Marketershandbook.com DirectoryYou are here » Marketershandbook.com » Links Directory » Computers » Security (0)
Security RSS FeedsOpen Source Release Takes Linux Rootkits Mainstream - LinuxSecurity.com: The art of burying invisible malware deep inside a Linux machine is about to go mainstream, thanks to a new open-source rootkit released Thursday by Immunity Inc., a firm that supplies tools for penetration testers. When implemented, Immunity's DR, or Debug Register, makes backdoors and other types of malware extremely difficult to detect or eradicate. Learn how a new open source rootkit will make it easier to cloak malware on Linux boxes. How do you think Linux intrusion detection systems like rkhunter will deal with this challenge? Read on. ...Feed Source: www.linuxsecurity.com SELinux Memory Protections are Your Friend - LinuxSecurity.com: I don't know what a Zend Optimizer is, but it apparently does not play well with SELinux. I've encountered a blog entry by someone who has tried to do the right thing and keep SELinux enabled, after finding the code for a policy module which makes this stuff work. When loaded, this will enable the web server to execute memory on its heap, stack or certain types of executable memory allocated via mmap(2). These are well-known attack vectors and disable some very important memory protection mechanisms. See Ulrich Drepper's SELinux Memory Protection Tests for details. What to do when SELinux does not work with a software that you want to run? This article looks into how memory protection in SELinux maybe the cause of the problem.... Google Chrome Flaws Come Soon After Browser Release - LinuxSecurity.com: Less than a day after Google arrived on the browser scene with the launch of Chrome, two security researchers have disclosed separate vulnerabilities that could be exploited to compromise the software. Researcher Aviv Raff told SCMagazineUS.com on Wednesday that Chrome suffers from the same "carpet bomb" vulnerability once present in Apple's Safari for Windows, by which the browser does not require user permission prior to a download. Read about two new security vulnerabilities discovered in Google's Chrome browser. How do you think Google will respond to dealing with these flaws? Read about it in this informative article. ... Responds to Allegations That AppArmor is Dying - LinuxSecurity.com: A recent post from Russ Coker entitled AppArmor is Dead was tolling the death bells for AppArmor because SUSE decided to include SELinux in their operating system not as the default, and not as a replacement for AppArmor, but it was included nonetheless. Russ determined that this was the beginning of the end for AppArmor, and I read it with some interest largely because Mandriva has settled on AppArmor as our security solution largely because it fits with our ideal of making things nice and easy for our users. So of course, a post that seems to bring doom and gloom about our security solution is something we're interested in reading about because if it's true, then we've invested time and effort into the wrong solution. This article discusses the debate of AppArmor's future. What do you think will happen to AppArmor? Will SELinux become even more popular as a security framework? ... New Firefox Plug-In Double-Checks So-Called Unsafe Sites - LinuxSecurity.com: Like other new browsers, the latest version of Firefox has made security a top priority, and it will alert the user if a site you're about to click on appears to be a hacker's hook. However, the way it and other browsers go about determining that sometimes results in false positives. A new Firefox plug-in adds an additional layer of verification.Intercepting Internet traffic and spying on the communication Improve customer service and productivity with Avaya Unified Communications. between two computers is a gold mine for hackers. Now Carnegie Mellon University researchers hope software they've built will make it harder for criminals to hit that jackpot. This article looks at a new plug-in for Firefox that is designed to prevent users from going to malicious websites. Have you testing this plug-in out, if so what do you think about it? Does it have too many false negatives?... Security-Wise, Google Chrome is (Potentially Very) Good - LinuxSecurity.com: Security bloggers are already commenting on Google's slightly premature "Chrome" browser leak. Built on top of the Apple sponsored WebKit engine, the browser offers several security features that we have only seen so far in the beta releases of IE8. The most