June 14, 2010
by sjvn01
0 comments

Rootkits: Hiding in Windows shadows

Most malware are like leeches on your computer’s software. But, a rootkit can turn your computer’s very operating system against you.

If you’re a smart Windows user, you probably already know about the basics of protecting your computer from malware. That is to say, you know you need to update your computer with regular patches and to install and keep updated an anti-virus program. That still isn’t enough since Windows is inherently unsafe but it’s reasonably secure. Isn’t it? Well no, you see there’s one kind of malware, rootkits that turns your operating system into a zombie and turns off any patches or updates that might threaten it.

Rootkits didn’t start with Windows. As the name indicates, they actually date back to Unix. There, the top-level operating system administrator has the user name of ‘root.’ As root, or super-user, the administrator has far more power over its computer than any ordinary user. As the saying goes in Unix and Linux circles, “To err is human, to really foul up requires the root password.”
While rootkit problems still exist in Unix and Linux, they’re far more common in Windows. That’s in part because the Unix operating family has many built in system monitoring and logging tools. In other words, while Unix and Linux can be attacked this way, it’s a lot harder to pull off without leaving tracks.

Windows, especially desktop Windows, like XP and 7, are far easier to infect with a rootkit. And, once infected, your system no longer really belongs to you. It belongs to your attacker.
That’s because a rootkit isn’t about cracking your security and breaking into your PC. No, rootkits are placed in your computer after it’s already been compromised in some other way. Once there, unless you go looking for them, you may never find them. And, even if you look for them they can be hard to see.

More >

June 14, 2010
by sjvn01
1 Comment

Linux is as secure as ever

There have been several stories proclaiming that a recent Linux infection proves Windows malware monopoly is over and that Think Linux is free from malware? Think again; it’s been hacked. Much as it pains me to disagree with the good people, they’re wrong.

Here’s what really happened. UnrealIRCd, a rather obscure open-source IRC (Internet Relay Chat) server, wasn’t so much hacked as the program it was letting people download has been replaced by one with a built-in security hole. Or, as they explained on their site,

“This is very embarrassing…

You think!?

More >

June 14, 2010
by sjvn01
0 comments

SCO & Novell: Game, set and match

Last week, the U.S. District Court for the District of Utah finally granted Novell’s request for declaratory judgment and ruled against SCO‘s last frantic attempts to keep any of its claims going. Or, to quote Pamela Jones, editor of Groklaw and top expert on SCO’s endless anti-Linux lawsuits: "The door has slammed shut on the SCO litigation machine."

It only took seven years to put an end to a case that never had any basis in reality in the first place. In its last-gasp attempt, SCO demanded a new trial on the basis that the "jury simply got it wrong" when it ruled in late March that SCO has no rights whatsoever to Unix’s IP (intellectual property). But, as Judge Ted Stewart wrote in his memorandum (PDF) denying SCO’s demand for a new trial, "The jury could have rejected the testimony of SCO’s witnesses for a number of reasons, including their lack of involvement in drafting the APA (Asset Purchase Agreement), the fact that there was little testimony on any actual discussions concerning the transfer of copyrights, or that many of the witnesses had a financial interest in the litigation." Therefore, "The Clerk of the Court is directed to close this case forthwith."

Of course, SCO could still appeal even this result, but there’s no longer any real point in SCO fighting on. The facts of the case are now established in the court’s decisions. There’s nothing of substance left to fight over.

What does all this mean? SCO itself, once a proud Unix and Linux vendor, will soon finish its slide into bankruptcy and never be seen again. The few customers left of its flagship operating systems, OpenServer and UnixWare, should stop waiting for a miracle to happen and move on to another operating system. SCO’s headlong charge into destruction has left little way in the support for their customers anyway. Besides, now that the court has ruled that SCO has no IP rights in Unix, I don’t see anything of any value left in either operating system.

Novell, which has been flirting with the idea of finding a buyer, is looking more valuable than ever after this last court result. While the company hasn’t done particularly well, its uncontested ownership of Unix combined with Novell’s new partnership with VMware makes it much more attractive to would-be buyers.

For all that some free software fans can’t stand Novell because of its Microsoft partnerships, when push came to shove, it was Novell that took on the hard, dull work of defending Linux against SCO.

Novell has won game, set and match against SCO. Their future looks bright. SCO? It has no future. Good riddance.

A version of this story first appeared in ComputerWorld.

June 10, 2010
by sjvn01
4 Comments

Linux-powered iPad-like tablets can’t come quickly enough

Apple has long had a history of being arrogant. But, more often than not, they’ve been able to back it up by the quality of their products. Now, though, with Apple locking out Adobe Flash and Google Ads, not to mention their cute trick of setting up an HTML 5 demo site that only works with Apple’s own Safari Web browser. I think Apple has over-stepped their welcome. It’s time for Linux-powered smartphones, tablets, and devices to give users top-notch options to Apple’s offerings.

Linux, largely thanks to Google Android, has already made a lot of progress that way in smartphones. Indeed, even hard-core iPhone users are now thinking about switching to Android phones. There’s also a wave of Linux-powered tablets and would-be iPad rivals on their way. But, they’re not here yet.

