Monday, January 26, 2009

MS struggling with free

Read an interesting article by Matt Asay on why MS will try anything to destroy and distort Linux, including using its lackeys IDC to "educate" users on the "true" cost of using Linux.

Cost is of course an interesting aspect of going Linux but it is not the only concern.

Well let the propaganda wars begin.

Wednesday, January 21, 2009

Downup, Conficker, Kido or whatever

Hmm, all the major news portals have had their piece on the current "viral epidemic" that is sweeping all the computers of the world.

Ehh...I don't run Windows so how does this news affect me? Heck, sad to say I only knew of its name like 15 minutes or so ago.

Since running Linux full-time, I never had to actually bothered to check the latest and the greatest from the wonderful world of Windows worms and viruses. Such bliss!

Sometimes I wonder whether the "security" industry is solely based on the premise of how bad Windows is. I mean if Windows one day releases a super patch that fixes all its vulnerabilities (ok, stop giggling and let's play pretend ok?), I wonder do companies like Trend Micro or Symantec will be relevant.

Symantec tried to be relevant in buying Veritas, well, all they did is to make Veritas even crappier than before. And God help the user who bought into Symantec's marketing campaign. I don't need AVs anymore, but Symantec's NAV has got to be the worst in the market. I would draw a parallel to Maxis' 3G service.

Of course back in the good old days of being a penniless and starving freelancer, Windows was my favourite platform. I mean, I used to pray that all my customers' computers will somehow be so badly infected or messed up that they will call me. Alas, there is a God because he blessed me with Microsoft Windows.

Now back to my blissful existence.

Tuesday, January 20, 2009

RHEL 5.3 is released.

Three weeks or so from now the Centos project will follow suit. The full list of improvements are here.

Thursday, January 15, 2009

Boycott of US goods?

Of late there are many calls to boycott US made goods. While I can understand the anger towards the on-going atrocities in Palestine, fact is practically everything we use or eat everyday has something that comes from the US of A.

An ex premier started the call for boycott, starting with all things, the venerable Coke. While I have for all intents and purposes have stopped drinking sugar water, perhaps he should start by do a live demo of ripping out his US-made pacemaker! C'mon man talk is cheap. Be a man and not a KJ!

Hmm, perhaps we should stop buying and start ripping out MS Windows or MS Office (good idea!), burn all our US artistes' CDs and DVDs (after all most are bought from the neighbourhood Ah Beng anyhow, right?), tell our bosses to stop buying Dells, HPs or IBM because if they do,they are supporting a terrorist state!

Since we are at it, fellow freedom loving OSS people, remove all Fedora/RHEL, Novell SLE/OpenSUSE installations, and perhaps get yourself some Ubuntu love!

Smash all your Thinkpads, Inspirons, HP notebooks. Buy Acers or the many Cap Kapaks or Chinese knock-offs instead. Stop supporting a terrorist regime by buying an American brand!

Excuse me now for a moment now, I need to get the fire axe and my IBM server farm real acquianted now. Hey I am not mad just doing my part answering the call to not use US stuff.

Tuesday, January 6, 2009

Security add-ons for Firefox

Firefox is currently the fastest growing web browser in the world and at last count commands over 20% of the browser market share. Firefox is popular not only because it costs us nothing to download/use/distribute but it also seem to have an inexhaustible array of add-ons/extensions to enhance its looks and funtionality.

What many may not know is that, Firefox can also be used as a pen-test/auditing tool. The Hackbar add-on contains several tools to test XSS, SQL Injection etc, pretty nifty toolset especially for programmers who want to audit their apps before going live.

A smaller set of utilities for just auditing SQL Injection is also available.

There is also Firekeeper an IDS for Firefox that works with definable rules that are Snort-like.

There is an interesting paper entitled Turning Firefox Into an Ethical Hacking Platform that showcases FireCAT (Firefox Collection of Auditing Extensions), a collection of add-ons/extensions that will turn Firefox into a security toolset. FireCAT 1.4 is the latest release and can be downloaded here

The entire tarball is about 9.4 MB.

For GPG users like me, I rely on FireGPG to allow me to sign/encrypt when I use my Gmail account.

Note that while most Firefox extensions are generally workable across computing platforms (Win/NIX), I have tried them on my GNU/Linux machine running Firefox 3.x only.

Happy Hacking!!!