OpenSUSE Linux Rants

Now here's a pretty cool implementation of Linux:

Kontron is readying an Intel Atom Z530-based box computer designed for rugged railway applications. The MicroSpace MPCX28R Railway Box PC is protected for railway use with EN50155 certification, TX compliance, extended temperature support, 1.5kV isolated power, and M12 connectors for Fast Ethernet, USB, and power, says the company. The Linux-compatible MicroSpace MPCX28R is suitable for passenger infotainment, security, and other railway applications, says Kontron. Built around the original 1.6GHz Intel Atom Z530 CPU and SCH US15W northbridge/southbridge, the MicroSpace MPCX28R supports up to 1GB of DDR2 RAM, the company says.

Rugged railroad computer runs Linux

Steven Rosenberg gives Ubuntu the boot and makes a move to Fedora 12. The result? He got his Intel 830m video card to work. Nice!

At the recommendation of reader David Gurvich, as well as the enthusiastic endorsement of "Linux Outlaws" co-host Fabian A. Scherschel and Larry "the Free Software Guy" Cafiero, I burned my first Fedora disc in some time and am testing Fedora 12 in the live environment.

My latest foray into distro-hopping — live CD/DVDs only at this point — is prompted by this week's total fail in turning off kernel mode setting and getting the screen to work in Ubuntu Lucid Alpha 3. That method (turning off kernel mode setting) worked like so much magic in Ubuntu Lucid Alpha 2 and Sidux 2009-04 (basically Debian Sid in late 2009).

But that hack did nothing for me in Ubuntu Lucid Alpha 3. Yes, dear readers, I know you hate to hear me whine and complain and would rather I file a bug report. I will do so, using my ever-loving Launchpad account, rest assured.

But in the interim I'm looking for any and every solution that will carry my now-two working Intel 830m-equipped laptops through the next year.

I'm crossing my fingers (but have nothing concrete at present) that Debian Squeeze will accommodate Intel 830m, and I'm hopeful that Ubuntu Lucid will work this out (although a regression between alpha releases doesn't bode well).

I've also established that PC-BSD 8.0 (and by extension FreeBSD 8.0) has no problem whatsoever with Intel 830m video.

And today I burned a Fedora 12 live image and am running it right now.

Read "You know what's working on my laptop with Intel 830m video? Fedora 12, that's what"

RSA security technology is not as secure as we thought. What?!

Check it:

“Three University of Michigan computer scientists say they have found a way to exploit a weakness in RSA security technology used to protect everything from media players to smartphones and e-commerce servers.

RSA authentication is susceptible, they say, to changes in the voltage supplied to a private key holder. The researchers – Andrea Pellegrini, Valeria Bertacco and Todd Austin — outline their findings in a paper titled ‘Fault-based attack of RSA authentication’ to be presented March 10 at the Design, Automation and Test in Europe conference.

‘The RSA algorithm gives security under the assumption that as long as the private key is private, you can’t break in unless you guess it. We’ve shown that that’s not true,’ said Valeria Bertacco, an associate professor in the Department of Electrical Engineering and Computer Science, in a statement.”

Read “Researchers find way to zap RSA security scheme”

Being a musician and a Linux user myself, this one certainly caught my attention! I use Muse along with my Roland Fantom X-8 to write and play music on Linux. Some of these tools look slick.

Excerpt:

A loop in music is a section of the music that repeats itself continuously until receiving a signal to either stop or move on to the next section. A loop can be assigned to a single instrument or to a group of instruments. Compositionally, loops are used for a variety of purposes. For example, they may function as formal bass patterns over which a composition is built, or they may suppy a long but consistently repeating series of chords used to define the harmony for independently composed bass and melody lines. For many computer-based music-makers the loop's most popular implementation is the drum loop, a rhythmic pattern of one or more measures of percussion sounds that can be repeated unchanged for simple lines or mixed & matched with other loops for more life-like variation.

Read the rest of "Getting Loopy: Performance Loopers For Linux Musicians"

Linux boots in less than 1 second? Yes, it does.

Excerpt:

MontaVista Software has always been a leader in embedded-Linux commercialization. The company has developed Linux-development platforms since 1999, when founder Jim Ready pledged to bring ‘100% pure Linux’ to the world under the GNU (GNU’s not Unix) GPL (general public license). Since then, MontaVista has specialized in embedded and real-time Linux.

