The H Week
Its been a week for Linux releases – major and minor, government advisory appointments, patch days, some clashes with regulatory bodies and some odd going's on in the security world.
Open source news
On Monday the H Open Source reported on the release of Tiny Core Linux 2.0 , a minimal Linux desktop distro designed to run out of a USB memory stick on minimal hardware and Micro Core Linux 2.0, a version of Tiny Core without the X environment.
There were some clashes between regulatory bodies and several leading IT companies this week. Both McAfee and Symantec were fined by the New York State Attorney General for their predatory policies on software subscription renewals. Microsoft found itself once again in conflict with the European Commission in the antitrust dispute over consumer choice and web browsers. Microsoft, keen not to miss the scheduled release date for Windows 7, has said it will ship Windows 7 in Europe without a web browser.
With the UK Government perhaps attempting to claw back some semblance of credibility, Friday saw the announcement of "Father of the World Wide Web", Sir Tim Berners-Lee's appointment to take responsibility for opening up access to the public data held by the government. In recent year Berners-Lee has often spoken about the importance of access to public data and says that he feels this appointment goes beyond party politics.
Monday's report of vulnerabilities in the Kloxo hosting platform was followed on Tuesday by news of UK web host VAServ falling to an attack. A story which included the sombre news that K T Ligesh, the founder of Lxlabs, had been found dead in his home, having apparently hanged himself. VAServ used HyperVM as part of its hosting service and both Kloxo and HyperVM are products of Lxlabs.
There were two appointments this week of prominent 'computer experts' to government advisory bodies. Monday brought news of "Dark Tangent" otherwise known as Jeff Moss, founder of DEFCON and the Black Hat Conference, being sworn in to the US Homeland Security Council.
A blackmailers claims of an apparent penetration of the US T-Mobile customer database caused quite a stir, even outside the security community. At the time T-Mobile played down the validity of the claims, saying it seemed that a small amount of genuine data taken from a paper printout had been presented as a “sample” to make it appear the blackmailer had access to much larger amounts of data. A position they underscored with greater emphasis later in the week, denying that any electronic penetration of their systems had ever taken place.
As mentioned in the last issue of The H Week, Adobe had their first Patch Tuesday synchronised on this occasion with Microsoft's Patch Tuesday, although there will be another two Microsoft Patch Tuesdays before the next Adobe quarterly patch release. Adobe issued 13 security updates for Adobe Reader and Acrobat while Microsoft repaired 28 vulnerabilities in its products, in particular critical patches to Internet Explorer. Microsoft also issued patches for Office 2004 and 2008 for Mac.
Independent security researcher Rich Mogull strongly criticised Apple for their slow responses and generally poor attitude to security. Mogull says at present using Apple products is still a relatively safe experience, but this is not due to any inherent strengths in their products or security policies and the company must make changes if it is to combat future threats.
Australian encryption researchers have described a new and faster way of provoking collisions for the SHA-1 algorithm making it practical to mount attacks and increasing the need for a new and more secure encryption standard.
To see all last week's news see The H's last seven days of news and to keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.