This Month's News
Banking Botnets Are Worse Than Ever
Financial institutions continue to face threats from banking botnets built using trojan-style Internet attacks. The new activity occurs in spite of some recent successes with discovering and eliminating criminal botnets. According to a new report from Dell SecureWorks, users should not feel confident that the recent discoveries of the Ramnit, Shylock, and Gameover ZeuS botnets indicate a safer Internet. Several other forms of botnets are still prevalent, led by the Citadel trojan, which reportedly attacked 1,170 unique targets. The report says, "New threats arise with emerging technologies, and attacks on mobile banking platforms and advances in bypassing standard authentication mechanisms evolved in 2014."
More than 90% of the trojans were aimed at US financial institutions, but the 10% aimed at the rest of the world was still enough to cause some significant losses. More that 1,400 institutions around the world reported attacks from banking trojans.
The Register offers a concise summary of the SecureWorks report on banking botnets. You can download the full report from the SecureWorks site. Be ready to provide some demographic information.
Debian Project Releases Debian 8 "Jessie"
The Debian Project has announced the arrival of Debian 8 "Jessie." The latest release of the great free distro was two years in development. The team pledges to maintain this version for five years.
The vast Debian project includes more than 20,000 packages and supports a total of 10 architectures, including the usual Intel equivalents, as well as MIPS, IBM S/390, 32-bit ARM, and even the new ARM64/AArch64 architecture.
The change that has received the most attention is the presence of systemd as the default init system. The Debian project says systemd will provide "many exciting features, such as faster boot times, cgroups for services, and the possibility of isolating part of the services." The move to systemd was controversial, however, with many old guard Unix and Linux veterans preferring the classic SysVinit system and suspecting that commercial vendors like Canonical influenced the switch. (The SysVinit system is still available for Debian 8 – it just isn't the default option.)
The Debian package repositories contain all the popular Linux deskops, as well as user applications, network server applications, and development tools. Installation images are available for CD, DVD, USB stick, Blu-ray, and network installation. Debian also provides a pre-built image designed for the OpenStack cloud. Debian 7 users can upgrade to Debian 8 using the apt-get package management tool.
Debian isn't as much in the public eye as it used to be, but the massive project is still extremely influential as a background distro that forms the basis for several popular Linux alternatives. Ubuntu, Knoppix, Mint, and many other Linux distributions are based on Debian.
Linux Kernel Turns Over
Linux godfather Linus Torvalds has announced the availability of Linux kernel 4.0. Kernel watchers have known this new "major" release has been on the way, so the announcement was no surprise. For many products and projects, a new major version number is timed to mark major feature enhancements, but Linus downplayed the significance of change from the 3.X to 4.X series, stating "… we've had much bigger changes in other versions."
Torvalds has been quoted in the past as saying Linux would need to roll over to a new major version before getting past 3.20 because he wanted to be able to count the minor release numbers on his fingers and toes. Perhaps more to the point, he says he is "… personally so much happier with time-based releases than the bad old days when we had feature-based releases." According to the announcement, 4.0 does not come with a trove of experimental new features but is a very stable release.
One new feature that has drawn some excitement from the Linux community is the new live kernel patching infrastructure.
The Linux Foundation and the Internet Security Research Group (ISRG) have announced a new project aimed at promoting encryption on the Internet. The new service, known as "Let's Encrypt," is described as "… a free, automated and open security certificate authority for the public's benefit. Let's Encrypt allows website owners to obtain security certificates within minutes, enabling a safer web experience for all."
Despite advances in encryption and intrusion prevention, security problems continue to plague the Internet. Experts have long advocated universal encryption as a best-practice technique for minimizing attacks. The Let's Encrypt project is intended to make it easier for webmasters to install and maintain encryption. According to ISRG executive director Josh Aas, "Encryption should be the default for the web. The web is a complicated place these days; it is difficult for consumers to be in control of their data. The only reliable strategy for making sure that everyone's private data and information is protected while in transit over the web is to encrypt everything. Let's Encrypt simplifies this."
The founders of the Let's Encrypt project believe one reason website encryption is not universal is that conventional certificate authority services are too complicated, and often too expensive, to be an option for smaller websites. Let's Encrypt will provide certificates for free, and it will simplify the configuration at the web server so that a couple of easy commands are all that is necessary to implement encryption.
According to the project website, Let's Encrypt will be available to the public in mid-2015.
« Previous 1 2 3 4 Next »
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
![Learn More](https://www.linux-magazine.com/var/linux_magazin/storage/images/media/linux-magazine-eng-us/images/misc/learn-more/834592-1-eng-US/Learn-More_medium.png)
News
-
NVIDIA Released Driver for Upcoming NVIDIA 560 GPU for Linux
Not only has NVIDIA released the driver for its upcoming CPU series, it's the first release that defaults to using open-source GPU kernel modules.
-
OpenMandriva Lx 24.07 Released
If you’re into rolling release Linux distributions, OpenMandriva ROME has a new snapshot with a new kernel.
-
Kernel 6.10 Available for General Usage
Linus Torvalds has released the 6.10 kernel and it includes significant performance increases for Intel Core hybrid systems and more.
-
TUXEDO Computers Releases InfinityBook Pro 14 Gen9 Laptop
Sporting either AMD or Intel CPUs, the TUXEDO InfinityBook Pro 14 is an extremely compact, lightweight, sturdy powerhouse.
-
Google Extends Support for Linux Kernels Used for Android
Because the LTS Linux kernel releases are so important to Android, Google has decided to extend the support period beyond that offered by the kernel development team.
-
Linux Mint 22 Stable Delayed
If you're anxious about getting your hands on the stable release of Linux Mint 22, it looks as if you're going to have to wait a bit longer.
-
Nitrux 3.5.1 Available for Install
The latest version of the immutable, systemd-free distribution includes an updated kernel and NVIDIA driver.
-
Debian 12.6 Released with Plenty of Bug Fixes and Updates
The sixth update to Debian "Bookworm" is all about security mitigations and making adjustments for some "serious problems."
-
Canonical Offers 12-Year LTS for Open Source Docker Images
Canonical is expanding its LTS offering to reach beyond the DEB packages with a new distro-less Docker image.
-
Plasma Desktop 6.1 Released with Several Enhancements
If you're a fan of Plasma Desktop, you should be excited about this new point release.