Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping
The link above takes you to an article talking about a cryptography library that supposedly has a vulnerability that allows people to eavesdrop on your SSL and TLS communications on websites and applications that make use of the GnuTLS library.
From the article:
“The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates included in Internet discussions such as this one indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn’t be surprising if the actual number is much higher. Web applications, e-mail programs, and other code that use the library are vulnerable to exploits that allow attackers monitoring connections to silently decode encrypted traffic passing between end users and servers.”
Oops! Now this does not mean the Linux kernel is the problem, but this does go to show you that one library can bring security to its knees (that goes for any operating system, not just Linux).
This also shows that “many eyes” does not equal security! Remember that ALL software will have security problems, whether it be Windows, MacOS X, Linux, UNIX, e-mail servers, DNS servers, forum software (phpBB, vBulletin, etc.), and even desktop word processors can have bad code that present a security risk(s) to your computer.
Worse, the open source community was warned a head of time (back in 2008 !) that GnuTLS was not safe to use (http://www.openldap.org/lists/openldap-devel/200802/msg00072.html)! Did they not the get message? Did they ignore the warning? Who knows!
Posted in Computers, Internet and Servers, Operating Systems, Software
Are you ready for the future of the Internet? – Check Your IPv6
According to Wikipedia (quoted in red):
Internet Protocol version 6 (IPv6) is the latest revision of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 address exhaustion.
IPv6 is intended to replace IPv4, which still carries the vast majority of Internet traffic as of 2013. As of September 2013, the percentage of users reaching Google services over IPv6 surpassed 2% for the first time.
Every device on the Internet must be assigned an IP address in order to communicate with other devices. With the ever-increasing number of new devices being connected to the Internet, the need arose for more addresses than IPv4 is able to accommodate. IPv6 uses a 128-bit address, allowing 2128, or approximately 3.4×1038 addresses, or more than 7.9×1028 times as many as IPv4, which uses 32-bit addresses. IPv4 allows only approximately 4.3 billion addresses. The two protocols are not designed to be interoperable, complicating the transition to IPv6.
Source (as of 12-22-2013): https://en.wikipedia.org/wiki/IPv6
I don’t think IPv6 will be used exclusively for several years. However it is wise to plan ahead and get some sort-of IPv6 setup on your home/office network.
You can check to see if you have IPv6 setup by going here: https://checkyoursix.computerlagoon.com
Posted in Computers, Internet and Servers, Operating Systems
11 Myths About GNU/Linux Operating System
Linux is a good operating system to use for servers. I use it for a router and my smartphone. However, there are many misconceptions about Linux, especially over the Internet where a lot of people are given false information about Linux. Please note that I mean no disrespect toward anyone.
Myth #1: Linux is secure…more secure than Windows.
This is one of the most ridiculous myths out there about Linux. How is Linux specifically “more secure” than Windows? There are too many variables to consider to be able to make a blanket statement like that! No self-respecting IT guy would ever say this out in public.
Conclusion: Both Windows and Linux can be secure, if you know what you are doing.
Myth #2: Linux is more stable than Windows
Another ridiculous claim. How is Linux “more stable” than Windows? One guy on WebHostingTalk switched from Windows to Linux to fix his problems he was having with his machine not being stable. Later on, he admitted that switching to Linux did not solve his problem (http://www.webhostingtalk.com/showpost.php?s=197e5f374bf0d33a54291ae1700e6f1a&p=4307417&postcount=21).
In my opinion, 99% of crashes on Windows are due to faulty hardware and/or drivers. However, both Windows (NT family) and Linux are stable operating systems when using good, stable hardware and good, stable drivers.
Conclusion: Both Windows and Linux depend upon stable hardware and drivers to be any use to the user using them.
Myth #3: Linux protects your computer from malware.
Uh…if you really believe this Linux myth, please read this: http://scalibq.wordpress.com/2013/08/11/hand-of-thief-commercial-linux-malware-kit/
Linux does not protect you from malware. It just has less malware due to Linux not having a large desktop market share.
Conclusion: Both Windows and Linux can get infected with malware. However, Windows is the larger target, but this does not mean that Windows is easier to infect, nor does it mean that you are guaranteed to get malware when using Windows.
