Joshua Ebarvia has a point about security practices in the June 2009 Letters section, and I'm disappointed with the response. I think LM could do more to decrease the confusion among non-experts in this matter. Please consider the following questions:
"There has not yet been a single widespread Linux malware threat of the type that Windows software currently faces." (Wikipedia). Then, why do I see almost daily a warning to upload security patches?
Security precaution depends on the kind of computer work. To be specific, is it wise to shut down Internet connection when working as root? Or working with WINE? What is needed to be sure that financial transactions are secure, in particular when using wireless connection?
Looking at the flickering LEDs of my Internet adapter (modem) I get the impression that I'm out of control of data traffic. Most Window users long ago gave up to be in control of their PC, but Linux should not have to be so passive. Why can I not start a program that tells me what kind of data go in and out and enables me to stop unwanted traffic? Of course this interrupts computer work and should be used only to take test samples.
We take security seriously, and we try to cover it often. Recent issues of our magazine have discussed topics such as firewalls, encryption, intrusion detection, and one-time passwords. Our February 2009 issue included an article on some best practices for wireless connections. Although we offer lots of useful information for beginners, a magazine by nature is not structured like a HowTo document or an online Help page. If you are new to Linux, you might occasionally need to do some background reading to understand the underlying concepts. The INFO box included with many of our articles can help find resources.
Although Linux is well protected against viruses, worms, and other forms of the file and email threats known as malware, Linux systems are still vulnerable to network attack. The problems addressed in security updates typically relate to vulnerabilities in legitimate software, as opposed to malware programs, which are designed with the specific intent of breaking in or doing damage.
Several tools exist for controlling and monitoring network traffic, and those are exactly the kinds of tools we like to talk about. They do, however, tend to be advanced applications for experienced users. For instance, last month we had articles on the Portsmith authenticating firewall and the OSSEC intrusion detection tool.
The first issue of our new sister publication, Ubuntu User, is on newsstands now and includes an extensive Discovery Guide section for beginning users. Although the discussion focuses on Ubuntu, many of the topics discussed in the Discovery Guide are also applicable to other Linux systems.
Linux for Business
I'm starting up a business in maintenance services for industries and commercial buildings and I want to use state-of-the-art information technology based on Linux. But I have some questions that will help me decide whether I go for Linux or the other thing.
First, I depend on a few programs like SAP financial, an asset monitoring system named Datastream, and my maintenance technicians must use mini laptops in the field to make reports that are sent to base. All these applications are Windows based. Are there substitutes, or can I work with these applications in a Linux environment?
Robert van den Burg
Lennart Poettering wants to change the way Linux developers talk to each other.
Enterprise giant frees itself from ink and home PCs (and visa versa).
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.