INTERNET - Online Piracy Fight, Push-Back

"Hackers Retaliate Against DOJ in Raging Online Piracy Fight" PBS Newshour 1/20/2012

Excerpt

MARGARET WARNER (Newshour): It's one of the largest criminal copyright cases ever brought. The target is a website based in Hong Kong that's been used to share large files, including movies, videos, television shows, e-books, games, and music.

It's called Megaupload, and the heavily visited site is said to have 150 million registered users and 50 million visits a day. Now it stands charged with storing and distributing pirated material, and thus robbing copyright holders of more than $500,000.

Yesterday, the Justice Department shut it down and released indictments against seven executives. Four were arrested at the New Zealand mansion of its founder, who goes by the name Kim Dotcom.

Within hours, the hacker collective called Anonymous retaliated, shutting down the websites of the Justice Department and major media groups, including Universal Music and the Motion Picture Association of America. The government's crackdown came one day after this week's online protests against anti-piracy bills in Congress.

Another excerpt

CECILIA KANG, The Washington Post: So there's a lot of -- there's a lot of suspicion around the timing of this. But these are two -- one should keep in mind that these are two discreet issues. There's the federal indictment of a criminal case, and then there are the two bills right now that are being proposed on the Hill that I should say actually have been on hold, today were put on hold because of all the controversy around them.

INTERNET - Domain Names Controversy

"Domain Names: Debating the Effects of a Dot-Anything World" PBS Newshour 1/12/2012

Excerpt

RAY SUAREZ (Newshour): Since the earliest days of the Internet, Americans have gone to Web addresses with familiar names to the right of the dot, as in dot-com or dot-org.

Starting today, the company that assigns what are called domain names is making a big change. It's rolling out a program meant to dramatically increase the number and kind of names. So, instead of a company like let's say Marriott being called Marriott.com, it might now choose to be called simply .Marriott.

But it is going to cost plenty, up to $185,000 just to apply for the new name. And the total economic stakes could add up to hundreds of millions of dollars. Some businesses and lawmakers are upset with what this could mean for commerce and the future of the Web.

We look at this now with Rod Beckstrom, the president and CEO of ICANN, the Internet Corporation for Assigned Names and Numbers. And Dan Jaffe is with the Association of National Advertisers, which is part of a coalition opposed to the rollout of the program.

WINDOWS - Window Management Utility

This post is about WindowManager by DeskSoft

WindowManager helps you to improve your work flow by remembering and restoring the position and size of your programs and windows. Many programs don't remember their position and size between sessions and even Windows explorer does not always restore windows to their last position. This is where WindowManager steps in and makes sure your windows are placed exactly where you want them every time you open them. WindowManager even allows you to lock the position and size of any window, so that it will always open at the same spot no matter where you move it. The window handling is fully customizable and you can set up special rules for your favorite or most frequently used windows.

Key Features:

• Remembers and restores the position and size of your recently used windows


• Supports explorer windows, programs, dialogs, etc.


• Special rules for moving or sizing only, etc.


• Ignore list for preventing position or size change


• Fully customizable


• Now with full Windows 7 and 64 bit compatibility

Supported operating systems:

• Windows XP


• Windows XP x64


• Windows Vista


• Windows Vista x64


• Windows 7


• Windows 7 x64


• Windows Server 2003


• Windows Server 2003 x64


• Windows Server 2008


• Windows Server 2008 x64

NOTE: I have tried this utility and found that it interfered with ONE window on my WinXP system. It caused the window to open in the minimized mode EVERY TIME even though the shortcut was set for normal mode. I tested this by disabling the utility, then the window would open as expected. I have removed it from my system. This is by no means saying that other users MAY find the utility works for them, especially if you NEVER use the [Save] option.

SECURITY - Protecting Against Phishing

"How to Boost Your Phishing Scam Detection Skills" LifeHacker 1/5/2012

Phishing scams—the ones that try to get you to provide private information by masquerading as a legitimate company—can be easy to uncover with a skeptical eye, but some can easily get you when you let your guard down for just a second. Here's how you can boost your phishing detection skills and protect yourself during those times when you're not at full attention.