Its approach is not simply an RTOS (real-time operating system) that runs Linux as one of its tasks. The company has changed the Linux kernel to provide determinism and real-time performance in a real Linux operating system. Cavium Networks recently acquired the company, which just announced the release of Version 6 of its operating system.

In addition to designing real-time Linux, MontaVista has been working on the development of real-fast Linux, a Linux operating system that boots in less than 1 second. The team who worked on the project includes Alexander Kaliadin, Nikita Youshchenko, and Cedric Hombourger. Many on the team also worked on the MontaVista real-time Linux. ‘One of the first things we did years ago was to make the Linux scheduler pre-emptive and deterministic,’ says Hombourger. These fast-boot developments are not necessarily limited to real-time or an embedded Linux; however, they can get a conventional Linux distribution to boot in 1 second, as well.

Read all of “Innovators get Linux to boot in 1 second”

Linux has a number of incredible security tools. Joe Brockmeier introduces nmap, one of the better security tools out there.

Excerpt:

"Ever wondered how attackers know what ports are open on a system? Or how to find out what services a computer is running without just asking the site admin? You can do all this and more with a handy little tool called Nmap. What is Nmap? Short for "network mapper," nmap is a veritable toolshed of functionality to perform network scans. It can be used for security scans, simply to identify what services a host is running, to "fingerprint" the operating system and applications on a host, the type of firewall a host is using, or to do a quick inventory of a local network. It is, in short, a very good tool to know."

Read the article here

Carlie: What is it that you do for Linux Journal?

Shawn: That's a scary question for your boss to ask... :)

Carlie: I meant "Tell our readers what you do for Linux Journal". :p more>>

An anonymous reader writes "The Obama administration on Tuesday declassified part of the Comprehensive National Cybersecurity Initiative created during the Bush administration, outlining offensive and defensive strategies for protecting information networks. The initiative was originally intended to unify efforts of a number of government agencies into a comprehensive strategy to protect the nation's computer networks. 'One area in which the government did officially disclose new details was Einstein 3, a program to protect civilian government systems from intrusion by deploying sensors on the networks of private telecommunications companies. For the first time, the government disclosed officially that the program would use technology developed by the NSA, the nation's largest intelligence agency. It also said that the Department of Homeland Security, which would run the program, would share malicious code data with the NSA but not the content of communications, such as e-mails.'"

This one is from the Bush administration. Probably means he's dumping it for one of his own.

Read more of this story at Slashdot.

CWmike writes "A hedge fund that is already one of Novell's largest shareholders offered on Tuesday to acquire the struggling, cash-rich enterprise software maker for $2 billion. The unsolicited offer, from New York-based Elliot Associates L.P., is for $5.75 per share in cash, a dollar per share more than Novell's closing price Tuesday of $4.75. The offer caused Novell's stock to leap 29% to $6.15 in after-hours trading. Because Novell is so cash-rich — it had $991 million in cash and equivalents at the end of January (PDF) — Elliott says the deal values Novell as an enterprise alone at about $1 billion."

Well, now keep in mind that they are in bed with Satan. :)

Read more of this story

Vigile writes "The solid state disk market keeps getting more crowded, but the Western Digital SiliconEdge Blue SSD marks the first offering from a player that currently dominates the market of traditional spindle-based hard drives. It was a year ago this month that WD purchased SiliconSystems for $65m, a small, enterprise-level SSD vendor that developed its own storage controller. Western Digital obviously made the move to prepare the company for the inevitable situation it finds itself in today: solid state has surpassed traditional media in performance and will likely soon become the mainstream storage choice for computers. PC Perspective has put the first consumer-level SSD option from one of the kings of HDDs through the wringer and found the drive to be a solid first offering, with performance on par with the some of the better solutions in the market while not quite fast enough to take away the top seatings from Intel and others. Western Digital has seen the writing on the wall; the only question is when the other players in the hard drive market will as well." Hot Hardware ran their own series of tests, coming to a similar conclusion: "There is no question the SiliconEdge Blue doesn't light up the benchmarks like some of the more recent SSDs we've tested, but it's a solid product from a well-respected brand name storage company."

