HOW TO FIND OUT IF YOU HAVE BEEN ROOTED:
ls -la /lib64/libkeyutils.so.1.9
rpm -qf /lib64/libkeyutils.so.1.9
ls -la /lib/libkeyutils.so.1.9
rpm -qf /lib/libkeyutils.so.1.9
If you find the file and RPM shows “is not owned by any package” you have been rooted.
Currently known affected OSes: RHEL-based servers
Currently known effected control panels: cPanel, DirectAdmin, and Plesk
we do not know if controls panels are the reason or not.
Servers with ksplice have been exploited
This has been a long standing procedure. If you are online and what to have an online identity certificate that identifies you you have been required to go to various third parties(Verisign, GoDaddy just to name two) and pay them to issue you a digital certificate that other folks then accept as being genuinely unique to you. The problem is…now you have placed the security and authenticity of your online identity in the hands of a third party. What happens when, not if, that third party gets hacked? Your online identity has been compromised and now these digital certificates aren’t worth much now are they? This philosophy is very counter-intuitive due to the fact in banking we tell clients…you must be careful to not allow your identity to be stolen and we rail against allowing third parties access to your information. yes for online security we are doing just that? One of the basics is to NOT trust third parties with your information. We spent enormous amounts of time and money trying to prevent this very thing as much as possible. Why are we then spending the same amount of time and money doing just to opposite to verify we are who we say we are when we are talking about the Internet? If you just look at these two side by side..one is best practices and one is backwards. If we are going to tell folks self protection and generation is the way to go why do the opposite online? The RSA company was compromised and now two factor authentication tokens are now all worthless until the RSA generates a new algorithm Comodo just was compromised by a third party of theirs that then compromised their own certificate database for some very high profile sites. If you have not updated your browsers(yes all of them) you could now be receiving bad certificates that say they are genuine but aren’t. Frankly this makes no sense to me. All a third party has to do is screw up once..and ALL of their clients can be affected. You then have to do something like update all of your software or redo all of your dongles once that occurs. I use only self-generated certificates. That way I know they are genuine and aren’t compromised. If i get compromised It’s only me. I don’t see how this reliance on third party for online security is progress.
Brian krebs tweet: as w/ this Comodo cert issue and the RSA mess, I’m struck by how many big security threats r beyond user’s ability to do squat about them
comodo incident listing http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html
ms advisory on issue http://www.microsoft.com/technet/security/advisory/2524375.mspx
Steve Gibson on RSA hack http://steve.grc.com/2011/03/19/reverse-engineering-rsas-statement/ follow embedded links too.
I think the smart tv thing is right on..we’ll see about the rest..:)
Seven Predictions for 2013 – F-Secure Weblog : News from the Lab.
The team behind the Samba Project has released version 4.0 of its open source Windows interoperability software suite, the first version to offer full compatibility with Microsoft’s Active Directory protocols.
The Samba stack is by far the most popular solution for networking non-Microsoft platforms with Windows machines, but previous versions only provided Windows NT Domain Controller functionality.
According to the Samba Team’s press release, Samba 4 can now act as an Active Directory Domain Controller and offer services to any currently supported versions of client-side Windows, including Windows 8.
Servers running the new Samba support typical Active Directory features, including Group Policy and Roaming Profiles. They can also integrate with Microsoft Exchange servers, and they can even be managed using Microsoft’s own administration tools.
In addition, the new version offers full interoperability with Microsoft Active Directory servers. A Samba 4 server can be joined to an existing Active Directory domain, and Microsoft Active Directory Domain Controllers can join a Samba 4 server.
What all of this means is that for the first time, organizations have the option of replacing one or more Microsoft Active Directory servers – currently priced starting at $501 apiece for the small business version and scaling up to the Moon – with alternatives based on 100 per cent free software, via Samba 4.0 running on Linux or some other free OS.
via Samba 4 arrives with full Active Directory support • The Register.
Your vendors card reader taken over by a rogue credit card. I’ve seen this on tv but never thought it was for real. This is why i constantly tell folks to update EVERYTHING they can…even card readers now are computers running..Linux. However there was a vulnerability in the app for the reader which allowed any firmware update to be installed… without checking for authenticity. Simply swiping a card told the reader to go download a new reader software that not only read the cards but also sent the data to the thieves at this large chain.
Thieves Hack Barnes & Noble Point-of-Sale Terminals at 63 Stores | Threat Level | Wired.com.