Want to test your phishing IQ and find out what kind of scams you're most likely to miss? Take this test.

What You Can Do

The way most phishing scams find victims is through email, but sometimes you'll come across a phishing site in the wild as well. Either way, here are the basic principles you want to follow to keep a cautious eye out for these malicious traps.

Check the URL

Phishing scams are designed to look like official emails and web sites from actual companies, but they aren't actually those things—they're just imitations. Because the emails and web sites are imitations they'll probably look a little different from what you'd expect in general, but more importantly those sites can't have the same URL as the web site they're pretending to because they are different sites. To check the URL, just hover of the link you're thinking of clicking. At the bottom of your window you should see the URL displayed. Once you do that, you have to figure out if it is a good URL or a bad URL.

Using PayPal as an example, you'll generally see http://www.paypal.com as part of the URL. Sometimes you'll see something like http://subdomain.paypal.com as well. Both of these URLs are okay, because they end in paypal.com. A phishing URL, however, might look something like this: http://paypal.someotherdomain.com. In this case, "paypal" is attached to another domain name (someotherdomain.com). URLs like this are the ones you want to avoid.

Always Go Direct

The best thing you can do to avoid phishing scams is always go directly to the web site you want to visit rather than clicking a link. This way you don't have to figure out if the URL is safe or not because you'll be using a URL in your bookmarks (or your brain) that you already know is safe. Doing this can also help protect you from phishing scams when you let your guard down because you'll be in the habit of visiting sites directly rather than clicking links.

I fell for a phishing scam once when I read the email right after I woke up in the morning. It was from my bank and they'd sent me a lot of verification notices lately since I'd been traveling and using my debit card all over the place. When I got another one, I didn't even think about it because I'd just woken up. I went to the site, filled in my info, and then immediately realized I'd just provided that information to a phishing scam site. I called the bank to let them know right away and got a new card, but had I changed my default behavior to calling the bank of visiting the bank's web site this probably wouldn't have happened. Of course, that's what I do now and it hasn't been a problem since.

What Your Browser Can Do For You

Detecting phishing scams on your own mainly require the mild paranoia and the behavioral adjustment described above, but there are a few other things you can do to make your everyday browsing safer.

Turn Off Form Autofill

One great feature of many web browsers is the autofill feature. It makes it really easy to fill out forms using information already stored in the browser. It also makes it easy for you to ignore the form you're filling out and just submit it, causing you to potentially miss a phishing scam when you're rushing through the process. While this precaution isn't necessary, and you might prefer the convenience of autofill to the safety benefits that deactivating it can provide, turning it off will provide a little added protection.

Utilize Your Browser's Built-In Tools

Most browsers come with some phishing protection built-in to help protect you, but it isn't always enable by default. Google Chrome keeps track of common phishing sites and can alert you when you visit one, but you may need to go through the short setup process to make it work. Firefox also offers phishing and malware protection in a similar way, and you can enable it in the Security section of Firefox's preferences.

Bump Up Your Phishing Protection with Web of Trust

Web of Trust is one of our favorite browser extensions because it automatically lets you know if a web site is trustworthy or not. While it can't possible verify every single site on the internet, it can make you aware of potentially harmful sites and phishing scams. All you have to do is install the extension for your browser and it will display a trust rating in your browser's toolbar. (You can read more about this here.) Web of Trust is available to download for Google Chrome, Firefox, Internet Explorer, Opera, Safari, and as a bookmarklet for other browsers.

WINDOWS - Win7 Menu Bars

This is about turning ON Menu Bars in Windows 7 (Win7).


