I am not aware of any other entity, group or idea that matches these five primary characteristics of the open source movement as exactly as terrorist organizations.
Read on for a two-in-one post from Linux Today - one post shows the "paper" that goes into detail into why the open source movement can be seen as terrorism, while the second post provides some rebuttals against the argument. Do you feel the article brings up any valid points? How would you respond to the author?
Security is more than just stopping attacks - it applies to society and police security as well. This tool is a forensic tracking tool that polices forces in Australia have found useful for collecting information: The tool was developed by students from Edith Cowan University's School of Computing and Information Sciences and will help the Western Australian Police Computer Crime Squad process their forensic investigations.
Called Simple (for Simple Image Preview Live Environment), the software allows investigators to view and acquire forensic data at the scene of the crime without compromising the integrity of data as it is collected.
Source: SearchSecurity.com - Posted by Eckie Silapaswang
The initiative is a long-range plan to upgrade the security of the federal government's networks and comprises a number of separate proposals, most notably an overhaul and expansion of the government's intrusion detection system, known as Einstein. Currently, Einstein is simply a passive traffic-monitoring system that records basic data such as the originating IP address of a packet, its size and where the packet came from and where it is headed. But the data that the system captures is not analyzed in real time, so attacks and other anomalies aren't caught until well after the fact. And, Einstein is a voluntary program and is not in place at all of the federal agencies right now.
If there was one place where you'd think that security would be state-of-the-art and cutting edge, it would be our own federal government networks. I really don't see any necessary trade-off between "security" and "convenience" when it comes down to national security. What do you think a government IDS should have to set the benchmark for security?
The work is part of a U.S. government-backed project to harden open-source code.
"We applaud the developers responsible for the 11 open-source projects that have advanced to the second rung of code security and quality," said David Maxwell, open-source strategist for Coverity.
The Open Source Hardening Project, sponsored by the U.S. Department of Homeland Security, uses Coverity's Scan, which grades projects on a "ladder" according to their progress at fixing and preventing flaws.
This article talks about the Open Source Hardening Project which was started in January 2006. It discuses the current plans for helping open source security.
Source: The Register - Posted by Eckie Silapaswang
When a person asks me what a benefit of Linux is (from a layman's point of view), I frequently quote its strength against spyware - basically how using Linux is like getting an innoculation shot against the worst they throw at Windows / IE users. Who wants to use an operating system where someone you dont' even know is constantly monitoring you? In this article, the government has penalized a BitTorrent user by not only putting a monitoring bracelet on him, but they're forcing him to switch to Windows because "their monitoring software only works on Windows PCs". Read on to find out what his reaction is. Why not share you opinion on the matter? Is Linux just that good of a choice for internet browsing?
Source: Network World - Posted by Eckie Silapaswang
Because you make pens, pencils, or any other sharp objects that are capable of stabbing and killing, you are liable for producing weapons. This is the logic I see behind the German Anti-Hacker law which states that offenders are defined as any individual or group that intentionally creates, spreads or purchases hacker tools designed for illegal purposes.
These laws are based off of a "judgement call" and can only hinder the process of security researchers in their perpetual quest of closing zero-day vulnerabilities. How do you feel about laws like this being passed?
"Standing at the center of this debate on how much security is enough are agency chief information security officers, who report to chief information officers." Join the debate. Do you think if the government use Linux machines and tools more it would help their security problems? I might come down to ease of use vs security.
Source: Light Blue Touchpaper - Posted by Eckie Silapaswang
What if everyone one day took everything that "could" be used "maliciously" and with "evil intent" (even though there are many benefits to these things) and just deemed them illegal right off the bat? A hacksaw could be used to cause bodily harm (in horror movies mostly), yet it's a valuable tool for carpenters - why should there be an evaluation on its intent? In the following article, see how the government may be deeming "dual use" security tools illegal before they are even used - authors of these tools may be prosecuted if they intended the tool to be used illegally.
"Red Hat Linux received a new level of security certification that should make the software appealing to government agencies." Is this a good thing for getting other Linux Distro's accepted to be a secure platform for government agencies to use? Also is this a step forward for the Linux community to get more exposure or just for Red Hat as a company? I think this is good for Red Hat however we will have to wait and see if any government agencies really take action and use Linux to help solve their security problems.
Source: Dark Reading - Posted by Eckie Silapaswang
Many of Estonia's government agencies are still unreachable via the Web today after hackers launched denial-of-service attacks that rendered many of their sites useless over the weekend.
