As part of National Cyber-security Awareness Month, Googleblog posts some important tips regarding password security.
Creating a new password is often one of the first recommendations you hear when trouble occurs. Even a great password can’t keep you from being scammed, but setting one that’s memorable for you and that’s hard for others to guess is a smart security practice since weak passwords can be easily guessed. Below are a few common problems we’ve seen in the past and suggestions for making your passwords stronger. — Choosing a smart password.
They’ve just concluded their fifth Google Summer of Code, Google’s flagship global program to introduce college and university students to open source development. Once again, the results this year have been impressive.
Read the full story for more.
New BSD magazine, available in stores or online at bsdmag.org
How new issue includes:
- Installing FreeBSD 7.1 with Enhanced Security Jails…
- Getting a GNOME Desktop on FreeBSD…
- Packaging Software for OpenBSD – part 2…
- A Jabber Data Transfer Component…
- Building a FreeBSD Wireless Router…
- CPU Scaling on FreeBSD Unix…
- LDAP Authentication on OpenBSD Boxes…
- FreeBSD and Snort Intrusion Detection System…
- Building an Embedded Video Web Server with NetBSD…
- FreeBSD Tips…
- Maintaining System Configuration Files Using Subsversion…
- Q&A about Dtrace…
In an historic move, Microsoft Monday submitted driver source code for inclusion in the Linux kernel under a GPLv2 license.
The code consists of four drivers that are part of a technology called Linux Device Driver for Virtualization. The drivers, once added to the Linux kernel, will provide the hooks for any distribution of Linux to run on Windows Server 2008 and its Hyper-V hypervisor technology. Microsoft will provide ongoing maintenance of the code.
Linux backers hailed the submission as validation of the Linux development model and the Linux GPLv2 licensing.
Microsoft said the move will foster more open source on Windows and help the vendor offer a consistent set of virtualization, management and administrative tools to support mixed virtualized infrastructure.
Kroah-Hartman said Microsoft’s submission was routine. “They abided by every single rule and letter of what we require to submit code. If I was to refuse this code it would be wrong,” he said.
Sam Ramji, who runs the Open Source Software Lab for Microsoft and is the company’s director of open source technology strategy, called the Linux kernel submission the company’s most important Linux/open source commitment ever. Read more…
Since I don’t have an iPhone, and I don’t use windows, I’m not quite sure what to make of free long distance phone calls with iCall. If you want to download it, install it, and use it, let me know how it functions. Or if you already have experience with it, give me a little feedback. Is it worth it? How is the call quality? Do they spam you? Is it really ‘free’? What restrictions does it have? Does it cut off your calls after 30 mins?
How can this be free?
iCall uses Voice Over IP (VoIP) technology which utilizes your existing Internet connection (cable, DSL, wireless, or dial-up) and your PC to plug you directly in to the regular telephone network. Stick it to the man – you already pay for your Internet connection, and the Internet is changing everything!
The hacks are troubling in that they appear to have rendered useless supposedly sophisticated Defense Department tools and procedures designed to prevent such breaches. The department and its branches spend millions of dollars each year on pricey security and antivirus software and employ legions of experts to deploy and manage the tools.
[...]
Equally troubling is the fact that the hacks appear to have originated outside the United States. Turkey is known to harbor significant elements of the al-Qaida network. It was not clear if “m0sted” has links to the terrorist group.
Idiot newspaper.
Paula Carleton, CIO of the not-for-profit Baptist Community Services, told Computerworld she is investigating how to move its 850 Windows desktops to open source following Microsoft’s decision to force it to a full commercial licence.
Every dollar we are forced to spend on software is a dollar less spent on the charitable services like homeless and crisis care that we deliver,” Carleton said, adding that it is a public benevolent organization according to the tax office. Read more…
theodp writes “On Tuesday, Microsoft was granted US Patent No. 7,536,726 (it was filed in 2005) for intentionally crippling the functionality of an operating system by ‘making selected portions and functionality of the operating system unavailable to the user or by limiting the user’s ability to add software applications or device drivers to the computer’ until an ‘agreed upon sum of money’ is paid to ‘unlock or otherwise make available the restricted functionality.’ According to Microsoft, this solves a ‘problem inherent in open architecture systems,’ i.e., ‘they are generally licensed with complete use rights and/or functionality that may be beyond the need or desire of the system purchaser.’ An additional problem with open architecture systems, Microsoft explains, is that ‘virtually anyone can write an application that can be executed on the system.’ Nice to see the USPTO rewarding Microsoft’s eight problem-solving inventors, including Linux killer (and antelope killer) Joachim Kempin, who’s been credited with getting Microsoft hauled into federal court on antitrust charges.” Sounds like the mechanism by which Microsoft sells one version of Vista to all users, and lets users upgrade to higher-tier flavors of the OS after cash changes hands.
Key concepts to take out of this:
- limiting the user’s ability to add software applications or device drivers to the computer
- Don’t you own your own computer? Aren’t you permitted to add whatever you feel like? Who has the right to revoke this right on your behalf?
- functionality that may be beyond the need or desire [of the end user]
- What I want, or what are need, are none of your business unless I ask for it.
- virtually anyone can write an application that can be executed on the system.
- Move to free software!
I was writing an assignment for a class on Information Security, when I came across this little gem. As soon as I read it I laughed and thought of all the times my Dad said that he never did anything to the computer, it just broke on its own.
Dad – you are great! And you make me laugh!
Hushmail, a Canadian company providing email security using PGP, has released to the US government unencrypted email communications. This respresents a violation of users’ trust in the company. I had an account with them, I will delete all my mail, and close that account. I will only trust my own computer for safe email sending/receiving. No longer will I trust the ‘security’ and ‘privacy’ of a third-party.
The DEA agents received three CDs which contained decrypted emails for the targets of the investigation that had been decrypted as part of a mutual legal assistance treaty between the United States and Canada.
The news will be embarrassing to the company, which has made much of its ability to ensure that emails are not read by the authorities.