08.07.09

Microsoft Windows Zombies Also Knocked Facebook and Gawker Offline, More “Critical” Microsoft Flaws Discovered

Posted in Microsoft, Security, Windows at 9:41 am by Dr. Roy Schestowitz

Summary: More victims of Windows botnets abound; Microsoft discloses 5 new remotely-exploitable vulnerabilities

LAST NIGHT we wrote about Twitter's injury from Windows zombies. Twitter was not alone however; now that the Web is saturated with Windows botnets, anyone with an axe to grind can take Web sites of choice offline. A decade or so ago even Yahoo! was a victim, so our own suffering is very minor in comparison (but increasingly common). According to the BBC, Facebook is another new victim.

Denial-of-service (DOS) attacks take various forms but often involve a company’s servers being flooded with data in an effort to disable them.

The Register reports that Gawker too is a victim.

New York-based media news and gossip blog network Gawker is recovering from a debilitating denial of service attack.

SJVN wrote a good essay on how Twitter was killed by Windows botnets.

DDoS attacks are hard to beat. While some Twitter fans are claiming that this is the biggest DDoS attack ever, I’m inclined to doubt it. Twitter, even though its performance has gotten much better, has often teetered on the edge of collapse due to the enormous load its users put on its social network infrastructure. No, the DDoS attack on Google earlier this year was probably still the worst attack on record.

How is this happening? Well, let me tell you. Today’s DDoS attacks are made by Windows-powered botnets. They’re not terribly sophisticated about these attacks. The last major one, which may or may not have come from North Korea, was driven by MyDoom, Windows malware from 2004.

[...]

Russians already successfully attacked Estonia’s Internet infrastructure in 2007. With Windows botnets growing by leaps and bounds, it’s easier than ever for governments or even just a handful of people to knock out major Web sites like Twitter.

I’ve said it before, I’ll say it again. Thanks to Windows’ security weaknesses, botnets are now commonplace and we can only expect to see more DDoS attacks in the future.

One person believes that he knows who was behind the attack (and its motives), being the botmaster or the leader of several.

As Twitter struggled to return to normal Wednesday evening, a trickle of details suggested that the outage that left 30 million users unable to use the micro-blogging service for several hours – at least in part – may have been the result of a spam campaign that targeted a single user who vocally supports the Republic of Georgia.

Windows has become an expensive and dangerous political tool. Based on this new report from Heise, change is nowhere near.

Microsoft to patch nine security vulnerabilities on Patch Tuesday

Five of the security updates reportedly patch critical vulnerabilities that could lead to remote code execution in Windows and a variety of other software.

Here is a couple more that are new.

“It is no exaggeration to say that the national security is also implicated by the efforts of hackers to break into computing networks. Computers, including many running Windows operating systems, are used throughout the United States Department of Defense and by the armed forces of the United States in Afghanistan and elsewhere.”

Jim Allchin, Microsoft

Links 07/08/2009: KDE 4.3 and Linux Mint 7 (KDE) Reviews

Posted in News Roundup at 9:09 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • As open source surges, Microsoft admits Linux threat

    The filing adds Linux distro vendors Canonical, the sponsor of Ubuntu, and Red Hat (Red Hat Enterprise Linux), to the list of competitors for Microsoft’s Client division. Previously, Red Hat was listed only as a competitor for its Microsoft Business and Server & Tools divisions, writes Bishop.

  • Wear Your Love for Linux on Your Sleeve

    Ferguson goes on to say that to avoid copyright restrictions, he and the designers are only able to consider concepts and original slogans, not images or artwork. Once all the collaboration is over and design decisions are made, free t-shirts will be given to anyone who contributed a chosen design.

  • Digitalizing My Personal Finances on Linux

    So I looked at GNUcash, which I remember playing with back in my early induction into the Linux community. GNUcash is much more complex then HomeBank and would be an excellent alternative to proprietary paid financial managers.

  • Desktop

    • From Mac to Linux: A Musician Convert

      Now Peter Kirn has captured Cascone’s conversion story on createdigitalmusic.com. Interesting about the article is not only the facts of Cascone’s conversion, but the comments accompanying it that contain numerous tips and information on sound processing under Linux.

  • Applications

    • Top 24 Linux Apps

      Though Linux comes in many different flavors, there are a common string of favorite apps that seem to unite all users.

      These apps are high-quality, versatile, professional, reliable, and often available in many different packages (deb, rpm, etc). If you’re new to the Linux game, or simply want a list of programs that have been re-verified as excellent by many hundreds of users, this article is for you. To download and install the apps, just go to your built-in package manager.

    • A look at the server GUI argument

      People who do use a GUI should do so knowing the risks of exploitations and security and try to keep a system updated and use the GUI only when needed.

      If you aren’t actively sitting at the machine, stop the x server until you need to use it again. This will go a long way to improving overall resourcefulness and productivity.

