techworld.com: Secunia has found that the number of security bugs in the open source Red Hat Linux operating system and Firefox browsers far outstripped comparable products from Microsoft last year.
linux.com: Palamida, the San Francisco company that helps companies to audit their use of open source software, has released a list of what it calls "the top five most overlooked open source vulnerabilities." To this list, Palamida has added an additional five vulnerabilities exclusively for Linux.com.
Matt Asay: Valleywag reports that SourceForge.net was hacked Wednesday, resulting in site downtime while SourceForge tracked down the hacker. SourceForge's Ross Turk confirms the report.
Also: Can Sourceforge marketplace open the cash drawer?
GCN: While most security specialists would agree on the high quality of SELinux, proponents are arguing this framework is the only one that should be needed for the open-source operating system kernel. In fact, it would eliminate the need for the Linux Security Module, an open platform for outsider developers to build their own security frameworks for Linux. And this idea has raised the ire of Linux keeper Linus Torvalds.
PCWorld: This week Microsoft Corp said it would patch Windows to reduce the risk of a new kind of Web-based security vulnerability, but security researchers say that other operating systems are probably at risk too.
Geek Pit: Debian Administration has an article up about the usefulness of firewalls. Are they really necessary? If you consider a firewall as just a non-stateful, layer-3 packet filter, then I would agree they are not very useful. However,
blogs.techrepublic.com: Recently consumer auction giant eBay announced that nearly 1,200 registered eBay users information was stolen via phishing attacks. That’s not shocking. What’s shocking is that it’s very likely the phishers were using rootkitted Linux boxes.
builder.au: Security experts have discovered TIFF-based buffer overflow vulnerabilities in OpenOffice, which could allow attackers to remotely execute code on Linux, Windows or Apple Mac-based computers.
the register: Downloads of Bastille Linux have always been offered through SourceForge, with Bastille-linux.org serving more as a store-front than as a primary download location. The change of ownership of the site came to light only after duty staff at the Internet Storm Centre followed up a tip that something was amiss.