interesting feature discussed so far is the strict memory separation afforded by the technology, where each web application will operate in its own memory space with its own virtual machine for code execution. Web browser security is important to help protect users from computer attacks. With Google's new browses being released, how do you think it's security features will be compared to Firefox and IE?... Fedora 9 Update: samba-3.2.3-0.20.fc9 - LinuxSecurity.com: Security fix for CVE-2008-3789 detailed in the upstream advisory: http://www.samba.org/samba/security/CVE-2008-3789.html... Mandriva: Subject: [Security Announce] [ MDVSA-2008:186 ] python - LinuxSecurity.com: Multiple integer overflows were reported by the Google Security Team that had been fixed in Python 2.5.2 (CVE-2008-3143). The Python packages on Corporate 3 have been updated to the latest version 2.3.7, which corrects this issue.... Gentoo: MySQL Privilege bypass - LinuxSecurity.com: A vulnerability in MySQL might allow users to bypass privileges and gain access to other databases.... Gentoo: dnsmasq Denial of Service and DNS spoofing - LinuxSecurity.com: Two vulnerabilities in dnsmasq might allow for a Denial of Service or spoofing of DNS replies.... Review: Hacking Exposed Linux, Third Edition - LinuxSecurity.com: "Hacking Exposed Linux" by ISECOM (Institute for Security and Open Methodologies) is a guide to help you secure your Linux environment. This book does not only help improve your security it looks at why you should. It does this by showing examples of real attacks and rates the importance of protecting yourself from being a victim of each type of attack. ... Security Features of Firefox 3.0 - LinuxSecurity.com: Lets take a look at the security features of the newly released Firefox 3.0. Since it's release on Tuesday I have been testing it out to see how the new security enhancements work and help in increase user browsing security. One of the exciting improvements for me was how Firefox handles SSL secured web sites while browsing the Internet. There are also many other security features that this article will look at. For example, improved plugin and addon security. Read on for more security features of Firefox 3.0. ... IBM Business Transformation - IBM's Business Transformation. Business Week
writes about IBM's focus on business transformation services: "BM, with
its legions of PhDs and closets full of patents, is not built to duke
it out with the likes of Dell. Palmisano's strategy promises a neat
escape. Instead of battling in cutthroat markets, he takes advantage of
all the low-cost technology by packaging it, augmenting it with
sophisticated hardware and software, and selling it to customers in a
slew of what he calls business transformation services. That way IBM
rides atop the commodity wave -- and avoids drowning in it." [E M E R G I C . o r g]... MSNBC: "HERE COME THE VLOGS - MSNBC: "HERE COME THE VLOGS".
MSNBC: Ready for your close-up? Here come the vlogs is a great snapshot of videoblogging by Michael Rogers. He namechecks all our favorites including Rocketboom, Ryanne, Jay, Human Dog, Steve Garfield, and Dylan. He also mentions the tools making it easier to find videoblogs, such as ANT and ... Do The VoIP Math. - Do The VoIP Math.
Russell Shaw does the math and shows how VoIP is cheaper than a cell
phone only.I agree. Which is why I think the wireless companies need to
be in the VoIP business and fast . [VoIP Watch]... Blog, Vlog, Podcast, Mobcas - Blog, Vlog, Podcast, Mobcast. So many new words, so little time.
Blog (web log), Vlog (video web log), Podcasting (including audio in
your RSS (really simple syndication) feed for download into an Apple
iPod or other MP3 player) and Mobcasting (mobile podcasting) an Andy Carvin
acronym which posits the use of smart phones to create podcasts -- are
all relatively new words that represent one extremely big idea --
unfettered plebeian access to the fifth estate.
Until a few years ago, governments (secular or non) had almost
complete control of information. That made (and continues to make)
information a form of currency -- like the military and other stores of
economic value. These "new words" are much more powerful than the
technologies they represent, they speak a new language of information
and, to be sure, currency.
The value you will place on this information is in direct
proportion to the use you have for it. Most people won't care about the
ranti...
Small telecom carriers focus on providing choices. - Small telecom carriers focus on providing choices.
