Wednesday, April 18, 2007

U.S. House to probe federal network intrusions by foreign hackers

Well after 10 or more years of foreign intelligence services sniffing the net for intel on US and UK government computers, finally, atleast the system is functioning, somewhat and now a subcommittee hearing is set for Thursday.

Heres the rest of the story by Jaikumar Vijayan April 17, 2007  (Computerworld) 

Powered by ScribeFire.

Wednesday, April 11, 2007

This may be pointing to something finally, like a zone recon points to a battle!

Story #1 openSUSE Hobbled By Microsoft Patents

Posted by CowboyNeal on Tuesday April 10, @07:38AM

from the or-at-least-disfigured dept.

Novell Microsoft Patents SuSE Linux

kripkenstein writes "openSUSE 10.2 no longer enables ClearType (which would improve the appearance of fonts). The reason given on the openSUSE mailing list for not enabling it is, 'this feature is covered by several Microsoft patents and should not be activated in any default build of the library.' As reported on and discussed, this matter may be connected to the Microsoft-Novell deal. If so, Novell should have received a license for the Microsoft patents, assuming the deal covered all relevant patents. Does the license therefore extend only to SUSE, but not openSUSE?

Perens Counters Claim of GPL Legal Risk

Posted by Zonk on Tuesday April 10, @12:42PM

from the not-so-fast-my-friend dept.


Microsoft Delenda Est writes "After ACT, a Microsoft front group, started claiming that the GPLv3 was legally 'risky' and could give rise to anti-trust liability, eWeek has published a rebuttal by Bruce Perens. Aside from the fact that IBM, HP, Red Hat, and a couple dozen corporate lawyers are watching over the creation of the GPLv3, there is already precedent that shows the GPL is unlikely to give rise to any significant liability — Daniel Wallace v. FSF. In that case, pro se litigant Daniel Wallace was all but laughed out of the courtroom for alleging the GPLv2 violates anti-trust law, and the GPLv3 clauses in question are simply clarifications and extensions of clauses in the GPLv2. Presumably, that is why the ACT neglected to cite any precedent substantiating their allegations."

Call me crazy, but in the past I've made note of Microsoft's cozying up to Linux in its Novell deal last year, and have openly asked what gives. What was obvious to me then and now is that with the Redmond giant nothing is as it seems. A deal with Novell makes sense only in two scenarios.

1.Microsoft has finally come to the realization that the business model has finally shifted to the point where their present model has to be scrapped. An idea I find untenable, while MS may have come to this long term conclusion, I don't think they are agile enough to actually embrace the necessary changes in structure that they would need to to revamp the company, so in my opinion! this isn't whats going on.

2.The alternative I find more likely is similar to Al Pacino's character in the god father, who elicits "keep you family & friends close, but keep your enemies closer" this is the nascent logic behind the Linux foray with Novell. In my opinion!

    In all honesty I think they really don't comprehend the competition that is threatening their business model, like no has since the 1980's.

The result is a very public association with one of the major player, in this case Novell and Suse Linux.

     The result is they have new and inside information on the way Linux runs, not the operating system per say, but a more in the community, person to person perspective that you don't get from lab analysis of source code. When you think about some things that have been reported, like Steve Balmer's threats to the open source community for patent infringements, oddly enough only weeks after the Novell deal was signed.

At first it doesn't make sense, until I started seeing a pattern of almost carrot and stick like behavior, earlier this week SCO made remarks that they may be considering action against Linux users,this following   Steve Ballmer's Repeating Threats Against Linux

(On February 21st, 2007 with 470 comments). All while MS has been trying to woo other Linux distributions in to deals like they did with Novell. In fact MS is alleging that they won't try to claim compensatory damages via the courts if the Linux distributions and software vendors agree to play ball.

This sends a very clear signal, that is, pay up or go home.

Microsoft has a huge capital out lay in its latest desktop and server operating systems and they are apparently trying to hedge their bets with this carrot and stick mantra hoping to gain a foot hold in a market they don't really grasp as yet. Personally with the pattern pretty well set I suspect that the blissful Novell / Microsoft union will fold at just about 12 months.

I suspect the legal battles will start early in the new year.

Powered by ScribeFire.

