January 2005

Linux Getting Harder To Crack Posted Tuesday, January 18, 2005 @ 7:10 PM by mayhem

Linux systems are getting tougher for hackers to crack, security experts have reported today," summarizing "A study conducted by the Honeynet Project has found that it takes about 3 months before a unpatched Linux machine will be owned, compared with about 72 hours in the past. According to a report on the study default installations are now more secure with less services enabled by default, added to this is newer versions of software such as OpenSSH being more secure. Interestingly Solaris 8 and 9 did not fair so well. (Source: Slashdot)

Torvalds on the Linux Security Process Posted Saturday, January 15, 2005 @ 9:59 AM by mayhem

Linus Torvalds thinks that Linux kernel security disclsoure should be completely open and he really doesn't like the vendor-security model of having a time embargo on security disclosure. 'I think kernel bugs should be fixed as soon as humanly possible, and any delay is basically just about making excuses,' Torvalds wrote. 'And that means that as many people as possible should know about the problem as early as possible, because any closed list (or even just anybody sending a message to me personally) just increases the risk of the thing getting lost and delayed for the wrong reasons.' (Source: Slashdot)

IBM Opens Their Patent Portfolio to Open Source Posted Tuesday, January 11, 2005 @ 6:55 PM by mayhem

IBM announced that over 500 of their currently held software patents will be freely available to use for those who are working on open source projects (NY Times, free registration required), with the hope that more companies will do the same. More information is available at SourceLicense. (Source: Slashdot)

SCALE 3x Plans Panel Discussion on the Future VoIP and Open Source Posted Tuesday, January 11, 2005 @ 6:48 PM by mayhem

Ilan Rabinovitch writes "The Southern California Linux Expo has announced plans to host a panel discussion on the future of open source and voice over IP technologies at SCALE 3x. SCALE 3x, the Third Annual Southern California Linux Expo is the premier grass roots Linux and Open Source conference. Panel members will include Louie Mamakos, (Chief Technology Officer - Vonage), Jeff Bonforte (SIPphone), and Darryl Strauss (President - Digital Ordnance). These leaders from the VoIP and open source communities will cover topics relevant to the future of open source Voice Over IP (VoIP) efforts. Subtopics will include the effects of government regulation on peer to peer (P2P) / open-source VoIP projects, current future VoIP standards, as well as technical and legal hurdles. SCALE 3x will be held at the Los Angeles Convention Center on February 12th and 13th, 2005. Registration for sponsorship and attendance is still open. Full conference passes are available at a discount with the promo code "newsp", additional discounts are available for students. Exhibit hall passes can be obtained at no cost with the promotional code "free". More information on speakers, sponsors, exhibitors, and the conference schedule is available online at www.socallinuxexpo.org."

Local Root Exploit in Linux 2.4 and 2.6 Posted Saturday, January 8, 2005 @ 3:55 PM by mayhem

Summary from the advisory: 'Locally exploitable flaws have been found in the Linux binary format loaders' uselib() functions that allow local users to gain root privileges.' (Source: Slashdot)

New Site For New SUSE Linux Users Posted Friday, January 7, 2005 @ 4:29 PM by mayhem

Damian writes "SUSEroot just went live, a site designed to help new SUSE Linux users get acquainted with their new operating system. There is also a large section dedicated to helping MS Windows users decide if they are ready to make the switch to Linux, information on general Linux advocacy, and my new Firefox extension, SEOpen, designed to assist in search engine optimization efforts. I welcome content submitted by Linux community members about any Linux-related topic (even other distributions), details about submissions can be found here."