-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Linux is as secure as ever
,----[ Quote ]
| Here's what really happened. UnrealIRCd, a
| rather obscure open-source IRC (Internet Relay
| Chat) server, wasn't so much hacked as the
| program it was letting people download has
| been replaced by one with a built-in security
| hole. Or, as they explained on their site,
`----
http://www.itworld.com/security/110942/linux-secure-ever
Gnu/Linux Infection Is Unreal
,----[ Quote ]
| Windows world is still the same, nothing has
| changed from security point of view other than
| more bloated systems. The entire security
| industry thrive on Windows platform -- if
| there is no Windows there is no security
| industry. Security firms hate Gnu/Linux, they
| love Windows, they want Windows â to survive.
|
| There is no lesson to be learned from Windows
| peers, if you know the nature of this flaw, it
| is quite different from the flaws of poros
| Windows Machines.
|
| So what happened here? Some cracker wrote a
| virus and send it to you through an email and
| you installed it by clicking on it? No,
| nothing as dramatic as it happens in Windows
| world. It was actually so boring you may not
| even want to read it.
`----
http://www.muktware.com/blog/14/2010/179
Trojaned App Demonstrates Need for Better Practices, Not More FUD
,----[ Quote ]
| The Unreal team handled it pretty well, in my
| opinion. They embraced the suck and made a
| clear announcement free of blame or denial--an
| announcement that also pointed out how to
| confirm the trojaned version and how to
| replace the trojaned version with the clean
| version. This is not, I should emphasize, the
| worst exploit ever: "This backdoor allows a
| person to execute any command with the
| privileges of the user running the ircd. The
| backdoor can be executed regardless of any
| user restrictions (so even if you have
| passworded server or hub that doesn't allow
| any users in)."
`----
http://www.itworld.com/open-source/110930/trojaned-app-demonstrates-need-better-practices-not-more-fud?source=smlynch
Rootkits: Hiding in Windows shadows
,----[ Quote ]
| While rootkit problems still exist in Unix and
| Linux, they're far more common in Windows.
| That's in part because the Unix operating
| family has many built in system monitoring and
| logging tools. In other words, while Unix and
| Linux can be attacked this way, it's a lot
| harder to pull off without leaving tracks.
`----
http://www.itworld.com/security/110860/rootkits-hiding-windows-shadows
Recent:
DoD: Open-source software more secure
,----[ Quote ]
| Daniel Risacher, Associate Director of
| Enterprise Services and Integration at the
| DoD's Office of the Chief Information Officer,
| helped write a memo requiring all DoD agencies
| to evaluate open-source software on an equal
| basis with proprietary software. The reason is
| simple, according to Risacher: Software that
| goes through a process of peer review tends to
| be more reliable and secure than software that
| has not had the same level of scrutiny.
`----
http://www.fiercegovernmentit.com/story/dod-open-source-software-more-secure/2009-11-09
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkwYaQ8ACgkQU4xAY3RXLo4gygCfU+IsJ6g8O2+OKOh/T7YuBSY4
y7IAn3AJDZnEZc6VVl9e+q9/+B3ITKRO
=whD6
-----END PGP SIGNATURE-----
|
|