Read more of this story at Slashdot.

Linux has a tendency to lessen the following problem. Have you ever seen a zombie Linux box? Let alone 12 Million of them.

northernboy and many other readers sent news of the beheading of the Mariposa botnet with three arrests in Spain. "Defense Intelligence of Ottawa working with ISPs and Spanish authorities have taken down yet another > 12M PC botnet, called Mariposa. The three top-level operators are in custody, but remain anonymous under Spanish law (how quaint: apparently in Spain, the accused have some right to privacy). AP is claiming that the botnet included systems in roughly half of the Fortune 1000 companies, scattered over 190 countries. Interesting details: none of the three principals has a prior criminal record. Although apparently hardworking, they are not uber-hackers, but rather had connections to the Spanish mafia, which apparently helped to equip them. At the time of arrest, they were not showing signs of their significant new income level. From the article: 'Chris Davis, CEO of Ottawa-based Defence Intelligence, said he noticed the infections when they appeared on networks of some of his firm's clients, including pharmaceutical companies and banks. It wasn't until several months later that he realized the infections were part of something much bigger. After seeing that some of the servers used to control computers in the botnet were located in Spain, Davis and researchers from the Georgia Tech Information Security Center joined with software firm Panda Security, which is headquartered in Bilbao, Spain. The investigators caught a few lucky breaks. For one, the suspects used Internet services that wound up cooperating with investigators. That isn't always the case.'"

Read more of this story at Slashdot.

snydeq writes "Deep End's Paul Venezia provides an update on the City of San Francisco's trial against IT admin Terry Childs, which — at eight weeks and counting — hasn't even seen the defense begin to present its case. The main spotlight thus far has been on the testimony of San Francisco Mayor Gavin Newsom. 'Many articles about this case have pounced on the fact that after Childs gave the passwords to the mayor, they couldn't immediately be used. Most of these pieces chalk this up to some kind of secondary infraction on Childs's part,' Venezia writes. 'Just because you give someone a password doesn't mean that person knows how to use it. Childs's security measures would have included access lists that blocked attempted logins from non-specified IP addresses or subnets. In short, it was nothing out of the ordinary if you know anything about network security.' But while the lack of technical expertise in the case is troubling, encouraging is the fact that the San Francisco Chronicle's 'breathless piece reporting on the mayor's testimony' drew comments 10-to-1 in Childs's favor, which may indicate that 'public opinion of this case has tilted in favor of the defense,' Venezia writes. Of course, 'if [the trial] drags into summer, Childs will have the dubious honor of being held in jail for two full years.' This for a man who 'ultimately protected the [City's] network until the bitter end.'"

Read more of this story

*FACEPALM* - 20 years and still not figuring it out:

Ian Lamont writes "Microsoft has issued a security advisory warning users not to press the F1 key in Windows XP, owing to an unpatched bug in VBScript discovered by Polish researcher Maurycy Prodeus. The security advisory says that the vulnerability relates to the way VBScript interacts with Windows Help files when using Internet Explorer, and could be triggered by a user pressing the F1 key after visiting a malicious Web site using a specially crafted dialog box."

Read more of this story at Slashdot.

Sure, IDC's Worldwide Quarterly Server Tracker shows Windows beating Linux handily. But that's not the whole story.

read more

At my place of employment, we are making some great progress at switching our end users to Linux. So far, we have made great progress. Everything has been successful up to this point. It is quite greatly satisfying for me to be able to save my employer money, while at the same time exposing people to the very capable operating system that is Linux. So far, so good!

We are also working towards tighter security and becoming more standards-compliant. This is incredibly exciting for me, as I am a security sucker. Don’t know everything there is to know, but really love the topic. My brother is a retired Colonel from the US Army. His specialty? Computer security, hacking, and all that sort of stuff. He currently has contracts with the Pentagon for security-related projects, etc. He helps a lot when I have questions. I’m actually pretty interested in the CISSP certification. But this exercise in PCI compliance is a shot in the arm for me. I love it.

If you have any recommendations for applications/appliances that are PCI-certified, let me know. I’m aware of OpenVPN, fail2ban, Nessus, OpenVAS, Snort, BASE, Squil, OSSEC, Kismet, PHPIDS, and mod_security, for example. What are some others that you have found useful?