This Month's News
Banking Botnets Are Worse Than Ever
Financial institutions continue to face threats from banking botnets built using trojan-style Internet attacks. The new activity occurs in spite of some recent successes with discovering and eliminating criminal botnets. According to a new report from Dell SecureWorks, users should not feel confident that the recent discoveries of the Ramnit, Shylock, and Gameover ZeuS botnets indicate a safer Internet. Several other forms of botnets are still prevalent, led by the Citadel trojan, which reportedly attacked 1,170 unique targets. The report says, "New threats arise with emerging technologies, and attacks on mobile banking platforms and advances in bypassing standard authentication mechanisms evolved in 2014."
More than 90% of the trojans were aimed at US financial institutions, but the 10% aimed at the rest of the world was still enough to cause some significant losses. More that 1,400 institutions around the world reported attacks from banking trojans.
The Register offers a concise summary of the SecureWorks report on banking botnets. You can download the full report from the SecureWorks site. Be ready to provide some demographic information.
Debian Project Releases Debian 8 "Jessie"
The Debian Project has announced the arrival of Debian 8 "Jessie." The latest release of the great free distro was two years in development. The team pledges to maintain this version for five years.
The vast Debian project includes more than 20,000 packages and supports a total of 10 architectures, including the usual Intel equivalents, as well as MIPS, IBM S/390, 32-bit ARM, and even the new ARM64/AArch64 architecture.
The change that has received the most attention is the presence of systemd as the default init system. The Debian project says systemd will provide "many exciting features, such as faster boot times, cgroups for services, and the possibility of isolating part of the services." The move to systemd was controversial, however, with many old guard Unix and Linux veterans preferring the classic SysVinit system and suspecting that commercial vendors like Canonical influenced the switch. (The SysVinit system is still available for Debian 8 – it just isn't the default option.)
The Debian package repositories contain all the popular Linux deskops, as well as user applications, network server applications, and development tools. Installation images are available for CD, DVD, USB stick, Blu-ray, and network installation. Debian also provides a pre-built image designed for the OpenStack cloud. Debian 7 users can upgrade to Debian 8 using the apt-get package management tool.
Debian isn't as much in the public eye as it used to be, but the massive project is still extremely influential as a background distro that forms the basis for several popular Linux alternatives. Ubuntu, Knoppix, Mint, and many other Linux distributions are based on Debian.
Linux Kernel Turns Over
Linux godfather Linus Torvalds has announced the availability of Linux kernel 4.0. Kernel watchers have known this new "major" release has been on the way, so the announcement was no surprise. For many products and projects, a new major version number is timed to mark major feature enhancements, but Linus downplayed the significance of change from the 3.X to 4.X series, stating "… we've had much bigger changes in other versions."
Torvalds has been quoted in the past as saying Linux would need to roll over to a new major version before getting past 3.20 because he wanted to be able to count the minor release numbers on his fingers and toes. Perhaps more to the point, he says he is "… personally so much happier with time-based releases than the bad old days when we had feature-based releases." According to the announcement, 4.0 does not come with a trove of experimental new features but is a very stable release.
One new feature that has drawn some excitement from the Linux community is the new live kernel patching infrastructure.
The Linux Foundation and the Internet Security Research Group (ISRG) have announced a new project aimed at promoting encryption on the Internet. The new service, known as "Let's Encrypt," is described as "… a free, automated and open security certificate authority for the public's benefit. Let's Encrypt allows website owners to obtain security certificates within minutes, enabling a safer web experience for all."
Despite advances in encryption and intrusion prevention, security problems continue to plague the Internet. Experts have long advocated universal encryption as a best-practice technique for minimizing attacks. The Let's Encrypt project is intended to make it easier for webmasters to install and maintain encryption. According to ISRG executive director Josh Aas, "Encryption should be the default for the web. The web is a complicated place these days; it is difficult for consumers to be in control of their data. The only reliable strategy for making sure that everyone's private data and information is protected while in transit over the web is to encrypt everything. Let's Encrypt simplifies this."
The founders of the Let's Encrypt project believe one reason website encryption is not universal is that conventional certificate authority services are too complicated, and often too expensive, to be an option for smaller websites. Let's Encrypt will provide certificates for free, and it will simplify the configuration at the web server so that a couple of easy commands are all that is necessary to implement encryption.
According to the project website, Let's Encrypt will be available to the public in mid-2015.
« Previous 1 2 3 4 Next »
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
AlmaLinux Unveils New Hardware Certification Process
The AlmaLinux Hardware Certification Program run by the Certification Special Interest Group (SIG) aims to ensure seamless compatibility between AlmaLinux and a wide range of hardware configurations.
-
Wind River Introduces eLxr Pro Linux Solution
eLxr Pro offers an end-to-end Linux solution backed by expert commercial support.
-
Juno Tab 3 Launches with Ubuntu 24.04
Anyone looking for a full-blown Linux tablet need look no further. Juno has released the Tab 3.
-
New KDE Slimbook Plasma Available for Preorder
Powered by an AMD Ryzen CPU, the latest KDE Slimbook laptop is powerful enough for local AI tasks.
-
Rhino Linux Announces Latest "Quick Update"
If you prefer your Linux distribution to be of the rolling type, Rhino Linux delivers a beautiful and reliable experience.
-
Plasma Desktop Will Soon Ask for Donations
The next iteration of Plasma has reached the soft feature freeze for the 6.2 version and includes a feature that could be divisive.
-
Linux Market Share Hits New High
For the first time, the Linux market share has reached a new high for desktops, and the trend looks like it will continue.
-
LibreOffice 24.8 Delivers New Features
LibreOffice is often considered the de facto standard office suite for the Linux operating system.
-
Deepin 23 Offers Wayland Support and New AI Tool
Deepin has been considered one of the most beautiful desktop operating systems for a long time and the arrival of version 23 has bolstered that reputation.
-
CachyOS Adds Support for System76's COSMIC Desktop
The August 2024 release of CachyOS includes support for the COSMIC desktop as well as some important bits for video.