Myth #4: Linux is free.
Well…true…Linux itself is free.
However, consider that more than likely you will be spending a lot of time setting up your Linux computer (finding drivers, getting printers to work, getting your scanner to work, getting your Windows only program to work in Wine, etc.)
“Time is money” as they say.
Conclusion: While economically Linux is free, Linux is not totally free, if you end up burning time (more like wasting time) trying to get things to work in Linux that worked fine in Windows. In a business environment with a Windows setup, switching to Linux would be no easy task, that is for sure.
Myth #5: Linux gives you everything you need out-of-the-box.
This is one of the more stupid myths. If everything came out-of-the-box that I need, then why do I have to setup specific software (that is not installed by default) on a Linux box when I set on up?
Conclusion: Too many variables to account for to make a blanket statement that Linux gives everything the user needs out-of-the-box.
Myth #6: With Linux you do not need to get drivers for your devices.
I had one wireless card that would absolutely not work with Linux out of the box, and printers usually do not work for me out-of-the-box on Linux either. Also, I would recommend using the manufacturer’s Linux drivers (if they have any for your device) in place of the drivers that came with the Linux distribution and/or updates.
Conclusion: Devices do not always work out-of-the-box with Linux. Same goes for Windows.
Myth #7: You can update *all* your Linux software at once using the built-in Linux updater.
What if you installed something via RPM or DEB manually (compiled from source or not)? How would you get the package manager to automatically update the manually installed software?
Conclusion: Not everything necessarily will be able to be automatically updated in Linux via the package manager.
Myth #8: You can find any type of software you need when using Linux.
What if someone needs to use a specific piece of software that is Windows-only? Using WINE to run Windows software on Linux is not a solution for everyone. WINE on Linux successfully running Windows software is hit and miss at best.
Conclusion: Linux may not have all the software that every computer user needs or even wants to use.
Myth #9: Linux does not have hard drive fragmentation.
When you delete files (on any file-system, NTFS, ext4, ext3, UFS, FAT32, FAT, ZFS, etc.), you leave gaps in the file-system. These gaps will be filled with other files, but you will also have files before and after the new file. So when the computer goes to access the data, it has to sift though all of the data to find the bits and pieces it needs to complete the task.
Linux does not magically have a “no fragmentation” problem. If someone ever tells you that Linux does not have a fragmentation problem, that person does not know what he/she is talking about.
Conclusion: The file-systems for Linux can get fragmentation.
Myth #10: Many eyes on open-source projects keep the projects secure.
If anything, there would be so much code (like in the Linux kernel) that no one could constantly go through all of the code to make sure that no “monkey wrenches” have been thrown into the works. 🙂
Also, you are really trusting competent strangers to make sure the code you use is “secure”. Can they be trusted? Maybe yes…maybe no.
Conclusion: Not only is this idea a myth, but it is illogical.
Posted in Operating Systems
Everything Should be Open Source?
Have you ever heard the phrase “everything should be open source”? Do you know why you use open-source software, or do you just use open-source software because a friend recommended it to you or it is the “thing to do”?
I used to frequently look for open-source software a few years ago. My attitude on that changed. I now, for the most part, use whatever I need to get the job done – open source or not.
For example, I use WordPress. That is open-source web software. I use it because it is free and because it fits my needs. Can I use a proprietary solution? Probably, but why would I do that since WordPress fits my needs?
Ask yourself these six questions if you are frequently tempted to always choose open source. If you can answer “Yes” to at least two of these questions, then in my opinion, you are good in choosing the open-source solution over a possible free closed-sourced or paid solution.
1. Do I know anything about the programming language(s) that this open-source software is written in?
2. Do I really need to make any changes to the open-source software, or is having it open source just “the thing to do”?
3. I do not require paid technical support.
4. Does the open-source solution offer features that are even close to the features of the paid (or free closed-source) solution?
5. Does the open-source software have good documentation?
6. Does the open-source software work with the operating system you are most comfortable using (albeit Windows, Linux, FreeBSD, MacOS X, etc.)?
Posted in Computers, Internet and Servers, Operating Systems, Software