The H Roundup - MySQL holes, router hacks and password cracks
Welcome to The H Roundup, your rapid review of the week with the most read news on The H, the security alerts and open source releases, and the essential feature articles – all in one quick-to-scan news item.
Top News
Hacker KingCope presented the MySQL and SSH communities with an early Christmas present in the form of a whole range of exploits, several makes of routers turned out to be hackable by sending unwitting users a malicious email, and WhatsApp is still having problems with their account security.
- Season's gr3371ng5 - hacker releases exploits for MySQL and SSH
- Email hacks router
- Account theft still possible with latest WhatsApp
A new way of calculating SHA1 could give a 20% performance boost to password crackers, a quicker way to brute force MySQL passwords was shown, a cluster of GPUs can chew their way through NTLM passwords in record time, and Microsoft's AV solution has failed to keep up to grade.
- SHA1 weakness benefits password crackers
- Fast cracking of MySQL passwords demonstrated
- Password cracking in record time with giant GPU cluster
- Microsoft Security Essentials fails AV-Test
The Linux Mint developers have followed the release of Linux Mint 14 with a point version to fix three showstopper bugs, LibreOffice also cleared out a number of bugs from their most recent release and Matthew Garrett published his Secure Boot bootloader for use by Linux distributions.
- Linux Mint 14.1 released to fix showstopper bugs
- Secure Boot bootloader for Linux
- LibreOffice 3.6.4 fixes over 60 bugs
Featured Articles
This week, Oliver Diedrich looked at two contrasting deployments of OpenOffice in German cities and the lessons that can be learned, while in The H Developer, Patrick Peschlow showed the power of Java 7's ForkJoinPool for multi-threaded applications.
Developer Spot
If your application relies on Java 6, Oracle have given you a stay of a couple of months before you will have to move to Java 7. EMC and VMWare have moved their assets around to create a new cloud/big data company, Adobe made a play for game developers, GWT's future was evaluated, and a new Arduino IDE appeared.
- Java 6 allowed to live just a little longer
- EMC and VMware create Pivotal Initiative
- Adobe puts together tools for game developers
- GWT: No future without the community
- MariaMole: Alternative Arduino IDE
Node.js and PowerShell developers will find Amazon has released tools for both platforms to plug into its cloud services, while corporate Android developers can now make use of private Google Play app stores for custom applications.
- Amazon previews Node.js for its cloud
- AWS Tools for PowerShell developers
- Google launches private Android app stores
Open Source Releases
This week saw new releases of Chrome, QEMU 1.3, Plan 9 for the Raspberry Pi, Aptosid and siduction, Semantic MediaWiki 1.8, Slacko Puppy 5.4, EverPad, IntelliJ IDEA 12, KDE 4.9 and ZevenOS 5.0.
- Chrome: Pinkie Pie's 64-bit vulnerability fixed
- Plan 9 ported to the Raspberry Pi
- QEMU 1.3 supports new device pass-through technology
- New versions of aptosid and siduction continue Sidux legacy
- Semantic MediaWiki 1.8 released
- Slacko Puppy 5.4 introduces installable layers
- Everpad 2.3 brings Evernote access to Linux users
- IntelliJ IDEA 12 gets new interface, compiler mode and Android Designer
- KDE 4.9 receives its last stabilisation update
- ZevenOS 5.0 delivers an early Christmas present
Ubuntu 13.04 development kicked off with what wasn't an alpha release but more the start of a rolling development version, Linux 3.7 was delayed a week for another release candidate, Qt 5.0 got a release candidate, the Ruby developers refined their plans for Ruby 2.0, and a beta appeared for version 9 of the DRBD distributed block storage system.
- First "alpha" arrives for Ubuntu Raring Ringtail 13.04
- Another Linux 3.7 release candidate and new stable kernels
- Release candidate lands for Qt 5.0
- Ruby 2.0-preview2 arrives while Refinements are being refined
- DRBD 9 beta enables multiple node high availability
For everything The H has published in the last week, check out the last seven days of news. To keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.
(djwm)