It’s quite a dilemma when a software product is billed as more secure than another…. several days back when Mozilla Firefox released v. 1.5.0.4 which fixed a number of security issues, I saw someone comment “I thought firefox was supposed to be secure.” I think there’s a misunderstanding when it comes to software. I think the misunderstanding is that one piece of software can be secure and another not. Out of the box. Let’s take a stab at clarifying…. Security is not a product, it’s not a feature, it’s a way of doing things. Along those lines….
Tag: Linux
-
Google Picasa for Linux
One of the big stories out today… Google has released an “early beta” version of Picasa for linux. I first saw the news from the ZDNet Googling Google blog. There are deb, rpm and bin downloads available. The Official Google blog gives a few more details, for instance… this “magic” is made possible by a “carefully tested version of wine”. Also, they solicit feedback in the Google Labs Picasa for Linux group. I think this is very good news for linux users.
-
Open Source Java and Linux distros redistributing java
For years, the call has been to open source Java…. it appears that day is, well… coming. Not at hand yet, but for startersJava can now be bundled with Linux distributions…. and is looking for advice on how to get from where they are to open source Java. So it sounds like they’re enlisting advice from developers on this and the day will at least be coming that Java will be open source.
-
RealVNC 4.1.2 update to patch security vulnerability
A few hours back, I updated My first post on the RealVNC 4.1.1 vulnerability and just saw another story that did not specify WHICH variation of VNC was at risk. TightVNC and UltraVNC seem to be immune according to the discoverer of the flaw. And as far as I’ve seen, there hasn’t been any contradiction of that.
-
Detecting Rootkits on a Linux machine
Rootkits are a piece (or pieces) of software that someone can be used once a system is compromised to a) regain access to a system and b) remove traces of a compromise and c) many times hide itself. There are some tools for linux based systems that can be run to detect traces of rootkits and probably the best known is a tool called chkrootkit. I’ve know of it for what seems like years now and it can run a relatively quick test for traces of a wide range of KNOWN linux rootkits.
-
Sandbox your browser on a linux system
While I was reading about browser sandboxing coming up in Vista and musing about how easy or difficult it would be to sandbox OTHER 3rd party applications, I found a comment on a ZDNet post that I think I’ll just copy directly (of course, giving credit to the poster…) Of course, with the user seperation under linux, individual users have NO access to other users folders by default. ONLY the administrator can access individual user folders. So, you obviously don’t want to run a web browser as the administrator (root), but you could setup another user account to run your web browser under if you’re particularly concerned about isolating it from NOT just the system files, but YOUR files as well.
-
Sky falls – bugs exist in the Linux kernel….
There have been several articles in the last few days breathlessly heralding the news The linux kernel is too buggy… Andrew Morton, the lead maintainer has said in the last week that the 2.6 kernel has gotten a bit out of hand with too many new features and too few fixed bugs. Of course, he’s probably right…. Linux founder Linus Torvalds agrees that a “bugfix only” cycle of kernel development would be a good idea.
-
F-Secure patches security vulnerabilities
I’ve seen several reports on F-Secure’s security bulletin about a code execution vulnerability. The announcement on the f-secure blog mentions that it affects several versions of their products on Windows and Linux.
-
Microsoft was aware of the WMF vulnerability “for years”
Bugtraq has an interesting post which picks up on a note in Stephen Toulouse’s latest entry on the WMF vulnerability. When I first read the post I was more interested in the way he was responding to allegations of the flaw being an intentional backdoor, but the above bugtraq post points out and makes points on an implication that I missed….. (emphasis is mine…)
“The potential danger of this type of metafile record was
recognized and some applications (Internet Explorer, notably)
will not process any metafile record of type META_ESCAPE,
the overall type of the SetAbortProc record.” -
Juice – formerly ipodder podcast client for Linux (Windows and Mac too…)
I’ve been playing around a bit with podcast clients the last couple of days. I’ve been finding online news feeds for the onlineradiotv.com site and for many of those I have bash scripts to handle downloading or streaming the audio available from shortwave broadcasters. I did run across a few podcasts too though and thought it might be time to take another look at linux podcasting clients…