Showing headlines posted by tadelste

Internet servers (such as Web, email, and ftp servers) have been the target for different kinds of attacks aiming to disable them from providing services to their respective users. One particular exploit, which has become almost ubiquitous in the last several years, is the buffer overflow exploit. While the exploit requires particularly arcane and detailed knowledge of both assembly language and, in some cases, operating system interface details, once someone has coded an exploit and published it, anyone can use it. The results of these exploits provide interactive command shells on UNIX and Linux systems and the ability to upload and execute arbitrary programs on Windows systems.

SEARCH ENGINE outfit Google's new extension for “safe browsing for Firefox” might protect you from spoofing, but is a security risk, according to a security expert.

Nitesh Dhanjani said that Google claims that its Firefox extension protects you from phishing or spoofing. It works by using a blacklist containing pages that have been identified as suspicious and/or misleading based on automated detection or user reports. It also examines pages' content and structure in order to catch potentially misleading pages.

For seasoned IT citizens (i.e., senior managers and executives) it must be quite a show. Many can sit back and say, "Yup, I remember my AT&T Unix teen years. They were wild and exciting, but we sure are glad we got through them alive."

Others are trying to hack their way through the forest of FUD, seemingly perpetual tweaking, and business realities of shepherding the "Linux Kid" to maturity.

Immediate Availability Across Product Lines Enables CA Customers to Reap Benefits of New Platform Features

Know how to use TeX or LaTeX? Looking for professional-grade music publication software?

Wish you could relive the glory days playing the original Doom but with all the flair of a modern graphics engine? Well, thanks to the folks over at Flaming Sheep Software, you can!

Something that has become really noticeable is the prominence of Asterisk (the open source PBX) in the telecoms media and at telephony shows. It is not just the high profile presence of Asterisk and Digium (the primary developer and sponsor of Asterisk) at events like VoIP Developer and IT Expo, but it is the growing number of other companies who have products based on Asterisk that is truly staggering.

Dell and the U.S. Consumer Product Safety Commission today announced a voluntary recall of approximately 22,000 Dell notebook computer batteries. The reason for the recall is that the batteries could overheat, which could pose a fire risk.

Andrew Morton [interview] released the 2.6.15-rc5-mm3 kernel noting that he'll be "non-functional" from today December 16'th through January 2'nd. Due to his absence he suggests, "when reporting any bugs please be extra careful to Cc the appropriate developer and mailing list."

2.6.15-rc5-mm3 is the first 2.6-mm kernel to require gcc-3.2.x or later for all architectures [story], a change that may eventually be merged into Linus' 2.6 stable Linux tree. Andrew went on to list half a dozen bugs that still aren't resolved from rc5-mm1 noting, "we need to get these things fixed up before maintainers merge into 2.6.16, please. I'll be checking!"

Five library associations voiced their support for the use of OpenDocument (ODF) in Massachusetts this week, sending a letter to William Galvin, the Commonwealth's Secretary of State. In it, the groups say the open source format is the best choice, as everyone has access to its specifications.

Secretary Galvin has publicly derided the plan, saying he has "grave concerns" about switching to OpenDocument from Microsoft Office. He also had been rumored to be pushing the various state agencies to decline to participate.

The Economist has a story about a trapeze artist who, in her spare time, is the Chief Lizard Wrangler at a non-profit," writes Sara Chan on slashdot. She goes on, "You perhaps know her as Mitchell Baker, leader of Firefox. From the article:

"Ms Baker gradually found herself the leader of this project. Perhaps this is because she is a somewhat unusual member of the Netscape diaspora. For a start, she is a woman in a community populated, as one (male) colleague puts it, by geeky males with 'spare time and no social life'. Ms Baker herself has never even written code. She studied Chinese at Berkeley, and then became a lawyer - her role at the old Netscape was in software licensing. On all technical matters, she defers to Brendan Eich, her chief geek."

John-Thor Dahlburg writes: The guilty plea from Kidan was the second in a month involving a former business associate of Abramoff, the once powerful Washington dealmaker who stands in the middle of a burgeoning federal ethics probe that has engulfed Congress.

LXer.com brought this story to the attention of the public in a series of articles due to the fact that Jack Abramoff functioned as a lobbyist for Preston Gates & Ellis - a firm representing Microsoft and the BSA.

For background into our investigation, please read the following articles:

Microsoft Getting Closer to the Fire

Following Bill Gates' Linux Attack Money


LA Times Full Story

Google Inc. has launched Google Blogger Web Comments for Mozilla's Firefox browser, an extension that displays blogs about the current page view without leaving the page, reports Micro Persuasion blog.

When people look around for reasons to say that Linux is just too hard, they will invariably arrive at software installations. The classic refrains include the difficulty of building from source, the problems with dependencies, and so on. Although there is some truth hidden in there somewhere, building from source is rarely necessary for mainstream packages because precompiled applications exist for most major distributions. Again, on the issue of package dependencies, most distributions use software installation tools that take care of the whole dependency issue for you, such as SUSE’s YaST, Debian’s apt-GUI, Synaptic, or Mandriva’s urpmi to name just a few.

This week, advisories were released for courier, osh, curl, ethereal, phpMyAdmin, Openswan, Xmail, Ethereal, perl, openvpn, thunderbird, xmovie, mplayer, and ffmpeg. The distributors include Debian, Gentoo, Mandriva.

Putting on its fedora hat, Red Hat recently released the first version of its free, open-source Directory Server.

A new study on the major players in the Unix server market has declared IBM the clear customer favorite and brought to light some serious issues with Sun Microsystems' product line. Most alarmingly for Sun, the company appears to have lost its cachet as the dominant Unix player and done so while alienating customers. Sun finished last in almost every one of the Gabriel Consulting Group (GCG) survey's categories, spanning technology performance, customer satisfaction and software tools

Proprietary software vendors sow fear, uncertainty and doubt (FUD) about free and open source software licenses because those licenses are new and different. More notably, open source software licenses threaten their business modes—and they want their customers to believe that those licenses will somehow "infect" their organizations. The truth is that open source software licenses will almost always be more beneficial for consumers than proprietary licenses. Furthermore, open source licenses rarely (if ever) impose more terms on software users that are any more onerous than those imposed by proprietary licenses.

This article is about software licenses, which spell out the rules by which you must play to use the software. Agreeing to an End User License Agreement (EULA) by opening a shrink-wrap package, clicking "OK" for an installer or downloading software from a website means you agree to abide by the terms the software owner sets. If you have questions about the terms of those agreements, you can contact your attorney for definitive answers.

IBM IS BUILDING a Novell and Red Hat Linux channel in the big emerging markets of China, India, Brazil and Russia with plans to roll out in the rest of Europe next year

Meeting of minds?