The H Week - Linux 2.6.35, CSI:Internet episode 4

In the past week, The H took an in-depth look at the latest 2.6.35 Linux kernel and published the latest episode of the CSI:Internet series. Google announced that it would discontinue its Wave collaboration tool, Android overtook BlackBerry sales in the US and KDE SC 4.5 was delayed. A record Microsoft patch day is coming, a new PDF vulnerability allows for iPhone jailbreaking and AV vendors aren't using Windows exploit protection features.

Featured

Following the release of the latest version of the Linux kernel early this week, The H published its customary in-depth feature on what's new in Linux 2.6.35. Later in the week, The H posted episode 4 in the CSI:Internet security series and Richard Hillesley took a look at the issues around copyright assignment and free software.

• What's new in Linux 2.6.35
• CSI:Internet - Attack of the killer videos
• Copyright assignment - Once bitten, twice shy

Open Source

This week saw the arrival of the latest 2.6.35 Linux kernel, Illumos launched an OpenSolaris derivative aimed at creating an open source baseline for future distributions and the code for the AppArmor security extension was integrated into the latest development branch of the kernel. Google announced it was discontinuing Wave and a survey by Accenture showed that investment in open source is on the rise. Reports from research firm Canalys showed that worldwide shipments of smartphones running Google's Android OS increased by 886% in Q2, ACCESS joined the Open Handset Alliance founded by Google and the Software Freedom Conservancy won a default judgement against several GPL violators.

NPD reported that Android devices are now outselling BlackBerry in the US, AndroLib reported that the AnrdoidMarket surpassed 100,000 apps and Google confirmed that nearly 60% of all Android phones are now running version 2.1 of the OS. sonnes GmbH released GraphDB 1.1 for the Microsoft Windows Azure Platform, SugarCRM delivered its set of open source test tools, odt2braille brought Braille support to the OpenOffice.org office suite and the Drupal Commons 1.0 open source social networking tool for enterprises was announced.

The KDE project confirmed that the next major update to KDE, version 4.5, is delayed by one week, the GNOME Foundation and KDE e.V. board announced that their 2011 Desktop Summit would be held in Berlin and users can now support GNOME by purchasing music via Banshee. The Debian developers announced at DebConf10 this week that Debian 6.0 (Squeeze) has now entered the feature freeze part of the development cycle.

• Linux kernel 2.6.35 released
• Illumos launched as OpenSolaris derivative
• AppArmor set for inclusion in Linux kernel
• Google Wave to dissipate
• Accenture survey sees open source investment rising
• Report: Android shipments increase by 886%
• ACCESS set to go Android
• SFC wins default judgement against GPL violator
• NPD report: In the US, Android phones outsell BlackBerry & iPhone
• Report: Android Market surpasses 100,000 apps
• Google: Nearly 60% of Android devices now running 2.1
• sones GmbH offers GraphDB for Azure cloud
• SugarCRM starts delivering open source test tools
• odt2braille brings Braille to OpenOffice.org
• Drupal Commons offers open source sociability for enterprises
• KDE SC 4.5 release delayed
• GNOME and KDE 2011 Desktop Summit in Berlin
• Supporting GNOME by buying music via Banshee
• Debian Squeeze frozen
  

Open Source Releases

• Mozilla releases JetPack SDK 0.6
• Python 3.2 Alpha arrives
• OTRS 3.0 Beta 1 includes new GUI
• Parted Magic 5.2 improves Asian language support
• Wine 1.3.0 kicks off new development cycle
• MeeGo for IVI version 1.0 released
• GPGMail plug-in returns with Snow Leopard support
• Jolicloud 1.0 netbook OS launches
• Elastix 2.0 communication server released
• Canonical releases Ubuntu 10.10 Alpha 3
• MongoDB 1.6 adds auto-sharding and replica sets
• Mozilla releases Thunderbird 3.1.2
• NetBeans 6.9.1 provides first fixes and JavaFX update
• First GNOME 2.32 development snapshot released
• Microsoft's PHP driver for SQL Server goes object-oriented
• qooxdoo 1.2 JavaScript framework released

Security

During his presentation at the BlackHat Conference, a German GSM expert demonstrated a tool that can crack the A5/1 encryption used by mobile phones. A jailbreak for the latest iOS used by Apple's iPhone exposed vulnerabilities which could be exploited by criminals. Apple says it has a patch for these holes. A rootkit for Android mobile phones was demonstrated at the DEFCON hacking conference.

A number of routers are still vulnerable via their built-in web interface, the new Blind Elephant Web Application Fingerprinter tool was released and a number of anti-virus vendors still don't make full use of Windows exploit protection features. Pressure has started to mount on software vendors to fix vulnerabilities in their products within a reasonable amount of time, Cisco patched a number of its products to protect against several denial-of-service (DoS) vulnerabilities and Microsoft has said that next weeks Patch Tuesday will be the largest on record.

• Quickly decrypting cell phone calls
• iPhone jailbroken by Safari vulnerability again
• iPhone patch coming soon
• Android rootkit demonstrated
• Router access through the back door
• Blind Elephant leads the way in fingerprinting web applications
• Anti-virus software does not make full use of Windows exploit protection features
• Pressure mounts for a swifter response to vulnerabilities
• Cisco security products vulnerable to DoS
• Microsoft plans record patch day

Security Alerts

• Emergency patch closes LNK hole in Windows
• Two critical vulnerabilities in iPhone's iOS exploited in jailbreak - Update
• Critical hole in Adobe Reader - and nobody wants to know

To see all last week's news see The H's last seven days of news and to keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.

(crve)