Joshua Ebarvia has a point about security practices in the June 2009 Letters section, and I'm disappointed with the response. I think LM could do more to decrease the confusion among non-experts in this matter. Please consider the following questions:
"There has not yet been a single widespread Linux malware threat of the type that Windows software currently faces." (Wikipedia). Then, why do I see almost daily a warning to upload security patches?
Security precaution depends on the kind of computer work. To be specific, is it wise to shut down Internet connection when working as root? Or working with WINE? What is needed to be sure that financial transactions are secure, in particular when using wireless connection?
Looking at the flickering LEDs of my Internet adapter (modem) I get the impression that I'm out of control of data traffic. Most Window users long ago gave up to be in control of their PC, but Linux should not have to be so passive. Why can I not start a program that tells me what kind of data go in and out and enables me to stop unwanted traffic? Of course this interrupts computer work and should be used only to take test samples.
We take security seriously, and we try to cover it often. Recent issues of our magazine have discussed topics such as firewalls, encryption, intrusion detection, and one-time passwords. Our February 2009 issue included an article on some best practices for wireless connections. Although we offer lots of useful information for beginners, a magazine by nature is not structured like a HowTo document or an online Help page. If you are new to Linux, you might occasionally need to do some background reading to understand the underlying concepts. The INFO box included with many of our articles can help find resources.
Although Linux is well protected against viruses, worms, and other forms of the file and email threats known as malware, Linux systems are still vulnerable to network attack. The problems addressed in security updates typically relate to vulnerabilities in legitimate software, as opposed to malware programs, which are designed with the specific intent of breaking in or doing damage.
Several tools exist for controlling and monitoring network traffic, and those are exactly the kinds of tools we like to talk about. They do, however, tend to be advanced applications for experienced users. For instance, last month we had articles on the Portsmith authenticating firewall and the OSSEC intrusion detection tool.
The first issue of our new sister publication, Ubuntu User, is on newsstands now and includes an extensive Discovery Guide section for beginning users. Although the discussion focuses on Ubuntu, many of the topics discussed in the Discovery Guide are also applicable to other Linux systems.
Linux for Business
I'm starting up a business in maintenance services for industries and commercial buildings and I want to use state-of-the-art information technology based on Linux. But I have some questions that will help me decide whether I go for Linux or the other thing.
First, I depend on a few programs like SAP financial, an asset monitoring system named Datastream, and my maintenance technicians must use mini laptops in the field to make reports that are sent to base. All these applications are Windows based. Are there substitutes, or can I work with these applications in a Linux environment?
Robert van den Burg
Vendor D-Wave scores big with a sale to NASA's Quantum Intelligence Lab.
Many package updates and Steam integration highlight the latest from the Mandriva-based community Linux.
Richard Stallman calls for the W3C to remain independent of vendor interests.
The new release supports nine architectures, 73 human languages, and zero non-Free components.
Fedora developers release the first alpha version of Fedora 19, known as Schrödinger’s Cat, for general testing. The final release is expected in July 2013.
ack is a grep-like, command-line tool that has been optimized for programmers to search large trees of source code.
New features in SUSE Studio 1.3 include enhanced cloud integration, VM platform support, and lifecycle management.
The Linux Foundation recently announced that the Xen Project is becoming a Linux Foundation Collaborative Project.
Open source version of LiveCode is now available for developing apps, games, and utilities for all major platforms.
OpenDaylight is an open source software-defined networking project committed to furthering adoption of SDN and accelerating innovation in a vendor-neutral and open environment.