Archive for July, 2009


Best and Worst Security Award Winners From the Blackhat Conference.

Filed Under: Linux, Microsoft, Office, Open Source, Security, Windows by William — Leave a comment
July 31, 2009

Pwnie Award Winners.

I like this.  It shows that nothing is sacred when it comes to security..:)

Comment

Anyone Can Get Compromised

Filed Under: Open Source, Security by William — Leave a comment
July 30, 2009

When ‘Big Leaguers’ Get Hacked | threatpost.

Comment

Business Banking Should Not Be Done With Insecure Browsers

Filed Under: Microsoft, Open Source, Security by William — 1 Comment
July 30, 2009

Security Fix – The Growing Threat to Business Banking Online.

NO clients of mine that have run Firefox instead of IE and followed my best practices advice have gotten infected with malware.  If you don’t get infected online baking is perfectly safe from your end.

Comment

Fixing Activex by Disabling Parts of it Proven to not be the Solution

Filed Under: Microsoft, Office, Security, Windows by William — Leave a comment
July 30, 2009

Researcher Shows Killbit is No Defense on MsVidCtl Flaw | threatpost.

When you have a technology(Activex) that allows access directly to the kernel there is only one way to secure it..remove it.  I have posted about this multiple times.  Microsoft it is time for you to realize your java killer called Activex is not killing java and the though of letting code on the internet run at the system user level is a horrendously bad idea.

Comment

What the BOOM post means to ECC clients

Filed Under: Linux, Open Source by William — Leave a comment
July 30, 2009

For the clients running centos I am going to be researching other alternatives.  Right now no servers are in danger of being unable to update.  I will keep everyone informed as to how this situation unfolds.

Comment

When an OPen Source Project Goes BOOM!!!!

Filed Under: Linux by William — 1 Comment
July 30, 2009

Read this site:

Planet CentOS.

It turns out the CentOS project is under the control of one person and that person has decided to disappear..for over a year.  All monies that got donated did not go to CentOS but to the founding individual.  This type of thing can happen anywhere but this type of thing is what gives anti-open source folks tons of ammunition.  They may have to rename the project or merge with another one.  I will be watching developments as they unfold.  I personally am now researching other distros to migrate to since I can no longer be assured of the stability or longevity of CentOS.


*UPDATE*

I have been following the mailing list as well you can find the mailing list entries here.

*UPDATe 2*

the following was posted on the sidebar of the centos homepage:

  • CentOS is not dead or going away. The signers of the Open Letter are fully committed to continue the CentOS Project. Updates and new releases will continue.
  • The issues raised in the Open Letter have been raised privately literally for years and a voluntary resolution had been hoped for and worked toward. But progress requires follow through. We have tried contacting Lance in private for a long period of time before this Open Letter. While we received promises, there was no real response or follow through from him on promises made. We are sure he is not dead, on vacation, or sick. Once we all decided there was no movement in the matter we created the Open Letter. This is not something that appeared just recently.
  • We would really like to continue the project using the centos.org domain. That is one of the reasons for the Open Letter. But the developers will move to another domain if there is no other option. Protective backups are in place; hot machines exist to allow for a cutover with a simple one time installation of one RPM package. We continue to refine our plans if this might be the case, to make the transition as smooth as possible.
  • We thank the people who have stepped forward and want to donate to the CentOS project to hold off for now until issues surrounding the centos.org domain and donation policy are resolved. Selected donations will be privately solicited by the signers of the Open Letter on some transition matters. We will post general instructions on how you can help the project as matters become resolved.
  • The CentOS project is run completely by volunteers and we are aware that this requires a different management style. We have been and continue to work to prevent issues like these from occurring in the future. We will continue this effort in the future, but the matters mentioned in the Open Letter prevent us from moving forward at this moment, as they need to be resolved first.
    • Comment

    New Server Location

    Filed Under: Open Source by William — Leave a comment
    July 18, 2009

    I have relocated this site to a new server. It is actually a virtual machine on a physical server. I have noticed a 50% increase in performance of this site. I hope you enjoy the new speeds.

    Comment

    Security issues with sudo in Ubuntu

    Filed Under: Linux, Open Source, Security by William — Leave a comment
    July 18, 2009

    Security issues with sudo « Mihai’s Weblog.

    I have always thought Ubuntu’s way of locking out direct root access was nonsensical.  It now turns out it worse than that..it’s Microsoft-ish.

    Comment

    Oracle Could be Sending Solaris to the Great Bit Bucket in the Sky.

    Filed Under: Open Source by William — Leave a comment
    July 13, 2009

    Is Oracle getting ready to kill OpenSolaris? – Computerworld Blogs.

    I think it’s beyond open Solaris I think it’s also Solaris as well as Mysql and Virtualbox.

    Comment

    Another ActiveX Remote Takeover Issue

    Filed Under: Microsoft, Office, Security, Security Alerts, Windows by William — 1 Comment
    July 13, 2009

    Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution.

    *sigh* When will ms and others learn?

    Head to this page for the fix. Head to the fix it for me section and click on the fix it icon under enable workaround.  Download and install that file.

    Comment