FOSS Week in Review
Larry’s away today, hiding beneath his tinfoil hat and hoping to escape the ravishes of Friday the thirteenth, so I was volunteered to write this week’s review. Sorry. Larry will return next week.
G’bye Debian Live: By now you’ve probably heard the news that evidently the Debian Live project is no more. This according to the project’s leader, Daniel Baumann, who posted An Abrupt End to Debian Live on the Debian website on Monday. According to him, the project was “hijacked by the Debian-cd and the Debian-installer teams.”
Reading the post, you might be excused for thinking it’s not all wine and roses over in Debian-land. “Debian can be great,” Baumann wrote. “But depending on who you are, where you come from, and who your friends are, Debian can also be hateful and full of deceit.”
He went on to say that the live.debian.net server will be shut down at the end of the month and that the Git repositories have already been made read-only.
Back up your web server: We learned this week from Lucian Constantin on ITworld about new ransomware that’s targeting Linux servers. The malware program, discovered by Russian antivirus vendor Doctor Web who call it Linux.Encoder.1, seems to be a bit of nasty work, according to Constantin.
“Once run on a system with administrator privileges it starts traversing the whole file system and encrypting files in specific directories,” he wrote, “including the user’s home directory, the MySQL server directory, the logs directory and the Web directories of the Apache and Nginx Web servers.” After that, it leaves a ransom note in every directory in which it has encrypted files.
Backups stored on the server aren’t safe, either. as the malware “also encrypts archives and directories that contain the word backup,” meaning that backups need to be stored on another server.
Although Bitdefender Labs has published a decryption tool for this, it won’t necessarily work in all cases.
“It was brought to our attention that the decryption tool was not working on particular cases,” the company said on its website. “Upon investigation we were surprised to find out that some victims were infected more than one time….
“This means that some files were encrypted using a key, and others using another set of keys. However, in so doing, the race condition generated leads to some files getting irreparably damaged (their content is truncated to zero). And in some cases even the ransom notes became encrypted!”
Forewarned is forearmed and all that…
WordPress dominates: I made passing mention in an article yesterday that according to the folks at W3Techs, the FOSS CMS platform WordPress is now the driver behind a whopping one in four sites on the web. Drilling further down, we find that the number two CMS is not even close: Joomla with 2.8 percent, followed by Drupal with 2.1 percent. The report goes on to identify PHP as the most used server-side programming language, with a usage rate of 81.5 percent, and JavaScript dominating on the client-side, with a usage rate of 91 percent. In the later category, the once-dominant-but-rapidly-fading Flash makes a second place showing at 9.8 percent.
See ya next time. Until then, may the FOSS be with you…
Help keep FOSS Force strong. If you like this article, become a subscriber.
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux
What the Debian-cd and Debian-installer teams did is disgusting.
Debian has a problem.
Debian is broken. I read the thread on the list, and it’s hard to believe how f-ed up those people have gotten. Ego trips and power games. I will have nothing more to do with Debian. They have left the path of wisdom.
It may also be appropriate to mention the comments by Ben Armstrong – who has also been involved with Debian Live for some years – http://syn.theti.ca/ is his blog.
Specifically, the first comment at https://lists.debian.org/debian-live/2015/11/msg00076.html and the second comment at https://lists.debian.org/debian-live/2015/11/msg00080.html are very relevant.