Language Selection

English French German Italian Portuguese Spanish

A Tale of Two Root Exploits, and Why We Shouldn't Panic

Filed under
Security

There's no denying Linux is more secure than perpetually-patching Windows, but the past month or so has not provided an ideal demonstration.

In August, we saw the arrival of a long-overdue fix for a kernel bug that was six years old; now, in the last week or so, it's been not one but two root exploits causing a fuss.

"Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this," was the introduction on Slashdot to CVE-2010-3081, the second such vulnerability to come to light in recent days.

Preceding it by just a few of those days, of course, was CVE-2010-3301, which had actually been discovered and fixed back in 2007 before the patch was inexplicably removed again the very next year, reintroducing the vulnerability.

Put it all together, and you'll see why more than a few Linux bloggers have been scratching their heads about security.

A Matter of Size?




More in Tux Machines

Tiny quad-core ARM mini-PC runs Ubuntu with Cinnamon

A startup is pitching a $129-$199 “Imp” mini-PC on Indiegogo based on a quad-core Odroid-U3 SBC, with HDMI streaming and an Ubuntu/Cinnamon Linux desktop. A day after reporting on one Israeli-based, non-Android ARM mini-PC — SolidRun’s $100 CuBoxTV with OpenElec Linux — here comes another. Aside from the usual hyperbole found on crowdfunding pages — are we really “democratizing the digital home experience” or just buying an embedded ARM computer? — the Ubuntu-based Imp mini-PC looks like a pretty good deal. Read more

Ready to give Linux a try? These are the 5 distros you need to consider

There are so many Linux distributions that choosing one can be overwhelming for a new user. One might be too intimidating for a user to even try, while another might be too simplified, blocking that user from knowing how Linux systems actually function. I have been using Linux as my primary OS since 2005 and have tried all major (and quite a lot of minor) distributions. I have learned that not every distribution is for everyone. Since I also assist people in migrating to Linux, I have chosen the 5 distros that I recommend to new users based on their level of comfort and desire to learn (or not learn) more about Linux. Read more

Review of the new Firefox browser built for developers

Mozilla recently announced a new browser version for developers on the 10th anniversary of the Firefox browser. The Usersnap team and I took a look at whether it works well for the web development process, offers developers a variety of possible applications, and if it keeps up with the Google Chrome dev tools. Read more

Mapping the world with open source

In the world of geospatial technology, closed source solutions have been the norm for decades. But the tides are slowly turning as open source GIS software is gaining increasing prominence. Paul Ramsey, senior strategist at the open source company Boundless, is one of the people trying to change that. Ramsey has been working with geospatial software for over ten years, as programmer and consultant. He founded the PostGIS spatial database project in 2001, and is currently an active developer and member of the project steering committee. Ramsey serves as an evangelist for OpenGeo Suite, works with the Boundless business development team to share about their collection of offerigns, and speaks and teaches regularly at conferences around the world. Read more