We’ve been saying for a couple of years now that Java isn’t safe and have been urging everyone who will listen to disable Java in the browser. As we’ve been saying this, comments to our articles on Java security have filled with folks wagging a finger and “reminding” us that Java is only a threat in the browser, that otherwise Java is safe.
That is wrong. The only time Java is safe is when it’s in a cup. According to an article published on IT World, researchers say that Java is now responsible for fully half of the exploits discovered in December.
Other than PJ, there’s not a character from the SCO saga that I would like to meet face to face.
Not Blake Stowell, even though he knows what went down behind closed doors at SCO and is the most likely candidate to tell what really went on inside the company. In those days he was SCO’s Director of Corporate Communications, the person who had to put a palatable spin on his boss’s actions. These days he’s working as PR Director for Omniture, a data mining company with questionable practices that’s owned by Adobe. Before his tenure at SCO he spent time working for Novell (no surprise) and Microsoft.
I especially have no interest in meeting SCO’s old CEO Darl McBride, the thug who now spends his time being President and CEO of Me, Inc., a renaming of SCO Mobility which he purchased for $100,000 in 2010.
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux
“Why we don’t all switch to Diaspora I will never understand.”
My friend Ross made this remark on Facebook Thursday as introduction to a link to a petition by Demand Progress, a progressive political action site. The petition addresses Facebook and privacy issues, making some rather disturbing accusations. Although the text is short on siting sources, the accusations still ring true. The claim is that every time something is typed into a comment box but then not posted, Facebook keeps a record.
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux
It appears that the police in Tallahassee, Florida have been busy tracking folks by their cell phones without bothering to show up before a judge and ask for a warrant. Why would they violate the constitutional rights of their citizens this way? Evidently because they were using technology on loan and had signed a non-disclosure agreement.
According to Wired, this information came to light in an appeal of a sexual battery case dating back to 2008 in which a suspect was tracked using the technology to locate a phone that had been stolen from the victim. The police have admitted using the device 200 times, with no judge or warrant involved, since 2010. In a blog post made Monday, the ACLU said the device is “likely a Stingray made by the Florida-based Harris Corporation.” Evidently, the ACLU has long suspected that Harris has been loaning the devices to Florida police departments.
We figure that any currency that can’t be safely tucked into a mattress isn’t secure, so we haven’t been too quick to jump on the bitcoin bandwagon. Needless to say, we weren’t surprised on Monday when Reuters reported that there’s a botnet on the loose with the aim of stealing the virtual currency.
According to the Chicago based security firm Trustwave, hundreds of thousands of computers have been infected with “Pony” malware to form a botnet going after bitcoin and other virtual currencies. So far, at least 85 virtual wallets have been stolen.
Those who keep up with my posts on Google Plus might know about my month-long struggle with Google Drive. For those who do not, here’s the deal. I split a 200 gig account with my organization Reglue. Half of it I pay for so I have a place to backup my important stuff. The other half is dedicated to files and other documents for Reglue.
I learned a hard lesson in 2011: you can’t back your stuff up too often. Every record we had literally disappeared in a flash during a once-in-a-century lightning storm. Drives on three local computers were fried on the spot.
Our computers were only a portion of the casualty list. The storm also took out two televisions, my entire AC unit and a microwave. The thunder was so close and so powerful it broke out our front bay window and the window glass in two of my trucks. Even top-of-the-line Belkin surge protectors couldn’t stave off these strikes.
Ken Starks is the founder of the Helios Project and Reglue, which for 20 years provided refurbished older computers running Linux to disadvantaged school kids, as well as providing digital help for senior citizens, in the Austin, Texas area. He was a columnist for FOSS Force from 2013-2016, and remains part of our family. Follow him on Twitter: @Reglue
Tuesday, February 11th, The Day We Fight Back, has come and gone. Whether the event was a success, failure or fell somewhere in between depends on whom you read.
Surprisingly, the biggest naysayer was probably the New York Times, which started an article. “The Day the Internet Didn’t Fight Back,” with the line, “So much for mass protest.” It appears as if the Times’ metric for this judgement was the lack of participation by some sites which took part in the online SOPA protest a couple of years back.
At about 1 p.m. this afternoon the security company behind the WordFence plugin for WordPress issued a security advisory via email informing users of their plugin that WordPress sites are currently under a brute force attack.
“As of 11am eastern time this morning we are monitoring the largest distributed brute force attack on WordPress installations that we’ve seen to date. The real-time attack map on www.wordfence.com became so busy that we’ve had to throttle the amount of traffic we show down to 4% of actual traffic.
“A brute force attack is when an attacker tries many times to guess your username password combination by repeatedly sending login attempts. A distributed brute force attack is when an attacker uses a large number of machines spread around the internet to do this in order to circumvent any blocking mechanisms you have in place.”
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux
There is a tablet in my house that blinks whenever my roommate has a message. I know this because for some reason it’s my job to keep it charged for her. It has front and back cameras. The built-in microphone and speakers are capable of holding a conversation in English–probably other languages as well. With what we know now, I must assume that the NSA has the ability to activate the cameras and microphone to run silently in the background, bypassing the light that indicates when the camera is in use.
The same is true of the other computers in my home, but to a lesser degree.
The desktop I’m using to write this article doesn’t have a camera or a microphone. Nor does the old Dell laptop that gets used occasionally around the house. My other laptop, a newer Gateway, is equipped with a built-in camera and microphone, but I’ve never managed to get the microphone to work under Bodhi Linux. Not that I’ve tried very hard. I don’t Skype or anything, so a microphone is of very little use to me.
This is probably a good thing as it means the NSA can’t watch or listen to me as I use my desktop or Dell and they can’t eavesdrop when I’m on the Gateway. They can only steal my bank passwords, learn where I store data online and what social networking accounts are connected with me.
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux
The more we see of the Snowden revelations the more we wonder, when did the English speaking world become a police state?
The latest news was reported January 30th by the Canadian Broadcasting Corporation (CBC), from which we learned that all the electronics eavesdropping hasn’t been being conducted solely by the U.S. and the Brits. The Canadians have had their hand in it too.
It seems that Communications Security Establishment Canada (CSEC), a Canadian spy agency, has been using the free Wi-Fi at “a major Canadian airport” to track wireless devices, which presumably would include laptops as well as phones and tablets. The surveillance would continue for days after visitors passed through the airport.