WASHINGTON - As traditional competitive local exchange carriers (CLECs)
retool to keep up with U.S. regulations and battle the huge regional
Bells, a range of new business models are emerging. [InfoWorld: Top News]... Ten To Watch in Mobile Content - Ten To Watch in Mobile Content. This is not a definitive list, just
a list of smart young blood in the mobile content sector. Notice that
except for one, none of them are CEOs (yet), but you’ll hear a lot
from and about them in the next few years (that was the criteria). Just
a way of recognizing the people in the second wave of mobile content
(in no particular order):
» Greg Clayman, Vice President, Wireless Strategy and Operations, MTV Networks
» Rio Caraeff, mobile head at Universal Music
» Thomas Ryan, Senior VP, Mobile Development, EMI Music
» ...
Telesym Podcast: the Future of VoWLAN. - Telesym Podcast: the Future of VoWLAN.
If you're interested in where Voice over IP over WLAN is heading in the
enterprise, listen to this interview with Telesym: I met over in
Bellevue, Wash., today with Telesym, a firm that extends an
enterprise-based phone exchange (PBX) system into laptops, handhelds,
and "scanners": bar-code devices used in retail and logistics by store
and floor personnel. I spoke with Mike Houston, Telesym's director of
Marketing, Ken Myer, senior VP of sales and marketing, and Jennifer
Gehrt, a founding partner at Communiqué Public Relations about
Telesym's position in the market, but more largely about the future of
VoWLAN. (Ken had to leave for a meeting, so I spoke primarily with Mike
in this podcast). You'll hear at the outset of the recording after my
introduction a conversation we had using Telesym technology: I was on a
USB headset connected to a Telesym client running under Mac OS X; Mike
w... CLEC New Business Model - CLECs search for new business models.
WASHINGTON - Recent months have been tough for competitive local
exchange carriers (CLECs), as their allies get gobbled up by
competitors and the government dismantles network-sharing regulations.
But CLECs say they will survive by adopting new business models and
focusing on customer relations. [InfoWorld: Top News]... Podcasting The Night Away. Forbes: - Podcasting The Night Away. Forbes:
"For now, Podcasting is no threat to radio as we know it. But pay
attention to it. It may not always be called Podcasting, and it may not
always be free in the way it is now, but as we've seen with MP3s, these
things sometimes have a funny way of taking on a life of their own." [Adam Curry's Weblog]...
New Free VoIP, Video & P2P IM Client using Open Standards. - New Free VoIP, Video & P2P IM Client using Open Standards. ineen
is new P2P IM software with VoIP and Video that's easy and free to use.
The client was built using Xten's eyeBeam SDK and makes use of SIMPLE
for P2P IM and Presence. VoIP is supported by SIP and the Video media
is H.263[+]. You can use ineen to call over other networks as well,
including: Free World Dialup, SIPphone, & iptel.org.
Xten will be demonstrating ineen at VON next week. [SIPthat.com]... Searching for weather, by web or phone - Searching for weather, by web or phone
As a kid, I would stare for hours at repetitious weather reports on TV.
Boring, you say? Not to me - I love weather. And since I've worked
here, I've wondered why Google doesn't do weather. It seemed like a
perfect 20% project
for me, so now I'm pleased to report that you can get
current conditions and a forecast
by typing [weather Chicago], or whatever your U.S. location is (zipcodes are also fair game). If you prefer, use
Google SMS
to send a text message to the U.S. five digit shortcode 46645 (GOOGL on
most mobile phones) followed by your meteorological query.
Ben Sigelman
Sof... VON 2005 - Spring 2005 VON: In the News Today. Investors Business Daily - March 7th: Internet Telephone Service Buzz Comes Calling At Big Trade Show
Mercury News - March 6th: Phone calls destined to be sent like e-mail, as packets of data (requires subscription)
[The Jeff Pulver Blog]... SODA - SODA. A month
or so ago, I was reading a Gartner handout for a conference, and came
across an acronym they invented- SODA[1]. SODA (Service-Oriented
Development of Applications), as Gartner defines it, consists of the
following areas: []... Yahoo Web Service API - Yahoo Web Service API.
Yahoo joins the growing number of web sites exposing their API as Web
Services. Their API is available from Yahoo Developer Network . []... Copyright © 2008, Marketershandbook.com. All Rights Reserved. |