And, while I think that these new Linux devices will do well, I also think they need to be more than just tablets that are cheaper and more open than iPads. They need, as Jim Zemlin, the head of the Linux Foundation, wrote in BusinessWeek, “It’s important that open-source products add more value for users than simply being free. Open-source software also needs to be fabulous.”

Exactly.

More >

June 9, 2010
by sjvn01
0 comments

Socking it to the guilty: Billion dollar fine for LimeWire, $75-million for BP’s oil spill

f the RIAA (Recording Industry Association of America) gets its way, the file-sharing company LimeWire will get blasted out of existence with a billion dollar fine. Meanwhile, British Petroleum, with its oil spill, that’s on its way to the ecology disaster level of a Chernobyl, is liable for up to $75-million under the Oil Pollution Act of 1990. What’s wrong with this picture?

That’s a best case estimate. The RIAA actually thinks LimeWire owes them $1.5 trillion.. They came up with that number on a fine of $750 dollars per copyright infringement multiplied by 200 million estimated occurrences of copyright infringement. Aren’t you sorry now that you didn’t just buy Barnes & Barnes’ Fish Heads from the iTunes Store for 99 cents?

Of course, BP may yet end up getting sued to death as well, but I think we can all agree that BP’s ‘mis-steps’ were just a wee bit bigger than LimeWire’s enabling users to share music files. So, why is LimeWire the one getting knocked about?

The court system is a train-wreck. But, anyone who follows the madness that is the U.S. patent system in the courts already knows that. All we can do is shake our heads in disgust.

LimeWire’s executives are hoping for some kind of deal that will let them survive. I can’t see that happening. The RIAA has asked for a permanent injunction on LimeWire’s services. Let’s face it, the RIAA has LimeWire where it wants them: On the way to bankruptcy court.

More >

June 8, 2010
by sjvn01
0 comments

Ten years of IBM mainframe Linux

How things have changed. Back in March 1991 (PDF), Stewart Alsop, venture capitalist and one-time editor-in-chief of InfoWorld, said, “I predict that the last mainframe will be unplugged on March 15, 1996.” In 2010, while IBM doesn’t break out its profits by individual server line, IBM’s systems and technology group, reported 1st quarter revenue of $3.4 billion. While IBM’s System z, aka mainframes, revenue fell 17%, a billion bucks or so of business still isn’t anything to sneeze at.

So what happened to give the mainframe a new lease on life? In a word: Linux.

Back in February 1999, IBM announced it would work with Red Hat to support Linux. By May 2000, Linux moved from being an experiment on mainframes to being a fully supported option. And in 2001, IBM announced it was spending a billion bucks that year on Linux. It wasn’t that big an expense; as Bill Zeitler, IBM’s senior vice president and group executive for eServer at the time, explained, “We’ve recouped most of it in the first year in sales of software and systems.”

Today, IBM and Linux go together like peanut butter and jelly — or, if you’re prefer a tech business analogy, Microsoft and Windows. IBM does it because Linux brings in billions for the companies not only on mainframes but across its server line and its consulting businesses.

Dan Frye, IBM vice president of the Linux Technology Center, said, “Back in 2000, Linux was mostly found at the edge of the IT infrastructure and we were careful to advise clients to utilize it appropriately. Today we advise our clients to use Linux confidently in the most demanding enterprise environments. Linux continues to be the world’s fastest growing operating system worldwide and is used across the entire IT infrastructure including in application and data serving, business critical workloads and as the foundation for emerging delivery models such as cloud computing.”

Looking ahead IBM sees Linux being used everywhere. Frye told me, “There are many growth opportunities as we continue to see Linux advance in areas aligned to client needs. In the short term, this includes virtualization, server consolidation and cloud computing. This also includes data intensive work loads such as high performance computing. Linux will also mature in the mid-market where it can reduce complexity and cost.”

And, while IBM has done very well by Linux on the mainframe and its other servers, Frye isn’t ruling out the desktop. Frye said, “We’re seeing tremendous interest in Linux on the desktop. A recent global survey showed that Linux desktops were easier to implement than IT staff expected if they targeted the right groups of users, such as those who have moderate and predictable use of e-mail and office tools. Netbooks with Linux provide a low-cost computing option to small businesses and emerging markets around the globe. This customer set–even those that typically cannot afford new, expensive personal computers–can now legitimately consider netbooks running Linux instead of PCs for business use.”

Over the years, IBM has also been very good for Linux and other Linux businesses. Historically, IBM has been one of the top contributors to the Linux kernel. And Novell has the lion’s share of IBM’s mainframe Linux business.

Even as Linux is getting into consumer and mobile devices everywhere, Linux still remains strong in the enterprise’s old IT core. Or, as an IBM tagline would have it: “Legacy systems are systems that work!” When it comes to IBM, Linux and the mainframe, that’s the gospel truth.

A version of Ten years of IBM mainframe Linux first appeared in ComputeWorld.

Practical Technology

for practical people.