Sunday, March 25, 2007

From the Navy Times: Hackers access DFSA myPay accounts

By Rod Hafemeister - Staff writer

Posted : Saturday Mar 24, 2007 8:04:21 EDT

"SAN ANTONIO — Defense officials announced March 23 that nearly two dozen “myPay” users have had money redirected from their accounts in the past eight months by hackers who apparently accessed the service members’ home computers."

    If true this points to a serious breach of security, while the pay and finance inst a critical war infrastructure, it is secured in a similar manner to government network services such as N.M.C.I. (Navy, Marine Corp Intranet).

Also I like to point out that the pay system in question is a separate network from the war fighting infrastructure.

    Never the less, all Military network Admins and their associated sub-contractors need to pull a full up review of policy's and procedures and personnel training on these networks as intrusions like this have a nasty habit of being socially engineered, or perniciously through email phishing scams.


Powered by ScribeFire.

Powered by ScribeFire.

Wednesday, March 7, 2007

Live from slashdot: FAA May Ditch Vista For Linux

Posted by kdawson on 6:07 Wednesday 07 March 2007

from the hello-Google dept.

An anonymous reader writes "Another straw in the wind: following last week's news that the US Department of Transportation is putting a halt on upgrades to Windows Vista, Office 2007, and Internet Explorer 7, today comes word that the Federal Aviation Administration may ditch Vista and Office in favor of Google's new online business applications running on Linux-based hardware. (The FAA is part of the DOT.) The FAA's CIO David Bowen told InformationWeek he's taking a close look at the Premier Edition of Google Apps as he mulls replacements for the agency's Windows XP-based desktop computers. Bowen cited several reasons why he finds Google Apps attractive. 'From a security and management standpoint that would have some advantages,' he said."

powered by performancing firefox

Crack! Security expert hacks RFID in UK passport

Successful effort pulled data off document in mailing envelope
Jeremy Kirk

March 06, 2007 (IDG News Service) -- A security expert has cracked one of the U.K.'s new biometric passports, which the British government hopes will cut down on cross-border crime and illegal immigration.

If true this illustrates the dangers of naively putting RFID chips into not only passports but credit and debit cards as well. This could well be a huge economic boomerang that could hurt the very core of trust in government and in our economy. All an identity thief needs to do is scan the passport for the person's photograph and fingerprints and other biometric data on the rfid chips.

The problem is isn't if the the data will be stollen but when it will be. This data is too valuable when it is stored enmasse on a large centralized database. There are criminals who would love to "A" prove that the hack can be done and "B" make a tone of cash off of the reselling of your personal information. Also there are Criminals who will just sit reading news papers at the airport waiting for you to walk by with your passport and its rfid chip inside, while they sit there reading the rfid reader in their pocket is skiming your vital information right out of your passport.

Further since your at an airport, you obviously not on the no fly list, that makes you a prime candidate for an identity theft, by any of a hundred types of criminals from organized crime, terrorists, or just regular criminals swiping identitys for resale on the black market. You as a travel capable passenger are who they'll be looking for. This is the real problem of putting our information in such a convienient location, it makes it convienient for both the goverment and criminals to scrape all the data you have stored on the passport.

We really need to rethink this idea!

powered by performancing firefox

Monday, February 26, 2007

Balmer Says What!

Ok Steve Balmer thumped his chest last week, demanding that the Open Source community to stop infringing on an alleged plethora of Microsoft patents. The funny thing I find with this is Microsoft doesn't warn people of patent infringments, they just sue!, so my next question is, is this the other side of the Microsoft/ Novell deal from November of last year. The one where Microsoft signed a deal with Novell in a channel partnering agreement where Microsoft will front Novells Suse linux and Novell will get help making Microsoft products to run on "Suse" linux.

All of this breast beating is to start a greenmail campaign to try and monetize a market that three years ago Microsoft was calling a marginal market space that wasn't worth their time. After all that was the logic of why they didn't port Office 2003 to linux in 2004.

As for if Microsoft will make a legal move on Linux, I think it's just posturing, designed to scare the technically marginally knowledgable, people who only know only enough to spell Microsoft. If you want to know the history of Microsoft and the Law look at these links from

powered by performancing firefox