Friday, January 29, 2010

Apple, Oranges And Linux

   Steve Jobs just presented Apple's newest toy to the masses.  The iPad is suppose to be a game changer in mobile computing and a lot of tech writers are still giving mixed reviews.  Apple also decided to stick with AT&T as sole carrier.  They are also selling the iPad in the price range of the iPhone.  Apple once again demonstrates its power in innovation.

   what does Apple has that Linux lacks?  The most basic seems to that Apple absolutely knows their hardware.  Linux has to learn to master the art of computer hardware.  Mastery of hardware comes control.  Apple is able to push the envelope with the least negative impact because it is master of the hardware.

Wednesday, January 27, 2010

Lucid's Default Search Engine Is

Yahoo.

   Canonical and Yahoo made a deal to make Yahoo the default search engine in Firefox when Lucid Lynx comes out.  Canonical gets revenues from the deal to support operations.  It is finally a relief to see the company that supported Ubuntu all these years earn from it.

   A company in the black means continuity.  Canonical is still a private commercial company that intends to put Linux in the desktop and commercial deals helps it move towards that goal.

Monday, January 25, 2010

Restless With Apt-Get


I typed alt-f2 to open the gui terminal. I want to download Win-FFmpeg, a video format converter. I was wondering about an alternative to Transmission bittorrent client too. This is an addiction for me. Once I finished with setting up the desktop, I download secondary applications. These are applications that I can do without or applications that do the same thing as already installed software.

My fingers get the itch to fire up apt-get or synaptic, well, because it is very easy. No googeling involved. If the software is in the repository everything is ready for your desktop. Of course in some cases people will point to a new release of firefox an an exception to these cases.

Mozilla just released Firefox 3.6. It's not yet listed in the official repository nor is it available as a deb file or even a bin file. Mozilla just can't bother with us folks in the Linux community. If Ubuntu users want to install the newest firefox they'll have to modify their software sources file and add mozilla's ppa. Even this method doesn't give you the firefox logo nor it's name.

Google beat Mozilla here because Ubuntu and Fedora users can download the latest releases of Google Chrome browser through the distro repository. That simple. Why not make Google Chrome browser the default browser? From where I am sitting Linux is receiving more support from Google Chrome browser than Mozilla's Firefox.

Friday, January 22, 2010

A Questionable Security Update

Microsoft wants to release a patch for the zero-day exploit in Internet Explorer.  I have a problem with solving a zero-day exploit with a patch or a security update.  Certainly, a security bug, which is a flaw in the code, can be patched.  A zero-day exploit is using an applications' standard functionality against the system.

Patches have to tested first and this takes time.  Zero-day exploits precisely use that window of opportunity to do its thing.  Patches are not going to work.   

Thursday, January 21, 2010

Another Microsoft Headache

After the German and French government advised their citizens not to use Internet Explorer, Google security researchers found a security bug in Windows that can potentially enable attackers to gain power to execute code at system level.  That is bad news. 

This is an exploit with no patch and affects Microsoft products from Windows NT up to Windows 7.  The exploit opens a command prompt with super user privileges. 
[windows,bug,security]
[end]

Tuesday, January 19, 2010

Safety Is Not Using IE Anymore

Yesterday the government of Germany warned its citizens not to use Internet Explorer because the browser is the focus of zero-day attacks and no solution is offered to defend against it by security experts.  Today the government of France issued the same advisory to its citizens. 

[tags internet explorer,browser]

Last month, popular technology blogs espoused the use of clean machines to secure banking.  At least one security blog advise the use of Linux instead of Windows operating system when conducting banking transactions.  These is in the wake of phishing attacks and trojans to get login information. 

Some however are cautioning that merely switching browsers will not solve the problems of phishing and malware.  They likened this to driving the herd to a corral.

[end]

Wednesday, January 13, 2010

The Yearning Masses

    Ubuntu Linux is the port of call for most Windows immigrants. 

    Beside being the most popular linux distribution, it has the liveliest forum for newcomers to Linux.  This which come first, chicken or egg thing, basically feeds on each other.  I received a lot of help from what I feel are just forum visitors.  I can't explain what motivates most people to help other people but I would venture to say that most encounters are accidental.

   I confess that my personal motive in following particular threads results in me answering a few questions here and there.  I have an Ubuntu forum feed (rss) and I like to think of each item as a pop up quiz.  It refreshes what I know about Ubuntu and Linux and computing in general. 

Tuesday, January 12, 2010

Apparmor: Against Zero Day Attacks


I have my feed on Ubuntu Forum yesterday. I'm in the security discussion threads and I happen to come across the sticky for apparmor by the ubuntuguru. I like what I'm reading and the article is enjoining ubuntu users to take advantage of apparmor.

Apparmor is an alternative to Selinux. What it does is use application profiles to confine applications to only do what those profiles allow. It can run in complain mode or enforce mode. In complain mode, it basically learns to abide by the profile. The profile itself can be modified when running in complain mode. The user can allow or deny a particular behavior and incorporate that into the new profile. In the enforce mode, applications may proceed as before or be restricted to do a function according to the set profile. What apparmor does is prevent rogue applications from getting increased priveleges and thereby wreak havoc to the system.

Apparmor protects against zero-day attacks. Zero-day attacks are dangerous because the malware is as yet unknown and unclassified. We don't know what they are going to do. There is simply no patch for it. The vulnerability might be known but not fixed yet. Or it is unknown entirely. If an attacker uses an unknown malware to take over an application, that application is prevented by its apparmor profile from doing something worse to the system.

It is a very nice security discussion.

Sunday, January 3, 2010

Prediction 273

    2009 has established open source software and Linux as alternatives to MS Windows.  This will continue this year.  I think this year is the year of the multi-boot computer.  I predict that kids who are just learning how to use the computer are going to grow up operating system agnostics.  They just wont care and just use the computer to accomplish their goal.  Cool.