We couldn’t help but want to share this cartoon that we stumbled upon while purusing Twitter this evening. It makes fun of our favorite subject…
FOSS Force
U.S. News & World Report was the first to announce this afternoon that the Senate will evidently not vote on the cybersecurity bill known as the Cyber Information Sharing and Protection Act or CISPA. According to a report published on their website, the news organization has received assurances of the bill’s death from an unnamed member of the U.S. Senate Committee on Commerce, Science and Transportation that has been considering the bill as passed last week by the House of Representatives:
It definitely wasn’t worth the effort and I wouldn’t do it again. Now I’ve got this crapware from Apple on my work computer, which I guess I could remove.
All I wanted to do was click and listen to about an eight second sound bite of a recently discovered recording of Alexander Graham Bell saying, “Hear my voice, Alexander Graham Bell.” I’d found an article on the discovery and recovery of the 1875 recording on the BBC’s website, which offered a link to listen on the Smithsonian’s site, which I clicked.
I found out early this afternoon, when Carlos DarthRivan commented on a link on our Facebook page. The link was to an article on the anticipated release of the first phones running the Firefox OS. They were scheduled to be released by GeeksPhone, a young Spanish start-up mobile telephony company.
“Geeksphone started selling them yesterday and went ‘sold out’ in few hours. Let’s see if this will be the OSource alternative to Android and iOS.”
Excuse me if I show more than a little childlike exuberance, which I know is unbecoming to a person my age, but I found this to be exciting–perhaps the most exciting news to come out of the FOSS world since SCO’s smoking gun turned out to be lines of code “stolen” from BSD. But that’s just me.
In case you haven’t heard, the popular open source website platform, WordPress, is under attack by black hat hackers. These attacks are being waged primarily against sites using the WordPress platform that are not being hosted on wordpress.com. According to KrebsonSecurity, a small botnet is being used to break into the back door of WordPress sites in an apparent attempt to build a super botnet:
“According to Web site security firm Incapsula, those responsible for this crime campaign are scanning the Internet for WordPress installations, and then attempting to log in to the administrative console at these sites using a custom list of approximately 1,000 of the most commonly-used username and password combinations.
“Incapsula co-founder Marc Gaffan told KrebsOnSecurity that infected sites will be seeded with a backdoor that lets the attackers control the site remotely (the backdoors persist regardless of whether the legitimate site owner subsequently changes his password). The infected sites then are conscripted into the attacking server botnet, and forced to launch password-guessing attacks against other sites running WordPress.”
We’re not ready to tell you we think it’s safe to reactivate your Java browser plugin–in fact, just the opposite–but we will say that Oracle is at least giving the appearance they’re now serious about addressing browser-side Java’s safety. Early last week they issued a security patch that fixed either 41 or 42 Java security issues, depending on what website you’re reading.
Excuse us if we don’t seem too impressed. At this juncture all we’re willing to do is say with utmost snark, “It’s about time.”
Online privacy advocates finally got what they’ve been asking for when President Obama yesterday threatened to veto the Cyber Intelligence Sharing and Protection Act (CISPA) if congress doesn’t amend it to include more protections of privacy and civil liberties. The administration began signalling displeasure with the bill last Thursday when Caitlin Hayden, of the National Security Council, indicated the President might not support the measure as worded, after it was approved by the U.S. House Intelligence Committee.
While that statement didn’t carry a specific veto threat, Hayden was clear in her message that the President wanted to support some form of CISPA, but that the bill did not yet contain enough privacy and civil liberty protections:
Zuck the suck has a lot to learn about being cool and hip.
Last week Mr. Social proved that neither he nor his little Facebook site have an inkling of hippness away from the Starbuck’s universe, when they decided a historical photograph from counter cultural Toronto, taken in the late 60s or early 70s, was nothing but unacceptable nudity, or worse, porno.
Then again, I could be wrong. This could merely be a case of a computer algorithm with penis envy.
Some time after midnight Thursday morning, after getting home from my “day” job, I upgraded my laptop to the latest version of Bodhi Linux, numbered 2.3.0, which was announced on Easter Sunday by the project’s Lead Developer, Jeff Hoogland, on his blog Thoughts on Technology.
This isn’t a major upgrade. I’m sure there are some bug fixes and minor enhancements, but it mainly upgrades some essential software, such as the Linux Kernel, Enlightenment window manager, Midori browser, Terminology terminal emulator and Ubiquity, the Ubuntu default installer used by Bodhi. In addition, this update adds eCcess, a new system tool, and includes a slew of new themes for dressing-up the desktop.
An interesting item came down the pike yesterday by way of Katherine Noyes on PCWorld. It seems that Alex Limi, a project design strategist at Mozilla, has blogged some concerns he has over Firefox being too configurable. It appears he’s become aware that it “…ships with many options that will render the browser unusable to most people, right in the main settings.”
This is absolutely true, but does it really matter?
I remember, many years back, I was clicking away inside Firefox when I managed to make the Menu Bar disappear. This was quite problematic because with the Menu Bar missing there was no place to click to reinstate it. I frantically searched around online, seemingly forever, until I finally found the fix. I’d like to think that I learned something from the experience, other than don’t click away the Menu Bar, but I don’t think I did for I have no memory of what I did to restore the missing item, so if I were to do it again I’d find myself back in the same boat.
Guess what? We’re hearing reports this morning that the black hats are continuing to take advantage of security vulnerabilities in Java. Of course they are. That’s what black hats do. We’re also hearing from security experts that browser side Java isn’t likely to be made secure in the near future.
Oracle’s management of Java since obtaining it from Sun has been nothing short of a joke. It’s about time for them to decide if they want to keep Java or not. If they don’t want it, they need to spin it off or let it die. If they think it’s a valuable part of their software portfolio, they should treat it as such and work overtime to make it safe.