Language Selection

English French German Italian Portuguese Spanish

Linux is more secure but not invulnerable

Filed under
Linux
Security

I've been working with and using Linux far longer than any other platform. Through those years, I've pretty much seen and used it all. Interestingly, my tune has changed on a number of things -- one opinion is about the relative security of Linux. Back in the day, I would have looked you in the face and said squarely, “There's no way anyone is going to hack a Linux server!” My tune now is a bit more somber, sober, and far more realistic. But before I get the chance to sing you that tune, let me set the stage.

Over the last week, I was called to check into why a CentOS server was behaving poorly. The server duty was for web/email. The shenanigans were first spotted when a particular email address on the server in question refused to authenticate. I logged into the cPanel, changed the email's password, and attempted to log into the user's webmail. The second I logged in, the password was automatically changed again.

So, I started digging around.




More in Tux Machines

And now for some good news... How open source triumphed over Microsoft Office in Italy

Microsoft Office may have a global monopoly, but one Italian region rejected it flat out. But, why? In the stunningly beautiful Italian region of Umbria, you'll feel more at home running open source software, rather than the clunky and expensive Microsoft Office suite. Read more

Red Hat, Chilean government hold talks on open source initiative

The head of Chilean regulator Pedro Huichalaf agreed to pass information regarding the benefits of open source software to the ministerial committee for digital development Read more

IT teams are choosing open source - but not just for the cost savings

IT decision makers are increasingly turning to open source over proprietary software because they believe it offers them better business continuity and control Read more

Patent Troll Kills Open Source Project On Speeding Up The Computation Of Erasure Codes

Via James Bessen, we learn of how a patent trolling operation by StreamScale has resulted in an open source project completely shutting down, despite the fact that the patent in question (US Patent 8,683,296 for an "Accelerated erasure coding system and method") is almost certainly ineligible for patent protection as an abstract idea, following the Supreme Court's Alice ruling and plenty of prior art. Erasure codes are used regularly today in cloud computing data storage and are considered to be rather important. Not surprisingly, companies and lawyers are starting to pop out of the woodwork to claim patents on key pieces. I won't pretend to understand the fundamental details of erasure codes, but the link above provides all the details. It goes through the specific claims in the patents, breaking down what they actually say (basically an erasure code on a computer using SIMD instructions), and how that's clearly an abstract idea and thus not patent-eligible. Read more