Press "Enter" to skip to content

Posts published by “FOSS Force”

DDOS Attack Brings Tux Machines Down

Editor’s note: This article was updated on 9/29/14 at approx. 5:30 p.m. to include update from Tux Machines publisher Roy Schestowitz.

Since sometime last week the popular Linux site Tux Machines has been under an apparent distributed denial-of-service (DDOS) attack. For the last several days, those trying to visit the site have been redirected to Tech Rights, another site operated by Roy Schestowitz, the owner of Tux Machines, to a post dated Saturday by Schestowitz which reads:

“Windows botnets have been hammering on Tux Machines for nearly a week. It got a lot of worse yesterday and the site became unaccessible much of the time. We don’t know who the attacker is and what the motivations are, but in the mean time the site can be read via the RSS feed. The RSS feed links to all the latest news and the pages ought to work as usual. We apologise for this issue and we are working hard to find a permanent solution.”

Are You Going Conferencing?

This year, we at FOSS Force are expanding our coverage of Linux, FOSS and OSS conferences. This got us wondering, in a self serving sort of way, how many of you regularly attend conferences?

At this point, it’s looking as if we’ll have boots on the ground at three conferences, all scheduled for late October. In fact, we’re already hard at work coordinating our efforts to cover these events.

All Things Open

First up will be our coverage of All Things Open (ATO), a two day conference to be held on October 22 and 23, which will be covered by Christine Hall. Last year, you might remember, we got our feet wet with Hall’s coverage of the inaugural bow of ATO. Hall says that last year was her first try at conference coverage, that she learned quite a bit and that this year’s coverage will be even better.

ATMs Might Go Linux, MS DOS Source Released & More…

FOSS Week in Review

Is Microsoft reading your Hotmail?

Last week we learned of the arrest of Alex Kibkalo, a Microsoft employee who’s charged with leaking an unreleased version of Windows 8 to a French blogger. According to Wired, during the course of an internal investigation in Redmond, an unidentified source approached Steven Sinofsky, who was then president of Microsoft’s Windows Division.

“The source gave Sinofsky a Hotmail address that belonged to the French blogger (also not named) and said that the blogger was the person who had received the leaked software. Microsoft had already been interested in the blogger, but apparently, after the tip-off, the company’s security team did something that raised alarm bells with privacy advocates. Instead of taking their evidence to law enforcement, they decided to search through the blogger’s private messages themselves. Four days after Sinofsky’s tip-off, Microsoft lawyers ‘approved content pulls of the blogger’s Hotmail account,’ the court filings state.

“By trolling through the Hotmail email messages and MSN Messenger instant message logs, Microsoft learnt how Kibkalo and the blogger pulled off the leak, says Federal Bureau of Investigation special agent Armando Ramirez III, in an affidavit filed in connection with the case. Microsoft handed over the results of its investigation to the FBI in 2013, and Kibkalo was arrested on Wednesday.”

This, of course, created quite a stir among privacy advocates. So much so that the folks in Redmond on Thrusday announced a change of policy when it comes to riffling through people’s Hotmail accounts. They’re still going to do it, but in the future the company will publish stats regarding its breaking into people’s free Hotmail accounts. In other words, we’ll know just how much they do it.

Galaxy Backdoor, RIT Offers Open Source Minor & More…

FOSS Week in Review

Java is the target for half of all exploits

We’ve been saying for a couple of years now that Java isn’t safe and have been urging everyone who will listen to disable Java in the browser. As we’ve been saying this, comments to our articles on Java security have filled with folks wagging a finger and “reminding” us that Java is only a threat in the browser, that otherwise Java is safe.

That is wrong. The only time Java is safe is when it’s in a cup. According to an article published on IT World, researchers say that Java is now responsible for fully half of the exploits discovered in December.

Ubuntu Keeps MySQL, Why XP Won’t Go Away & More…

FOSS Week in Review

Cops tracking phones sans warrants

Tallahassee PoliceIt appears that the police in Tallahassee, Florida have been busy tracking folks by their cell phones without bothering to show up before a judge and ask for a warrant. Why would they violate the constitutional rights of their citizens this way? Evidently because they were using technology on loan and had signed a non-disclosure agreement.

According to Wired, this information came to light in an appeal of a sexual battery case dating back to 2008 in which a suspect was tracked using the technology to locate a phone that had been stolen from the victim. The police have admitted using the device 200 times, with no judge or warrant involved, since 2010. In a blog post made Monday, the ACLU said the device is “likely a Stingray made by the Florida-based Harris Corporation.” Evidently, the ACLU has long suspected that Harris has been loaning the devices to Florida police departments.

Redmond FUDs FOSS While Forking Android & More…

FOSS Week in Review

Botnet steals bitcoins

We figure that any currency that can’t be safely tucked into a mattress isn’t secure, so we haven’t been too quick to jump on the bitcoin bandwagon. Needless to say, we weren’t surprised on Monday when Reuters reported that there’s a botnet on the loose with the aim of stealing the virtual currency.

According to the Chicago based security firm Trustwave, hundreds of thousands of computers have been infected with “Pony” malware to form a botnet going after bitcoin and other virtual currencies. So far, at least 85 virtual wallets have been stolen.