Menu Bar in Explorer (My Computer):

1. Click the [Start] logo-button and type folder options in the search-box, click Folder Options link displayed


2. Click the [View] tab and check [X] Always show menus


(click for better view)

IE 8 or 9, and Media Player Menu Bars:

1. Open Internet Explorer or Media Player
   


2. Right-click on a EMPTY area on the Tab Bar, then [X] check the Menu Bar option

CYBERCRIME - Battle Over Online Piracy

"Film, Music Industries Battle Leading Internet Companies Over Online Piracy"
PBS Newshour 12/15/2011


Excerpts

JEFFREY BROWN (Newshour): Alright.

Markham Erickson, first, do you acknowledge piracy is a problem? I mean, all over the Internet, one can get copyright -- there are copyright violations.

MARKHAM ERICKSON, Open Internet Coalition: Well, sure. People are doing bad things on the Internet. And we agree that there are ways to try to deal with the very real problem of sites that are located outside of the jurisdiction of our court system and our legal system that are engaging in theft and illegal activity.

JEFFREY BROWN: What's the problem with the way they are proposing?

MARKHAM ERICKSON: The problem is, the proposals in Congress right now are not targeted to the problem of dealing with offshore illegal piracy.

We think there is a way to deal with that. And we've proposed a solution, which is to follow the money. The offshore sites are there to make money. They're there to profit from illegal activity. The companies I represent -- represent are some of the biggest ad networks and payment processors in the Internet ecosystem.

And they want to work with the rights-holders that, when an offshore site is engaged in illegal activity, they will shut off the economic lifeblood to those sites. And, if they do that, those sites will disappear.
----
JEFFREY BROWN: And what -- Mr. O'Leary, what about the proposed other -- the alternative route for dealing with this that he raised?

MICHAEL O'LEARY, Motion Picture Association of America: Well, I think that it's the -- to look at it from a positive perspective, it's encouraging to see a recognition that something has to be done about this problem.

I think that what we have concerns with the alternative proposal is that it sets up a separate court in the ITC. And that is not something which is necessarily used to deal with copyright. It's slow. It's bureaucratic. And, frankly, when someone is stealing from you, you don't have 12 to 18 months to work -- to let the bureaucratic court process work.

What we're proposing, what has bipartisan support, we have a broad support from not just the political spectrum, but across all types of American businesses is something which is a tool which will allow law enforcement to go after bad actors that are hiding overseas. We think it's more effective and more efficient.

COMMENT: As a techie in this area I support Mr. Erickson's view.

Note that Mr. O'Leary is NOT a computer network expert, he's only repeating what others have told him. His assertion that the proposed law is "more efficient" is wrong. Having the online payment processors shut-down payments to illegal sites is actually more efficient because it would NOT *require* courts at all. This could be done by the online payment processors themselves.

What the copy right industry SHOULD be doing is making a partnership with online payment processors to identify then block illegal sites. What I am proposing is that the film, music, and book industries with the online payment processors start their own origination to find, track, then block illegal sites.

The courts would only intervene IF a site disputes being blocked. Note that the online payment processors have total rights and control on just who they allow to use their services.

What is wrong with the proposed laws is that they will NOT work, because it can ONLY effect organizations within U.S. jurisdiction. They will have little effect on sites overseas that they are so concerned about.

SECURITY - Pentagon Seeks Hacker Help

"Pentagon asks hackers for help with cyber security" by Joseph Straw, Daily News 11/8/2011

The Pentagon agency that invented the Internet is asking the hacker community for help in eliminating Defense Department computer vulnerabilities.

The Defense Advanced Research Projects Agency, or DARPA, hosted a meeting this week for defense stakeholders and civilian computer experts, acknowledging that it has to start thinking differently about cyber security, Wired.com reported.

And the computer networks that run U.S. infrastructure are so vulnerable to cyber attack that the White House should think twice before even attacking emerging adversaries, a national security expert said.

Richard Clarke, who advised ex-Presidents Bill Clinton and George W. Bush, added that U.S. defense networks are "as porous as a colander."

Their Goliath scale leaves them especially vulnerable to tiny attacks, the Associated Press and Wired reported.

Clarke, who claims his early 2001 warnings to the Bush administration about the emerging threat of Al Qaeda went unheeded, issued the new warnings as tensions escalate between the U.S., Israel and their shared adversary Iran.

Last month Wired reported that a mundane virus called a key logger - one that surreptitiously records keyboard typing - was found on the computers used to remotely pilot Air Force drones targeting terrorists overseas.

In 2009 national security officials disclosed that Russian and Chinese agents had penetrated the U.S. electric grid and left behind software to help map the systems.

INTERNET - Open Letter on "IP Act" and "Online Piracy Act"

"An open letter to Senator Leahy regarding Internet censorship" on Newsgroups: alt.politics.usa.constitution

Dear Senator Leahy;

I am very concerned about the over-reaching authority which appears to be in the Protect IP Act and the Stop Online Piracy Act.

References:

Protect_IP_Act

Stop_Online_Piracy_Act

I am a software developer on the Internet. My main site is nodes.net which I have owned since 1998. I am working on a "quality discernment system" to advance the concept of an "intelligent web."

An integral part of the vision I hold is for individuals to "endorse" specific URL's on the web. These URL's could be something I call "metalinks" which are basically re-programmable re-directs to other web sites. These MetaLinks allow people to make a short, easy-to-
remember link for a web search or a web page.

For example, http://oil.nodes.net will redirect you to Energy Prices at Bloomburg. http://occupy.news.nodes.net will produce a search of news for "occupy" at Google news. There are many other search engines which are being included in this syntax at nodes.net

For example, http://vermont.wiki.nodes.net will take people to Wikipedia's entry for Vermont. I didn't program this metalink specifically. It is automatic. You can search for any word or phrase by substituting your word(s) for "vermont" in this URL.

In similar fashion http://05401.weather.nodes.net will take people to the weather for Burlington, VT and http://paris.time.nodes.net will take people to the current time in Paris. There are several dozen of these interfaces to other web sites and there will be hundreds, even thousands more in the near future.

I am concerned that the legislation currently being considered will limit the development of new technology to create an "intelligent web."

While the Metalinks currently in use have all been defined by someone I plan to allow intelligent software to create metalinks in the future.

It would be unwise to restrict the use of intelligent software to define links in my opinion. It's wrong to assume that all links are created by individuals operating independent of each other. Links could be a result of composite or collaborative intelligence.

In the future, metalinks will represent our "collective intelligence" or "community wisdom." That's what I'm working on now. I'm working to
create an "intelligent web." The concept I am working with is "augmented human intelligence" rather than "artificial intelligence."

I am asking you to put this legislation on the shelf for a minimum of 30 days, until 2012, so that there can be more input by the public and
a more careful analysis of what it means for all of us.

Consideration is a virtue. Please consider the effects this legislation would have on me and others who are working to advance the evolution of human intelligence on the Internet.

Sincerely,

Steve Moyer
Internet Developer
Founder, NODES Network
http://steve.nodes.net ( see what can be done with my technology )

P.S. You can see a link of all the Metalinks currently in existence, not including automatic search interfaces, at http://metalinks.nodes.net

CYBERCRIME - JoD Protections, Pro and Con

"How Effective Is Justice Department Crackdown on Counterfeit Goods Dealers?" PBS Newshour 11/29/2011

Excerpt

GWEN IFILL (Newshour): We look now at the government crackdown on the online sale of counterfeit goods. The Justice Department used Cyber Monday, the biggest online shopping day of the year, to shut down 150 websites that were allegedly peddling fake shoes, sporting goods and handbags. But was this the right approach?

Joining us to discuss that are Steve Tepp, chief intellectual property counsel at the U.S. Chamber of Commerce, and Larry Downes, author of "The Laws of Disruption," a book about law and innovation in the digital age.

More significant excerpts

STEVE TEPP, U.S. Chamber of Commerce: It's a massive problem that's growing every day, because many of these sites are located outside the United States, where there is no remedy.

For the sites located in the U.S., or at least where their domain name is registered in the U.S., dot-com, dot-net, then our enforcement agencies, like the Immigration and Customs Enforcement and the Department of Justice, who are both doing fantastic work on this, protecting the American people, can go to court and seize those domains with a court order.

That's what happened yesterday, and that's 150 domain names that will not be used to steal American jobs, to harm American consumers today.
----
LARRY DOWNES, "The Laws of Disruption": Well, first, it should be noted that, you know, what we're seizing here is not the website itself, just the domain name. It's a largely symbolic act.

What happens is, the site is still there. It can be accessed directly from the I.P. address. Or what often happens is the site comes back a little bit later under another domain name. So whether that is effective or not, it doesn't matter.

WINDOWS - CD/DVD Disappears From My Computer

This is a "this has never happened to me before" post.

I have an internal DVD-RAM drive (DVD Recorder, multi-foremat) and when I opened My Computer I noticed that it was missing. All my other drives (internal and external) did show.

I've had this DVD drive for years with no problems.

So, what to check:

• Rebooted and checked BIOS to see the DVD drive listed


• Used Device Manager, under DVD/CD-ROM drives to see list (see screenshot)

My HP DVD Writer was listed in both places.

Normally this drive was listed as G: but there was no such drive in My Computer.

Solution:

Open Disk Management (in Computer Management) and scroll-down to where your CDs are shown in the right (see screenshot). Each drive SHOULD have a Logical Drive Letter assigned.

I found that one CD/DVD drive had no Logical Drive Letter.

You right-click on the drive on the right panel, select Change Change Drive Letter and...., then (in this case) [Add] a drive letter. The dialog will show the next available letter.

In this case it showed G: which is what my HP DVD Writer should have been. Clicked [OK] and my DVD displayed AFTER I closed Computer Management.

(click for better view)


Note that this screenshot was taken AFTER I reassigned my HP DVD Writer as G:, and CD-ROM 0 is actually my external DVD-Recorder.

SECURITY - Worm, the First Digital World War

"Book Chronicles Fight to Save Web From Sophisticated Computer Worm" PBS Newshour 11/21/2011

Excerpt

MARGARET WARNER (Newshour): In November 2008, computer security experts began detecting a new, highly sophisticated computer worm. They called it Conficker. Ultimately, it invaded at least 12 million computers worldwide.

The story of the campaign to defeat it is chronicled in a new book, "Worm: The First Digital World War." The author is journalist Mark Bowden.

COMMENT: I'm a computer specialist and IT Technician by trade, so I am aware of BOTnets and other malware.

There are protections for users, one mentioned in video is to keep your Windows OS updated.

The specific tool is Microsoft's Malicious Software Removal Tool downloaded during updates (or via their PC Security site).

There is a simpler protection method. This malware cannot be use, or get on your system, IF you are NOT ONLINE. If you do not have a pressing reason to be online, don't; either disconnect your internet or log-off your system. Even better, turn off your PC when you are not actually using it.

Lastly, run a GOOD Antivirus Utility. All that I know of will protect you from KNOWN BOTnet malware.

UTILITIES - Move from WinXP to Win7

This post is for those who want to move your old WinXP system to a Win7 system.

CAUTION: I have not used this utility, so I cannot verify LapLink's claims.

PCmover Pro from LapLink

The Easiest Way to Move to Windows 7!

PCmover is the ONLY software that moves programs, files and settings from your old PC to your new PC – even restore from an image (or old hard drive) or perform an in-place upgrade.

The easy-to-use wizard will guide you in selecting which programs, files and settings you want on your PC. When complete, your new computer will have the personality and functionality of your old PC. And, PCmover is safe – it removes nothing from your old PC, won’t overwrite anything on your new PC, and includes an easy "Undo" feature.

Looking at the edition comparison table on their Overview page, the Professional edition is the only one worth the money. Also note the inclusion of their "High Speed Transfer Cable" if you order the boxed utility.

Also note the [Docs & Requirements] tab on the linked page. You can get the PDF docs to evaluate if this utility will do what you want.

FIREFOX - Possible Windows Error Dialog on Launch

This is about an occasional problem with the Firefox browser.

This problem happened to me after:

1. Upgrading from Firefox 6 to Firefox 7


2. Then after installing a new Add-on

I did some research on the Firefox Support Forum I found the solution.

The problem is getting a Windows error dialog when Firefox cold-launches using your [Favorites] menu. By "cold-lunch" I mean when Firefox is NOT already running.

(click for larger view)


I stress this is a Windows dialog that appears BEFORE Firefox opens.

This is the fix found on the support site and it does work:

Firefox Win Error Fix

Registry Editor (regedit)

CAUTION: Editing the registry incorrectly can damage your system. Do not attempt these steps if you are inexperienced or uncomfortable using the Registry Editor.

BEFORE making changes, from the tree hierarchy on left of REGEDIT, backup the "open" folder for EACH entry listed below by righ-clicking the folder and using [Export]. Save the result as the branch-name but change "\" to dashes.

NOTE: Make the changes in the order they appear on the tree. (order shown here)

Use the directory tree hierarchy to navigate to the following and DELETE the "ddeexec" registry key:

1. HKEY_CLASSES_ROOT\FirefoxHTML\shell\open\ddeexec


2. HKEY_CLASSES_ROOT\FirefoxURL\shell\open\ddeexec


3. HKEY_CLASSES_ROOT\HTTP\shell\open\ddeexec


4. HKEY_CLASSES_ROOT\HTTPS\shell\open\ddeexec

After making the changes and closing the Registry Editor, Log Off then Log On.

Now use your [Favorites] menu to launch a site. The Windows error dialog should not appear.

Note that others have had this problem, and why it happens is not known.

WINXP - Make Icons Display Quicker

In Windows XP every time you open My Computer to browse folders XP automatically searches for network files and printers. This causes a delay in displaying your icons. This also applies to your [Start] Favorites menu.

You probably see the "default" windows icon and as you scroll it changes to the correct icon. This is how to stop that...

1. Open My Computer


2. Click on the Tools menu and select Folder Options


3. Under Folder Options, select the View tab


4. Uncheck the very first box that reads "Automatically search for network folders and printers"


5. Click [Apply] or [OK]

You should see a dramatic increase in speed when Windows displays your icons.

NOTE: I've tested this on 2 WinXP desktops and it works.

WINXP - Changing Registry Entries

This article is about changing Registry entries, especially using filename.reg downloaded from WEB sites.

First, the WARNINGS:

1. If it ain't broke, don't fix it DEFIANTLY applies to the Registry


2. If you are NOT technically-incline, DO NOT DO THIS


3. Do NOT trust downloaded filename.reg files, open them in NOTEPAD FIRST and see what they change


4. Make a backup of the Registry Branch from the tree (left-pane) BEFORE executing the REG-file, using the [Export] option, and assign a unique filename (see example below)


5. Only AFTER you have a backup of the Registry Branch being changed, execute the filename.reg


6. Backing up the Registry Branch also applies to any manual changes you make

EXAMPLE file disablerefresh.reg:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"NoNetCrawling"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer]
"Max Cached Icons"="12000"

The Registry Branches that should be backed-up in from example file above, are (see example screenshot)

• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\


• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer

(click for better view)

CYBERSECURITY - Internet WEB Threat

"Hacker Rattles Security Circles" by SOMINI SENGUPTA, New York Times 9/11/2011

Excerpt

He claims to be 21 years old, a student of software engineering in Tehran who reveres Ayatollah Ali Khamenei and despises dissidents in his country.

He sneaked into the computer systems of a security firm on the outskirts of Amsterdam. He created fake credentials that could allow someone to snoop on Internet connections that appeared to be secure. He then shared that bounty with people he declines to name.

The fruits of his labor are believed to have been used to tap into the online communications of as many as 300,000 unsuspecting Iranians this summer. What’s more, he punched a hole in an online security mechanism that is trusted by millions of Internet users all over the world.

Comodohacker, as he calls himself, insists he acted on his own and is unperturbed by the notion that his work may have been used to spy on antigovernment compatriots.

“I’m totally independent,” he said in an e-mail exchange with The New York Times. “I just share my findings with some people in Iran. They are free to do anything they want with my findings and things I share with them, but I’m not responsible.”

In the annals of Internet attacks, this is likely to go down as a moment of reckoning. For activists, it shows the downside of using online tools to organize: an opponent with enough determination and resources just might find a way to track their every move.

It also calls into question the reliability of a basic system of trust that global Internet brands like Google and Facebook, along with their users, rely upon. The system is intended to verify the authenticity of a particular Web site — to ensure, in effect, that Gmail is Gmail, and that the connection to the site is encrypted and difficult for an outsider to monitor.

Hundreds of companies and government authorities around the world, including in the United States and China, have the power to issue the digital certificates that the system relies upon to verify a site’s identity. The same hacker is believed to be responsible for attacks on three such companies.

In March, he claimed credit for a breach of Comodo, in Italy. In late August came the attack on the Dutch company DigiNotar. On Friday evening, a company called GlobalSign said it had detected an intrusion into its Web site, but not into more confidential systems.

Armed with certificates stolen from companies like these, someone with control over an Internet service provider, like the Iranian authorities, could trick Internet users into thinking they were safely connected to a familiar site, while eavesdropping on their online activity.

Fearing the prospect of other breaches similar to those carried out by this hacker, Mozilla, the maker of the Firefox Web browser, last week issued a warning to certificate authority companies to audit their security systems or risk being booted off Firefox.

“It is a real example of a weakness in security infrastructure that many people assumed was trustworthy,” said Richard Bejtlich, the chief security officer of Mandiant Security in Alexandria, Va. “It’s a reminder that it is only as trustworthy as the companies that make up the system. There are bound to be some that can’t protect their infrastructure, and you have results like this.”

SOFTWARE - Linux Ubuntu on IBM Mainframes?

"Mainframe Ubuntu Linux?" by Steven J. Vaughan-Nichols, ZDNet 9/7/2011

When you think of “Ubuntu Linux,” you probably think of the community Linux distribution and the Linux desktop. That’s great, but Canonical, Ubuntu’s parent company, also wants you to think of Ubuntu as a server and cloud operating system platform. To that end, Canonical has been working with IBM to get Ubuntu certified on IBM’s high-end System P Power hardware line and System z mainframes.

Yes, that’s right little Ubuntu Linux may soon be certified and running on top-of-the-line IBM enterprise hardware. Before this, Canonical worked successfully with IBM on bringing Ubuntu certifications for IBM’s x86-powered System x and BladeCenter lines.

Officially, all Canonical has to say is “Our company policy is that we don’t comment on any rumors that might be circulating. We’ll of course keep you well informed of any news that comes out of Canonical.” Away from public relations though I’m hearing that Canonical and IBM have working hard on expanding Ubuntu’s reach on IBM hardware.

If all goes well, Ubuntu will be officially supported on System p within the month and it will be certified on the Z mainframes by year’s end. This is happening because Canonical is working hard on increasing its business market share. While Ubuntu is arguably the single most popular Linux distribution with individuals, it’s always lagged behind most Red Hat and SUSE, formerly Novell, in business. Canonical wants to change that.

In order to do that, Canonical has been improving its partnerships with Original Equipment Manufacturers (OEMs); major server companies such as Dell, and its enterprise customers. This next step into high-end business computing with IBM makes perfect sense in pursuing this strategy.

As for IBM? Linux has been very, very good for IBM over the last decade and they’re getting to like Ubuntu. Historically, IBM has allied with Red Hat and Novell/SUSE. But, as IBM’s VP of Open Systems Development, Dan Frye told me recently, IBM is operating system and Linux agnostic. IBM will support what its customers want, and so, it appears to me, that IBM’s customers must now be asking for Ubuntu. Sometime soon it looks like they’ll be getting it.

This could be a very big win for the Linux world.