Press "Enter" to skip to content

Posts published in “Security”

ZoneAlarm: Defining the Difference Between Freeware and Free Software

The other day, when my friend’s laptop spit-up a warning from ZoneAlarm that she was no longer protected, I stood over her shoulder and instructed her to update the firewall. The warning was basically a scare tactic, of course. Without the update she would still be protected, just as protected as she had been the day before. She just wouldn’t have any new whiz-bang features included in the update, nor would she be able to take advantage of any new security enhancements.

We ran the default install. This was Windows, so there had to be a reboot. After that, we opened the browser to find that the homepage had been reset to a ZoneAlarm themed Google search page. We had not opted-in to any such change; the ZoneAlarm folks had just taken it on themselves to hijack Firefox’s revenue, which I didn’t think cricket.

The Death of Zune, the Resurrection of WebOS & Kernel.org Returns

Friday FOSS Week in Review

It was already a slow week when the news came on Wednesday of Steve Jobs’ demise. Since then, most tech sites have been reporting on not much else. As always, however, there were a few things to note…

Privacy Issues with Kindle Fire’s Silk Browser

Almost as soon as Amazon unveiled their new Kindle Fire tablet last Wednesday, Naked Security raised some privacy concerns about the device’s browser, called Silk. It seems the browser, in order to offer a quicker user experience, does most of it’s heavy lifting in the cloud:

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Secure Boot: What’s Microsoft’s Agenda?

Secure boot is the sort of security solution Microsoft loves. Back in the days when Windows was even less secure than it is now, one of their security solutions was to have software vetted and signed. Although this might have helped enterprise customers a bit, it did little to make the home user more secure, as any software would still install normally after clicking through an “are you sure” warning. If this scheme did anything, it hurt small vendors who couldn’t afford to go through the process of having their software approved by Redmond.

Secure boot is the same sort of scheme, except this time there’s no “are you sure” screen to click through. If a user is trying to install an operating system (or even run one from a live CD) on a machine with secure boot enabled, that operating system will have to have unlock keys to enable hardware devices. These keys are provided to the creator of the operating system at the whim of the hardware makers.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Can Penguins Dance on a Dell, Will Reiser File Again, Are Samsung and Intel Going to the Prom?

Friday FOSS Week in Review

The biggest news this week has centered around fears that Linux may become uninstallable on Wintel machines from the big OEM’s. But there’s been more. Some fun stuff. Some silly stuff. Some stuff that might eventually develop into something important…

Secure Boot Has Penguinistas Buzzing

Last week on FWIR I mentioned there was a storm beginning to brew around Windows 8 and secure boot, which could potentially keep Linux from being installed on some computers once they’re implemented. Well, it’s not just brewing anymore, it’s a full fledged storm with hurricane force winds.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Kernel Archives Hacked, SCO Dies Again, More HP Changes & More

Friday FOSS Week in Review

It’s been a busy week in the FOSS world. Evidently everyone’s been in a hurry to make some news happen before leaving town for the Labor Day weekend. Well, lots of FOSS news is good for me, makes my job easy, so here goes…

HP Makes PR Changes After WebOS/PC Fiasco

I’ve been working on a story all week on the mess at HP caused by the all-at-once and probably premature announcement they’re dropping WebOS, smartphones and consumer PCs. One trouble, I keep having to go back and rewrite stuff, because the story is still very, very fluid and new aspects keep popping up almost daily.

On Monday, Bloomberg Businessweek announced that HP’s chief communications officer, Bill Wohl, will be moving to a “special assignment.” Chief Marketing Officer Marty Homlish will be picking up the slack with the corporate communications team and Lynn Anderson will take care of PR’s day-to-day operations, at least for the time being. According to the Bloomberg, both Wohl and Homlish have a history with CEO Leo Apotheker that predates his tenure at HP:

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Happy Birthday Tux, Android Number One in Malware & Kubrick to the Rescue

Friday FOSS Week in Review

I’m back from vacation and raring to go. Of course, when I decided to take time off, all heck broke out in the tech world – isn’t that the way it always goes. Now that I’m back, things will probably slow down and I’ll find myself begging for things to write about. Of course, the biggest story this week has little direct connection with FOSS, but has to do with Apple…