      It doesn’t need to be a fight. Use the system how it works best for you. Just make sure you know all the facts going in to be the best prepared as possible.

  • Desktop Environments

    • Free Desktop Communities come together at the Gran Canaria Desktop Summit

      This year’s Gran Canaria Desktop Summit represented the first time the GNOME and KDE communities have co-located their annual conferences in the same location. 852 free software advocates from 46 countries gathered together last month to discuss and enhance the free desktop experience at the first ever Gran Canaria Desktop Summit.

    • KDE 4.3 “Caizen” Review

      That probably covers the main features in the release especially the ones I’ve liked. Overall its is stable and the KDE developers themselves have said – “KDE 4.3 offers a more stable and complete product for the home and small office.” I think this was the release we were all waiting for in terms of stability and features as well.

  • Distributions

    • Tiny Core: The Little Distro That Could

      The way we use computers is changing, but Linux isn’t standing still. Tiny Core is a minimal Linux distribution that boots a complete live system for every day use. Its foundation and unique approach to the desktop helps it achieve certain goals like preventing system rot and ensuring your system is fresh every time it boots.

      [...]

      Although Tiny Core is a relatively new distro, it has a great deal of history behind it already. It is developing at a rapid pace and implementing new features along the way. It really can change the way you think about running Linux over a more traditional method. It’s an exciting project and really worth playing with. It’s lots of fun and it does deliver on its promises. Try it out and see how fast, stable, clean and fun a Linux system can be!

    • Slackware 13.0 RC2 Brings Updated X Server and Video Drivers

      A few hours ago Slackware’s creator, Patrick Volkerding, announced that the second release candidate of the upcoming Slackware 13.0 Linux distribution was available for download. This update brings numerous new base packages, like the Linux kernel version 2.6.29.6, X.Org Server 1.6.3 and the K Desktop Environment 4.2.4. However, there are no official ISO builds for this release, but those interested in testing Slackware 13.0 RC2 can get it by using the link at the end of the article.

    • Linux Mint 7 (KDE)

      Suitable For: Beginner, intermediate or advanced Linux users. Highly recommended for beginners.
      Summary: A terrific alternative to the Gnome version of Linux Mint 7 for KDE users.
      Rating: 4/5

    • Red Hat

      • Whole Foods Recognized for Innovative Deployment of Linux Solutions

        Whole Foods Market was named a finalist in open-source solution provider Red Hat’s Third Annual Innovation Awards, which recognize the outstanding use, innovation and extension of Red Hat and JBoss solutions by Red Hat customers, partners and the open-source community.

  • Devices/Embedded

    • Real-time technology gains user conference

      Denx announced the first Xenomai User Meeting, which will co-locate with OSADL’s Eleventh Real Time Linux Workshop (RTLWS11) in Dresden, Germany, on Sep. 28-30. The Xenomai meeting will showcase this major real-time Linux extension alternative to PREEMPT RT — and maybe help make peace between the warring camps.

    • Phones

      • T-Mobile Android phone ships, garners endorsement

        The MyTouch 3G (pictured at right) is the first Android phone to ship out of the box with the new and much improved Android 1.5 “cupcake” release of the Linux/Java mobile platform. T-Mobile has also added its own additional apps and UI elements on top of Android, although the additions are not nearly as extensive as those offered in the Sense UI made available on HTC’s upcoming Hero phone.

      • Android to get Opera Mobile

        Opera Mini is available for Android now, and the Android browser itself is pretty darn good. Opera Mobile is a nice browser, and it works with the Opera servers to make mobile browsing lightning fast.

    • Sub-notebooks

      • Netscape redux: Google’s Chrome browser now an OS

        At its core, Google’s new desktop, netbook, smartphone OS is built around Google’s just introduced Chrome browser and will debut by the second half of 2010.

        It will initially be targeted at the low-cost netbook market, although it will eventually migrate to the PC segment, an area long dominated by Microsoft, which is planning to roll out the latest version of its Windows OS later this year.

      • Interview: Clutter maintainer Emmanuele Bassi

        We already experimented with WebKit in the past, but moved to Gecko because of the better integration with most of the sites out there; Aaron is using Clutter inside “Cubano”, a media player based on the Banshee framework and mostly targeted at platforms like netbooks.

        The GNOME Shell project, which is considered one of the major new features of the future GNOME 3.0 release, is using Clutter for the UI and as part of the window manager, just like the Moblin netbook user experience is. GNOME Shell alone would expose something between hundreds of thousands and millions of users to Clutter.

Free Software/Open Source

  • Fourth Annual Open Source CMS Award Launched

    The 2009 Open Source CMS Award was launched today, inviting people to visit www.PacktPub.com and submit nominations for their favorite Open Source Content Management Systems. Now in its fourth year, the Award has helped to support a variety of Content Management Systems gain recognition in a crowded and high quality marketplace.

  • Another step forward for open source video

    An amazing Open Video Conference in New York earlier this year brought together video creators, technology hackers, entrepreneurs, and others to address the crossroads of open source/open content/open society and the facts of digital media technologies, file formats, standards, and the legal/regulatory climate. At the same time, the amazing Mozilla project demonstrated their support for the <video> tag. Companies like SpectSoft are creating amazing, high-spec VTRs and DDRs (running Linux, natch), and now Blackmagic Design announces Linux SDKs for several video interface products. Finally, video is becoming a technology that sits where mainstream hackers can play!

  • Firefox Director Talks Firefox 3.6, Tasks, and Competing with Chrome

    We were eager to know what’s happening with Firefox. Mike Beltzner, the open-source browser’s director, was glad to tell us. Here’s what he had to say about future features, competition with Chrome, and keeping all of Firefox contributors in sync.

  • Thoughts about Dual-licensing Open Source software

    Note that releasing your code as BSD for a project that has or may have GPL code doesn’t protect your code from being dual-licensed in an unfavorable way. The only way to ensure full freedom for others is to only donate your code under a contributor agreement with a clause as suggested below or to a project that has agreeable guidelines for how they license their code!

    To assure our users, contributors, and customers of how we at Monty Program Ab intend to re-license the code we produce or the code people donate to us, I have added the following note to our contributor agreement:

    “Monty Program Ab agrees that when it dual licenses code, it will not restrict the way the third party licensee uses the licensed copy of the code nor restrict how they use their own code.”

Leftovers

  • Websense sharpens the axe as sales fall

    The move is a response to a slowdown in security spending during the recession. PC World reports that Websense plans to lay off 70 people from its worldwide workforce of 1,400.

  • Literature

    • Rupert Murdoch vs. Rupert Murdoch On Free vs. Paid News Websites

      Either way, given those statements, perhaps it’s no surprise at all that Murdoch is now planning to put paywalls across all his online news properties in the relatively near future. Apparently the plan will be based on the WSJ model, meaning that some stories were be available for free, but there will be severe limits. Given how many old school newspaper guys have talked about putting up a paywall, this isn’t much of a surprise (though, it is still odd given his comments from two years ago).

    • Internet Archive orders Google to delay culture grab

      In October, Google settled a lawsuit from the US Authors Guild and the Association of American Publishers over its Book Search project, which that seeks to digitize the works inside the world’s libraries. Still awaiting court approval after an October hearing, it would – among other things – give the company a unique license to scan and sell and post ads against orphan works, titles whose rights holders can’t be found.

    • Smithsonian Commons and Sustainable Content Usage Policies

      Congratulations to the Smithsonian for thinking about the future lives of their content in such a sustainable fashion. We’re very excited to see the future developments that the Smithsonian Commons brings to free culture on an institutional scale.

  • Imaginary Property Issues

    • Should You Really Need a License to Run a Video Arcade?

      In light of these concerns, I fail to see why Amherst or any other city should be in the business of licensing video arcades. And even if they are doing so for tax purposes, they shouldn’t be using that power to censor arcade games or shutting down businesses that offer such games.

    • What A Job: Making Sure No Brands Appear In A Movie

      What a stupendous waste of time, money and resources. But it shows what a ridiculous society we’ve created, where intellectual property law means that you can’t have a McDonald’s appear anywhere in the background in a movie. I’m sure that’s exactly what our founding fathers were concerned about when they put in place the constitutional clause about “promoting the progress.”

    • A Band That Knows Where the Money Comes From

      Chester French isn’t your typical rock band. Singer D.A. Wallach and multi-instrumentalist Max Drummey met as freshmen at Harvard, where lanky, longhaired Drummey majored in social anthropology and twee, preppy Wallach graduated as the top student in the school’s African-American Studies program. In the video for their best-known song, “She Loves Everybody,” a pretty girl punches the stuffing out of the two helpless weaklings, leaving them bloody-nosed among their broken guitars and drums.

      [....]

      Instead of giving interviews to reporters or dropping by radio stations, Wallach spends most of his time online, going through an average 100 to 200 e-mail messages a day. “We respond to every single e-mail we get,” he said. “I do an hour in the morning and an hour at night.

Digital Tipping Point: Clip of the Day

Luis Casas Luengo, Director of Extremadura’s Fundecyt foundation 20 (2004)

Digital Tipping Point is a Free software-like project where the raw videos are code. You can assist by participating.

IRC: #boycottnovell @ FreeNode: August 6th, 2009

Posted in IRC Logs at 3:03 am by Dr. Roy Schestowitz

GNOME Gedit

Read the log

Enter the IRC channel now

To use your own IRC client, join channel #boycottnovell in FreeNode.

« Previous Page « Previous Page Next entries »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts