Language Selection

English French German Italian Portuguese Spanish

Site News

Mollom Works

Filed under
Site News

Drupal's very own Mollom is a Free/Open Source (collaboratively-developed and freely-shared) software for battling script kiddies and fighting against SPAM. The past 2 weeks were difficult because spammers exploited the fact that we had opened up the site for registration/subscription (to leave comments). After exploring some options for dealing with the problem (spam making it to the front page even!) we found that Mollom was good enough to eliminate almost 100% of all of spam (so far). Hence, for the time being, it seems safe to say now that we beat the script kiddies. Thanks, Mollom!

Mollom

First Month on the New Server (Updated)

Filed under
Site News

Tux Machines behind Varnish cache proxy

Chart for Tux Machines

Summary: Tux Machines growth and a note regarding SPAM prevention after a week or so of experiments

Here are the first four weeks' log sizes, plotted with LibreOffice and demonstrating week-to-week growth since the site's nameservers changed and the server moved to CoPilotCo. After 4 weeks all logs get deleted (logrotate) to ensure privacy through lack of data retention (except short term in case of DDOS).

Opening Up Communications (Updatedx5)

Filed under
Site News

Script kiddies can't get their way

Diversity

Summary: Script kiddies made it impractical to manage comments and forum posts; we are trying to tackle this issue today

IN ANOTHER attempt to restore user registrations, this time on the new server which has just been configured for mail, we are enabling anyone to quickly self-register (takes less than a minute and requires no verification), then immediately post comments, forum posts, etc.

Site Update (Updatedx2)

Filed under
Site News

Newspaper

Summary: Recent changes at Tux Machines, in just a nutshell

INSPIRED in part by Slashdot, we recently added topical icons to submissions, applying these changes retroactively to over 50,000 older pages. The idea was, this can improve orientation by helping to quickly associate text with topics. More minor modifications were made as well, some textual and some layout related. They are subtle but they can be seen. After receiving feedback regrading icons size we made further modifications. Regarding social media buttons, some of the ones we initially found were unbelievably privacy-infringing (allowing Google, Facebook, Twitter etc. to see visitors of this site), so we disabled them immediately and replaced them with static buttons. Right now we can assure that whenever loading pages in this Web site nothing except our security-aware network gets contacted. We share no data about visitors (with anyone) and Apache logs get shredded for good after a few weeks, leaving sufficient trail just in case of attacks on the site, which would merit investigation. Log rotation is similarly privacy-respecting at the cache level, which leads to the following point.

Today, after the above changes had been made and stability attained (there were some network disruptions yesterday), we also updated Drupal, ensuring it is secure and fully up to date (the latest minor bugfix release is a month old). There is still an issue with Varnish and until we tackle this issue users who are not logged in might be getting error pages. One way to overcome this is to append "?something" to the URL requested. This bypasses the Varnish cache until we finish our investigation of this issue and resolve it for good.

Update: The issue with Varnish turns out to be a conflict between two caching layers. It's fixed now. If you spot an issue, still, please let us know.

Update #2: Yesterday we identified another issue and soon thereafter fixed it. After Twitter syndication had failed we realised that RSS feeds were not standards-compliant, due to a blank line at the start of each generated page in Drupal. This is a common issue and it is a nightmare to debug (requires a complete code review with help of GNU utilities like grep). After 4 hours of investigation I found the culprit and fixed the coding error. RSS feeds are back.

This is "See Ya Around"

Filed under
Site News

I started to say "this is goodbye," but just because I sold the site doesn't mean I won't be around Linuxville. I'm still writing at ostatic and I may turn up here now and again as well. I'll be looking around to expand my writing after the new year too, so you're not rid of me yet. But the sale on tuxmachines.org has been completed.

Sold! (tentatively)

Filed under
Site News

I guess tuxmachines.org has been sold for $1000. I know it's kinda low, but times have changed and the new owner plans to carry on the tuxmachines tradition.

going twice

Filed under
Site News

going twice

fair warning - going once....

Filed under
Site News

Well, I think I'm going to accept one of the two $1000 bids received, unless anyone else wants to bid...

Tuxmachines.org for sale (update)

Filed under
Site News

I've decided to try and see if anyone might be interested in buying and doing something with my domain and site. So, today, I'm posting this ad here: tuxmachines.org for sale.


Update: I've received some bids and will decide by Monday....

sorry so slow

Filed under
Site News

Sorry I've slowed down on gathering the interesting news lately. I think my blood pressure is back up or something. I'm trying to get a dr appointment. But I'm trying to get back up to speed. Thanks for your patience.

Syndicate content

More in Tux Machines

OpenShift and Google

  • Red Hat launches 'OpenShift' dedicated on Google Cloud Platform
    World's leading provider of open source solutions Red Hat has announced the general availability of OpenShift Dedicated on Google Cloud Platform.
  • Red Hat and Google join forces on containers
    Red Hat and Google are set to offer enterprise customers a managed OpenShift service hosted on Google's cloud to make the build, launch and management of applications a less time-consuming process. OpenShift Dedicated on Google Cloud Platform will speed up the adoption of containers, according to Red Hat, giving developers the guidance they need to create applications and deploy them faster.
  • Red Hat’s Container Platform Lands on Google Cloud
    Red Hat’s OpenShift Dedicated container platform will now be available on Google Cloud Platform, the companies announced yesterday. OpenShift Dedicated is a managed version of Red Hat’s OpenShift container platform, targeting enterprises. Launched in December, the Dedicated version puts Red Hat in the role of a service provider, taking care of infrastructure and operations.