There’s CLEAR prior art and the fact that the jury said they skipped it says this judgement is nullified or thrown out due to misconduct. this ruling needs to be dismissed and the patents invalided immediately.
Apple likes to claim it is an “innovator” and thus files patents on various design elements by the boatload. The problem with this claim and then the legal cudgel that it buys with these claims is that they always have been demonstrably false and now this has ratcheted up into attempts to bar obvious design features that Apple did not invent from being sold by anyone but Apple.
What has Apple actually “innovated” in?
One thing: cult consumer behavior. There it has indeed innovated.
The company stole Xerox PARC’s ideas (specifically the Star workstation) when it came to the mouse and graphical user interface. It did not invent any of those features — not windows, not icons, not the mouse, none of it. None. Utterly none.
This was well-documented by the early 1990s. But today, nobody cares.
Today, however, Apple claims it owns a rectangular tablet design with rounded corners and rectangles with rounded corners on the screen. It claims to have invented this. It claims that this was innovative and original work. It even claims novelty and trade dress rights for the name “iPAD.”
Apple is lying as the below image demonstrates conclusively.
I present to you the LG Tablet computer, called “The Digital, iPAD”, with a rectangular form factor, rounded corners and a graphical user interface complete with windows, designed as a media-consumption device. Oh, I almost forgot — it ran Linux.
I said “ran”, not “runs”. See, this isn’t a new item, or something you will be able to buy in the United State for Christmas. Nor is it a copy of Apple’s technology. The facts are exactly the other way around.
When was this item invented and first made known to the public?
2001 at CeBIT.
That’s clear prior art and thus, other than a possible claim by LG as to those unique design elements, all of those so-called “unique design elements” including the name are in the public domain.
The development of the iPhone began in 2004, and the iPAD was first introduced in 2010, nine years later.
Apple has continued its abusive practices when it comes to the US and international legal system and yet the fanboi segment has shown a continued willingness to buy their products. This is self-destructive behavior, as those who do so are not only overpaying based on the limited monopoly practices granted by patents that should have never been issued due to that prior art, but in addition they are providing Apple with the money to further abuse the legal process in the United States as well with claims of “novelty” when in point of fact there is no novelty that exists.
Apple, having duped a jury in the United States with slick lawyerly arguments now seeks to ban anything with rounded corners.
In response we should ban Apple and tell them that they’re welcome to play their games with offshoring and abuse of the patent system somewhere else – but not here in the United States.
SBS was a good idea with SBS 2003. with 2008 they began doing the Microsoft thing and jacking the price up. SBS 2011 was such a huge, bloated, overpriced mess that very few wanted it. What does this mean? I have much cheaper and even free ways to do what SBS did..:) HINT: Linux and one other piece of software. For those places that HAVE to have windows server it’s windows server, Hyper-v and then Linux and that one piece of software. I’ve talked about all of this before in the blog…if you correctly guess the software and you’re the first one AND you are in my service area i’ll give you a free hour. Let the hunt begin..:)
Microsoft goes public with Windows Server 2012 versions, licensing | ZDNet.
I mentioned in an earlier post about how Quickbooks ties many accountants to Windows. Well I’ve found a partial yet money-saving workaround. We leverage virtualization even more but not in the typical way. Instead of setting up a NAS/DAS/SAN you run it off local stoarge. For SMB’s this saves on costs both short and long run. Allow me to explain:
First you need to figure out exactly how many of your employees actually do work inside of Quickbooks at the same time. Not on the same files at the same time but how many of them actually are actively using Quickbooks at the same time. I bet it’s not even half of your employees. For the sake of math let’s say you have 15 employees. Here’s what you do next:
You buy a new virtualization host server. You then fire up only that amount of windows virtual machines on that server. Once that is done you then convert all machines to Linux. Providing printing is solved(which it can be) you only need to pay for 7 windows licenses and 7 Quickbooks licenses. Considering Linux is free your software costs hit the floor and then burrow underneath it..:) Now instead of constantly replacing hardware to put up with QB and windows bloat you just let them sit on the virtual machines. Your hardware lasts longer due to not needing to be replaced every 3-5 years for the latest windows environment cycle and you buy much less software. of course if your cloudy apps hammer your cpu that’s where individual cpu (maybe motherbaords too)upgrades come into play(aka whiteboxes anyone?). I’m not going to go into specifics on how i would build my vm host for this..if you want to know contact me for a discussion and quote.
