just days after the T-Mobile G1 smartphone went on the market, a group of security researchers have found what they call a serious flaw in the Android software from Google that runs it."
SmoothWall Simplifies Open Source Security (Oct 24, 2008, 16:33 UTC) (1433 reads)
(0 talkbacks)
(feedback) Enterprise Networking Planet: "Open source security software can be very effective at keeping the bad guys off your network, but it can also be hard to configure and time consuming to keep patched and up to date."
Perspectives Extension Improves HTTPS Security (Oct 21, 2008, 18:02 UTC) (1137 reads)
(1 talkbacks)
(feedback) Linux.com: "Ah, cryptographic security: a boon to those who understand the algorithms, but all too often a lost cause to those who don't. The secure HTTPS protocol for Web surfing is widely accepted, but has one fatal flaw: users ignore certificate error warnings. A Firefox extension called Perspectives aims to close that security hole."
Mac, Linux, BSD Open For Attack: Kaspersky (Oct 20, 2008, 19:02 UTC) (3285 reads)
(15 talkbacks)
(feedback) Computerworld: "The co-founder of IT security company Kaspersky Labs said Linux and Mac users will be "easy targets" for hackers and malware writers over the next few years."
Video: Mastering Iptables, part 2
(Oct 19, 2008, 14:02 UTC) (2365 reads)
(0 talkbacks)
(feedback) Linux Journal: "Last week we covered setting up default targets for the 3 main chains,
those being input, output, and forward of course, as well as poking
holes through the filewall to allow specific services in."
MITM Attacks - Do They Really Happen? (Oct 18, 2008, 20:03 UTC) (3056 reads)
(1 talkbacks)
(feedback) Join The Revolution!: "Apparently MITM attacks are in the wild and they use illegitimate, self-signed certificates for their attacks...The connection of this unlucky reporter was hitchhiked as he was using a wireless internet access point."
Anonymous Proxy Servers: Necessary or evil? (Oct 18, 2008, 12:02 UTC) (3716 reads)
(5 talkbacks)
(feedback) LinuxWorld: ""As a security person my natural first instinct is to ask why someone needs to be anonymous if they are doing something legitimate," he said."
TCP Sockstress Brings Forth New OS Exploit Worries (Oct 16, 2008, 16:04 UTC) (2460 reads)
(13 talkbacks)
(feedback) ServerWatch: "Operating system makers may be forced to do some serious modifications to their TCP/IP stacks, thanks to the TCP sockstress vulnerability which has been hitting the news over the last few weeks."
Flash Cookies: The Silent Privacy Killer (Oct 15, 2008, 22:03 UTC) (2771 reads)
(3 talkbacks)
(feedback) I'm a Super.com: "What if there was a type of cookie that could:
Stay on your computer for an unlimited amount of time
Store 100 kb of data by default, with an unlimited max
Couldn't be deleted by your browser"
Authorities Shut Down Spam Ring (Oct 15, 2008, 14:47 UTC) (1557 reads)
(2 talkbacks)
(feedback) New York Times: "The Federal Trade Commission won a preliminary legal victory against what it called one of the largest spam gangs on the Internet, persuading a federal court in Chicago on Tuesday to freeze the group’s assets and order the spam network to shut down."
Let PAM Take Care of GNU/Linux Security for You (Oct 15, 2008, 00:03 UTC) (1700 reads)
(0 talkbacks)
(feedback) Linux.com: "When they hear the word PAM, most people think of a certain blonde Canadian Playmate, but readers of this Web site surely will recognize the basic element of Linux security: the Pluggable Authentication Modules. So let's talk about how this PAM works, and look at some examples of how it is used."
Linux Powered Mini-Machines for Macs (Oct 13, 2008, 18:07 UTC) (1863 reads)
(0 talkbacks)
(feedback) IT Wire: "Mac users might less vulnerable to Internet security threats than those who take the Windows route to computing nirvana, but 'less' is not the same as 'not at all' and that's why the world's first miniature hardware Internet security devices for the Mac have been announced today with a little help from Linux."