Security News

  • A 'mystery device' is letting thieves break into cars and drive off with them, insurance group says
    Insurance crime investigators are raising alarms over a device that not only lets thieves break into cars that use keyless entry systems but also helps start and steal them. Investigators from the National Insurance Crime Bureau, a not-for-profit organization, said in an interview they obtained what they called the “mystery device” from a third-party security expert at an overseas company. So far, the threat here may be mostly theoretical. The crime bureau said it heard of the device being used in Europe and had reports that it had entered the U.S., but said there are no law enforcement reports of a car being stolen using it in the United States.
  • Turkish hacking group offers tiered points rewards program for DoS attacks
    A TURKISH HACKING GANG is taking an unusual approach to funding denial of service attacks, and is soliciting for, and offering hackers rewards for taking down chosen pages. This is unusual, as far as we know, and it has led to the creation of comment from the security industry. Often these things do.
  • German judges explain why Adblock Plus is legal
    Last month, Adblock Plus maker Eyeo GmbH won its sixth legal victory in German courts, with a panel of district court judges deciding that ad-blocking software is legal despite German newsmagazine Der Spiegel's arguments to the contrary. Now, the reasoning of the Hamburg-based panel of judges has been made public. According to an unofficial English-translated copy (PDF) of the judgment, Spiegel Online argued it was making a "unified offer" to online consumers. Essentially, that offer is: read the news content for free and view some ads. While Internet users have the freedom "not to access this unified offer," neither they nor Adblock Plus have the right to "dismantle" it. Eyeo's behavior thus amounted to unfair competition, and it could even wipe the offer out, Spiegel claimed. "The Claimant [Spiegel] argues that the Defendant’s [Eyeo's] business model endangers the Claimant’s existence," reads the judgment, which isn't final because it can be appealed by Spiegel. Because users aren't willing to pay for editorial content on the Web, "it is not economically viable for the Claimant to switch to this business model." Spiegel asked for an accounting of all the blocked views on its website and a fine to be paid—or even for managers Wladimir Palant and Till Faida to be placed in "coercive detention" of up to two years.
  • Op-ed: I’m throwing in the towel on PGP, and I work in security [Ed: Onlya tool would drop PGP for Facebook-controlled Whatsapp. The company back-doors everything under gag orders.]
    In the coming weeks I'll import all signatures I received, make all the signatures I promised, and then publish revocations to the keyservers. I'll rotate my Keybase key. Eventually, I'll destroy the private keys.
  • 90 per cent of NHS Trusts are still running Windows XP machines
    90 PER CENT of the NHS continues to run Windows XP machines, two and a half years after Microsoft ditched support for the ageing OS. It's Citrix who is ringing the alarm bells, having learnt that 90 per cent of NHS Trusts are still running Windows XP PCs. The firm sent Freedom of Information (FoI) requests to 63 NHS Trusts, 42 of which responded. The data also revealed that 24 Trusts are still not sure when they'll migrate from Windows XP to a newer version of Microsoft's OS. 14 per cent said they would be transitioning to a new operating system by the end of this year, while 29 per cent pledged to make the move sometime next year.
  • Ransomware blamed for attack that caused Lincolnshire NHS Trust shutdown
    RANSOMWARE is to blame for an attack which saw an NHS Trust in Lincolnshire that forced to cancel operations for four days in October. In a statement, Northern Lincolnshire and Goole NHS Foundation Trust said that a ransomware variant called Globe2 was to blame for the incident.
  • Researchers Find Fresh Fodder for IoT Attack Cannons
    New research published this week could provide plenty of fresh fodder for Mirai, a malware strain that enslaves poorly-secured Internet of Things (IoT) devices for use in powerful online attacks. Researchers in Austria have unearthed a pair of backdoor accounts in more than 80 different IP camera models made by Sony Corp. Separately, Israeli security experts have discovered trivially exploitable weaknesses in nearly a half-million white-labeled IP camera models that are not currently sought out by Mirai.
  • Your data is not safe. Here's how to lock it down
    But some people worry that government surveillance will expand under a Donald Trump presidency, especially because he tapped Mike Pompeo, who supports mass surveillance, for CIA chief.
  • Tor at the Heart: Library Freedom Project
    Library Freedom Project is an initiative that aims to make real the promise of intellectual freedom in libraries by teaching librarians and their local communities about surveillance threats, privacy rights and responsibilities, and privacy-enhancing technologies to help safeguard digital freedoms.
  • PowerShell security threats greater than ever, researchers warn
    Administrators should upgrade to the latest version of Microsoft PowerShell and enable extended logging and monitoring capabilities in the light of a surge in related security threats, warn researchers [...] Now more than 95% of PowerShell scripts analysed by Symantec researchers have been found to be malicious, with 111 threat families using PowerShell.
  • Five-Year-Old Bait-and-Switch Linux Security Flaw Patched
    Maintainers of the Linux Kernel project have fixed three security flaws this week, among which there was a serious bug that lingered in the kernel for the past five years and allowed attackers to bypass some OS security systems and open a root shell.
  • The Internet of Dangerous Auction Sites
    Ok, I know this is kind of old news now, but Bruce Schneier gave testimony to the House of Representatives’ Energy & Commerce Committee about computer security after the Dyn attack. I’m including this quote because I feel it sets the scene nicely for what follows here. Last week, I was browsing the popular online auction site eBay and I noticed that there was no TLS. For a moment, I considered that maybe my traffic was being intercepted deliberately, there’s no way that eBay as a global company would be deliberately risking users in this way. I was wrong. There is not and has never been TLS for large swathes of the eBay site. In fact, the only point at which I’ve found TLS is in their help pages and when it comes to entering card details (although it’ll give you back the last 4 digits of your card over a plaintext channel).

Android Leftovers

Linux 4.8.14

Turns out I'm going to be on a very long flight early tomorrow morning, so I figured it would be good to get this kernel out now, instead of delaying it by an extra day. So, I'm announcing the release of the 4.8.14 kernel. All users of the 4.8 kernel series must upgrade. The updated 4.8.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.8.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-st... Read more Also: Linux 4.4.38 Linux Kernel 4.8.14 Hits the Streets with Numerous Networking Improvements, More