Steve Jobs Resigns as Apple’s CEO

By now, I assume everyone’s heard the news about Steve Jobs’ resignation as CEO of Apple, presumably due to health reasons. For the time being he’ll be staying on as board chairman and will continue in some undefined role as an “employee.” He’ll be replaced as CEO by chief operating officer Tim Cook, who’s worked closely with Jobs for thirteen years. By all accounts Cook is capable and is credited with solving the company’s supply problems early in his tenure at Apple. To my thinking, it’s much too soon to tell how Jobs departure will affect Apple, though it’s certain his absence will be felt.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Congress Considers Stepping on Rights, Windows Mobile Share Nil & Whose DNA Is It Anyway?

Friday FOSS Week in Review

With the Black Hat Conference going on in Las Vegas, and with Congress messing around where they shouldn’t, this has been a busy week in the FOSS world. Some of the news is good; some of the news is not so good. I’ll start with a rant…

Proposed Data Retention Bill Would Chill Free Speech

The House will soon be considering a bill that will require ISP’s to maintain logs of their customers Internet use for a 12 month period. As I understand it, the law would include a customer’s browsing history, credit card numbers, etc. The stated purpose of the proposed law is to catch pedophiles visiting child porn sites, but everybody who knows anything about the Internet agrees it won’t be very effective at doing that. What it will do, if enacted, is bring Orwell’s “Big Brother” vision a little closer to home and make your network connected devices look even more like telescreens than they do now.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

osCommerce Under Attack – So Far 3.79 Million Pages Affected

The popular osCommerce ecommerce application has been under attack at least since last week, according to web application security firm Amorize. At last count the attack has affected more than three million pages. The attack, in the form of an iFrame injection, utilizes several vulnerabilities in older versions of osCommerce. The latest version doesn’t seem to be affected. Any business using an older version of osCommerce is advised to upgrade immediately.

The Zen Cart ecommerce application, which was initially a value added fork of osCommerce, doesn’t seem to be affected. Kim Elliott, one of the founding members of Zen Cart, told me, “As far as I know there hasn’t been a problem. As long as you have our latest version and file permissions set correctly you shouldn’t have any issues.”

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Google’s Problems with Android Apps, Webmaster Tools and Oracle – RMS Says “Don’t Go There”

Friday FOSS Week in Review

Google’s been everywhere in the news this week, so much so that I’ve considered calling this week’s column “Friday Google Week in Review.” It’s not all Google, however, but it is all interesting – at least to me.

8% of Android Apps Leak Data

On Tuesday, security site Dark Reading reported that Neil Daswani, CTO for security firm Dasient has found that about 8% of Android apps leak user data. In a study that will be released in full at next month’s Black Hat conference in Las Vegas, Daswani found that 800 out of 10,000 applications tested were found to be leaking personal data. Eleven of the apps were sending mobile spam, SMS messages, to other smartphones.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

WordPress Plugins for Security & Robustness

Yesterday I wrote about how WordPress has evolved into a first rate platform that can be easily customized. One of the ways that WordPress is customized to meet the unique needs of a site is through the use of plugins that add functionality. Most of these functions are visual and offer visitors a richer experience while on your site. Others are never even seen by the visitor and only indirectly affect his or her experience.

During site design, it can be easy to become so blinded by the the former group, the plugins that add lots of gee-whiz bells-and-whistles, that we ignore the later group that does the grunt work to increase our site’s performance. However, judicious use of these behind-the-scenes plugins can make our WordPress sites more secure and help reduce server loads, making for a safer and quicker site and a better experience for our visitors.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Security Risk in Firefox & Chrome

Many of us who use Firefox or Chrome browsers do so for security reasons. Unfortunately, this lulls many of us into a false sense of security, as there’s really no such thing as “safe” browsing. This has become increasingly true in recent years, as major content providers have insisted that a feature rich web experience should trump security, with the folks at Mozilla and Google seemingly willing to lend a helping hand.

According to James Forshaw with the security firm Context, there is a new security threat to worry about in the form of WebGL, which is enabled by default in Firefox 4 and Chrome. According to Forshaw, the risk is substantial – both to your data and to your hardware. Just to give you an idea:

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Breaking News: