Category: Computer Tech
-
VMWare forgets about BETA code
VMWare developers recently left beta debug code in an update provided for ESX 3.5, with an expiry date built in. The result would be that users would lose access to their VM’s after applying the update and a ‘general system error’ would be indicated. While the updated update is now working and available, those who…
-
MSNBC.com is spammers’ latest victim
You may have noticed a lot of email purporting to come from MSNBC.com in the last few weeks and this is a result of a new spam campaign doing the rounds. Problem is that some of these headlines could actually be valid; even if people are intelligently looking at their email for spam, they might…
-
Open Source software protected under copyright law
A recent US federal appeals court ruling ( which overrules a previous lower court ruling ), has indicated that open source software now has the same protection under copyright law as other content. It’s quite interesting that the Business Software Alliance ( BSA ), which in the past has been the watchdog for such commercial…
-
Software design strategies
Open Source and its community-based development model is starting to give some in the commercial world a bit of a headache. You’ll remember that I’ve blogged about the fact that I think all software development will go the OS-type way in future and it seems this is happening already. We’ve already seen behemoths like Microsoft…
-
BOSD’s rule
Lenovo, IT providers to the Chinese Olympic Games, decided on XP as their choice of computing platform due to the apparent instability of Vista. It appears they forgot about XP’s instabilities as well – here is a nice BlueScreenOfDeath courtesy of Gizmodo.
-
Microsoft, Intel, Negroponte and the OLPC – we’re all one big happy family
Bryan Appleyard from the Times Online recently wrote a brilliant piece on the trials of Nicolas Negroponte’s philanthropic venture, the OLPC. Briefly, Negroponte started out with the vision of having a cheap/low cost laptop-type device that could be used in countries where it was not possible to afford the IT industry’s normal costs. These costs…
-
OpenID and SSL/DNS poisoning
Ben Laurie of Google’s Applied Security team, while working with an external researcher, Dr. Richard Clayton of the Computer Laboratory, Cambridge University, found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166). In combination with the DNS Cache Poisoning issue…
-
DNS – Source Port Randomisation
Dan Kaminsky gave a very interesting talk on the recent DNS issues as part of the Black Hat USA 2008 conference currently on the go in Las Vegas. Originally DJ Bernstein had advocated ( and put into DJBDNS ) source port randomisation as part of the DNS request but no one else had as they…
-
Windows Vista insecurity?
The following article comes courtesy of SDV: Some researchers at the recent BlackHat conference have been doing work in the area of Window Vista security and have ( apparently ) found a major hole whereby they can use .Net or similar scripting languages to effectively bypass the memory security functions built into Vista ( DEP…
-
XStore Newsletter 11
… is now available, featuring a number of security topics including the recent DNS cache poisoning issue as well as Australias attempt at web site rating.
-
A new search engine? – Cuil
Cuil was launched earlier this week and hailed ( by its founder nonetheless ) as having indexed more than tripple the amount of information than its supposed closest rival, Google. Unfortunately, the first day saw porn results been returned for non-pornography related queries – apparently as a result of high load on the quantum computing-based…
-
DNS Issues
Dan Kaminsky previewed information relating to possibly the worst DNS-related exploit ever, earlier this month. The issue is a cache poisoning vulnerability and can result in DNS answers containing fiddled information. This is actually a general design issue more than any vendor-specific issue. Imagine entering a url in your browser and been taken to another…
-
KDE 4.1 released
The final version of KDE 4.1 is now available. While the 4.x series has been a bone of contention for many in terms of the radical change it has brought, 4.1 completes a lot of the work that has been brewing over the last year. While there are still areas needing to be addressed, 4.1…
-
KDE frontman dies
Uwe Thiem, long time Namibian representative of KDE in Africa, died earlier this month of sudden kidney failure. Besides being the first to right a KDE book and being one of the original KDE developers, Uwe worked tirelessly to promote KDE and OSS specifically in the African context. He’ll be sorely missed. KDE 4.1, released…
-
Sysadmin Day!!!
This blog has been a bit empty lately but never mind, Sysadmin day is here. For those actually interested, please go to: http://www.sysadminday.com/ Note carefully the Gift Idea section where you can get ideas of items to send me. Anything over R10K is acceptable.