The H Week - Ubuntu 11.04 Alpha 1, Thunderbird 5 Beta, Mac malware, more Sony hacks

In the past week, The H reported on Linux becoming 3.0, Mageia turning 1.0, the first alpha release of Ubuntu 11.10 and a first beta release of Thunderbird 5.0. The second major release of LibreOffice arrived and Oracle proposed that OpenOffice become an Apache project. Hackers attacked Lockheed Martin, PBS, and, again, Sony. Mac Defender malware fought back against Apple's defences.

Featured

Thorsten Leemhuis' Kernel Log looked at the problems that have cropped up as Linux switches from a three digit to two digit version number with the switch to Linux 3.0, and how hardware manufacturers have made rebooting a PC a messy experience for any operating system.

• Kernel Log: Hardware and "3.0" difficulties

Open Source

A week of beginnings as the first release candidate for Linux version 3.0, the first alpha version of Ubuntu 11.10 "Oneiric Ocelot", the 1.0 release of the Mandriva fork Mageia and the first beta of the version number skipping Thunderbird 5.0 arrive. And a week with two endings as the milestone that was Ubuntu's 6.06 LTS Server reached the end of its five year life and Fedora's blogging service was closed due to lack of use.

• First release candidate of Linux 3.0 available
• Ubuntu Oneiric Ocelot Alpha 1 arrives
• Mandriva community fork Mageia 1.0 released
• Thunderbird 5.0 arrives in Beta channel, skips 4.0
• Ubuntu 6.06 LTS Server reaches end of life
• Fedora Blogs to close due to limited use

This week saw the second major release of LibreOffice, 3.4.0, aimed at community members and power users. Having stopped commercial development, Oracle proposed that OpenOffice.org should become a project of the Apache Software Foundation. Google open sourced its WebRTC software for real time video and audio communications on the web.

• LibreOffice 3.4.0 arrives for power users and early adopters
• OpenOffice proposed as Apache project
• Google open source WebRTC for open video/audio chat

Linux on Intel-based netbooks took off with Canonical announcing that Ubuntu will be pre-loaded on some ASUS Eee PC netbooks, though not on its new Eee PC X101, a sub $200 lightweight netbook that runs MeeGo. The UK Intellectual Property Office established a seven month Peer to Patent pilot project for community reviews of patent applications and the PHP developers published the final draft for a PHP release process.

• ASUS launches Eee PC with MeeGo
• ASUS to offer Ubuntu-powered Eee PC netbooks
• Final draft for a PHP release process presented
• UK launches Peer to Patent pilot project

Open Source Releases

• Apache MyFaces Core 2.1.0 released
• ScummVM 1.3.0 now supports WebOS
• Grml 2011.05 includes Ratpoison
• Oracle releases Oracle Linux 6.1
• PiTiVi open source video editor brings new effects
• libssh 0.5.0 released with asynchronous support

Development Releases

• Firefox 6 arrives in Aurora Channel
• Mandriva Linux 2011 Beta 3 arrives for testing
• First openSUSE 12.1 milestone arrives
• First alpha for Scientific Linux 6.1

Security

Hackers reportedly broke into the networks of arms manufacturer Lockheed Martin and other US military contractors. Honda Canada told its customers that it had been the victim of an attack two months ago in which 283,000 customer records were stolen. Google described a spear phishing campaign originating in China against high profile users in the US and Asia. The LulzSec group hacked the web site of US broadcaster PBS and raised Tupac from the dead and, in another attack, compromised the customer records of more than a million Sony Pictures customers.

• Hackers break into Lockheed Martin
• US broadcaster hacked in revenge for WikiLeaks report
• Honda breach exposes over 283,000 customer records
• Attacks target high-profile Gmail accounts
• Hacktivists break into Sony Pictures database

Apple released a security update to take on the Mac Defender malware and within hours a new version of Mac Defender appeared, which was then stopped by Apple's new automatically updating blacklist. Skype's auto-update function started installing software without consent and a freelance researcher claimed to be reverse engineering the Skype protocol "to make skype open source".

• Apple addresses Mac Defender in Snow Leopard security update
• Mac Defender mutates past security update
• Skype installs third party software against users' wishes
• Skype protocol being reverse engineered

More apps were removed from the Android Market after they were found to contain the Droid Dream Light malware, the Chrome Web Store has the same security problems as the Android Market, and TweetDeck's browser-based client, ChromeDeck, was executing JavaScript embedded in Twitter messages.

• Android malware activates itself through incoming calls
• Chrome Web Store has same security problem as Android Market
• Cross-site scripting vulnerability in TweetDeck's ChromeDeck

The CTO of Sourcefire, Marty Roesch, talked to The H about Razorback, the next generation of malware detection from Sourcefire. Security expert Marc Heuse gave a presentation on the security problems associated with IPv6 and Harald Welte explained the basics behind Terrestrial Trunked Radio (TETRA) and presented some open source software that can be used to receive, record, and decode it.

• Snort creator talks Razorback and ClamAV
• Worth Seeing: IPv6 and Security
• TETRA digital radio - now for everyone

Security Alerts

• Critical vulnerability in open source Eucalyptus clouds

For all last week's news see The H's last seven days of news and to keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.

(crve)