« Posts under Uncategorized

World's most advanced rootkit penetrates 64-bit Windows

A notorious rootkit that for years has ravaged 32-bit versions of Windows has begun claiming 64-bit versions of the Microsoft operating system as well.

The ability of TDL, aka Alureon, to infect 64-bit versions of Windows 7 is something of a coup for its creators, because Microsoft endowed the OS with enhanced security safeguards that were intended to block such attacks. The rootkit crossed into the 64-bit realm sometime in August, according to security firm Prevx.

Read more…

Apache Software Foundation vs. Oracle

I don’t mean to bash Oracle. OK, yes I do.

Oracle appears to be dead set on pushing out any community participation in any of their open source projects (remember, they only have them because they were inherited in the acquisition of SUN Microsystems). Oracle has shown aggressive behavior by dropping OpenSolaris, pushing out members of the OpenOffice Community Council, and dropping the InnoDB engine out of the free MySQL product and raising the price on the supported product (just hope it’s not going to cost what the rest of their product solutions cost). The Apache Software Foundation is now raising Oracle’s violations as members of the JCP (Java Community Process) Executive Committee, for which the Apache Software Foundation (ASF) had been re-elected by a whopping support of 95% of the votes.

Oracle’s behavior towards the Open Source community cannot be seen as anything less that aggressive any longer.

Read more…

Android 2.2 Can't Match iOS 4 Features: 10 Reasons Why

I found this so humorous that I had to post it in full.

Android 2.2 Can’t Match iOS 4 Features: 10 Reasons Why by Don Reisinger of eWeek

1. Google isn’t so big on software

Google’s real plan with Android is to dominate the mobile advertising space. It fully realizes that the best way to achieve that goal is by doing whatever it can to capitalize on the desire for touch-screen smartphones with the help of Android. That’s precisely why Google offers its operating system for free. But due to that focus on eventual mobile advertising dominance, Google falls short compared to Apple on software design.

2. Apple understands consumers

Apple understands what consumers want and how they will use a particular product. That comes through in all the products the company sells, including its iOS platform. Google, on the other hand, doesn’t seem to understand consumers as well as it could. It’s certainly doing a better job than most companies, but it still has a long way to go to match Apple. In fact, Google’s consumer understanding seems to be more Microsoft-like than Apple-like. And that could be a problem — especially for its operating system—going forward.

3. Multitasking

Multitasking on iOS is a key reason why Apple has enjoyed such success in the mobile market as of late. For years, consumers were hoping for true multitasking. But for years, the company made no promises. But in iOS 4, multitasking is running on the iPhone. Because of that, Google has a long way to go to match anything Apple is currently offering.

4. Folders make it all OK

Apple’s iOS platform is better than Android 2.2 for several major reasons. But one of the minor things that consumers should think about is Apple’s operating system’s folder support. With little effort, consumers can quickly create folders, lump similar programs together, and more. It provides a rewarding experience. And it’s something that Google has a long way to go on in order to catch up.

5. Ease of use must come into play

In any evaluation between two operating systems, ease of use must play a role. After all, if a particular operating system is easier to use for the average consumer than another, it should get the nod. In this case, iOS 4 easily gets the nod. Apple’s operating system is simply easier to use. And it doesn’t suffer from the strange quirks that arise on Android due to vendors trying to tailor the user experience to their own products.

6. Responsiveness

One of the main issues with Android 2.2 is that the software doesn’t respond as effectively as it should to the user when compared to iOS. Does that mean there is a responsiveness issue with Android 2.2? Absolutely not. In fact, compared to other operating systems, it holds up quite well. But Apple’s platform is different. It’s just that iOS simply provides more responsiveness when users interact with it. It could be extremely difficult for Google to catch up anytime soon.

7. Too many variations

Because Android is an open platform, vendors that get their hands on the operating system can change it however they see fit. That openness creates an environment across the Android ecosystem that loses uniformity and provides variations of the Android operating system on different phones. The result is sometimes spotty performance that must be taken into account when evaluating differences between iOS and Android.

8. Apple’s App Store

Apple’s App Store is integral to the success of iOS 4. With hundreds of thousands of applications, Apple’s marketplace is the best place to find programs that appeal to both consumers and enterprise customers. Admittedly, Google’s Android Market has been growing at a rapid rate, but it has a long way to go to match Apple’s store.

9. iTunes integration

Whenever users pick up an iOS-based device, they can access iTunes from the product. That’s extremely important. It provides them with an end-to-end entertainment experience that isn’t so readily available on Android. After all, iTunes is the world’s top music store. If only Apple’s products have access to it, few could say Google’s offering can best Apple’s.

10. The tablet issue

Google has said that Android 2.2 is not designed for tablets. Apple doesn’t have that issue with iOS 4. Currently, iOS 3 is running on the iPad. But this month, Apple plans to offer iOS 4 integration with its tablet. When that happens, the company will prove that its operating system is the best choice for just about anyone trying to go mobile. Then the onus will be on Google to respond.

Oracle wants LibreOffice members to leave OOo council

Just when I thought I was going to leave Oracle alone for a while.

A group of key OpenOffice.org (OOo) contributors and community members recently decided to fork the project and establish The Document Foundation (TDF) in order to drive forward community-driven development of the open source office suite. Oracle has responded to the move by asking several members of TDF to step down from their positions as representatives on the OOo community council.

It becoming increasingly clear that Oracle’s support of the open-source community is starting dwindle. Well, I’m sure that the open-source community feels the same way about Oracle.

Microsoft sues Motorola, citing Android patent infringement

Microsoft has announced a lawsuit against Motorola, alleging that several of the mobile company’s Android devices infringe on nine of its patents. The software giant is suing in US District Court in Washington, and is also bringing a complaint before the International Trade Commission (ITC). The patents are all related to key smartphone experiences that include syncing e-mails, calendars, and contacts, scheduling meetings, and notifying applications about changes in signal strength and battery power. Microsoft specifically names two Motorola devices, the Droid 2 and the Charm, but says these are just examples and not a comprehensive list.

Alright, this is starting to get old. This is following Oracle’s suit over patent infringement of Java and Apple’s suit against HTC. People, Google is not doing anything that these other money hungry giants have not done themselves. Oracle couldn’t develop anything on their own so they bought out Sun which I guess is legal patent infringement. I won’t mention how they “unbreakably” (better copyright that) robbed from Redhat for many years. Sun developed what eventually evolved into what we know today as the iPad. Oracle you might want to watch your back for Apple. Oh yeah, Apple is suing some poor start up for using the word “pod”. We don’t want to go into the long debate over who stole from who in the Microsoft vs. Apple fight. Everyone should remember that a lot of what we have today is because of free development in the open source community.

Maybe I’ll start filing a law suit on every company that sells something that I thought of years ago but was just too lazy to get a patent for it.

If you want to read what Horacio Gutierrez, Microsoft Corporate Vice President and Deputy General Counsel, had to say.

Oracle Debuts Unbreakable Enterprise Kernel for Oracle Linux

Oracle has announced the availability of the Unbreakable Enterprise Kernel for Oracle Linux, a fast, modern, reliable kernel that is optimized for Oracle software and hardware. “Today’s hardware innovations are fast and frequent, making it very important that the Linux distributions evolve quickly to leverage the latest hardware,” said Wim Coekaerts, senior vice president of Linux and Virtualization Engineering at Oracle.

Don’t let the hype fool you. What Oracle has done is not new or innovative. What they have done is actually learned to compile their own kernel. Oracle actually bad mouthed Redhat for being behind and slowing them up in the Linux development. Yet Oracle didn’t mind using Redhat’s entire code base and charging you for support. The “new” kernel version that Oracle is promoting has been in use by Ubuntu for over a year.

Thank you Oracle for your contributions to the Linux community!

Google's WiFi snooping woes are far from over

After admitting that they inadvertently captured private data with their Street View cars, Connecticut Attorney General Richard Blumenthal on Monday became the latest law enforcement official to order Google to give a detailed accounting of the information its Street View cars surreptitiously sniffed from unsecured Wi-Fi networks over a three-year period.

Read more…

VPN Split Tunneling

I recently saw this subject on another blog and thought I would post about it as well since it seems to be something that I often seem to talk about in my environment. VPN split tunneling allows a user to VPN into the corporate network and pass data over the encrypted tunnel but, at the same time, still allowing the user to access local resources and/or directly access the Internet. The alternative is to disable split tunneling and send all traffic through the VPN.

This issue comes up fairly often as a case of usability versus security. Usability is the actual direction the author of the so-called security blog took. He stated that he was not convinced that disabling split tunneling buys you the security that you think it does. The author goes on to make the same arguments that others tend to make like the inability to access local resources such as printers and file servers or shares. Others, including the blog author, tend to argue for and against more relevant security issues such as: malware propagation, enforced web filtering and monitoring, etc. Others even tend to take the stance that there are only “perceived” benefits to disabling split tunneling and it is no longer needed.

I agree that usability is significantly impacted by disabling split tunneling and I’m not going to go into the other issues that are often raised because they are dependent of your environment and the specifics of the configuration of the VPN. The issue that is often overlooked is command and control of the remote host. By disabling split tunneling, you are effectively disabling the ability of an attacker to remotely control your host system and “ride” the VPN tunnel back into the corporate environment by cutting off the external link to the Internet. A counter argument to this has been to use GPOs to prevent bridging of the interface but this is something that you cannot always enforce on users remotely access the VPN with personal computers at home.

Regardless of what others say about “perceived” benefits of disabling split tunneling, there are significant security benefits of disabling split tunneling that should be weighed against the threats to your environment relative to other mitigating factors.

Man infects himself with computer virus

This seems to be catching a lot of hype and I’m not sure why. The man implanted himself with a computer chip, then infected it. Once infected, he was able to show that it could propagate to another computer. I realize the ramifications of this and the potential issues it poses but how much of our tax dollars went to this research. Being a geek, I think this is cool but this is obviously an easy theory to prove in my opinion. Anyway, if you want to read the rest of the story, the story can be found here.

The Answer to Life, the Universe, and everything!

Robbie Williamson has just announced the new release date for Ubuntu 10.10 Maverick Meerkat will be October 10, 2010. To those that don’t know, 10.10.10 in binary is 42. Robbie even used the phrase “Don’t Panic” to stay with the theme in his post.

A Case for Modifying the Ubuntu Release Schedule

So Long, and Thanks for All the Fish