Because of all of SCO's bad press lately with this Linux lawsuit, they decided it'd be a good idea to go on a city-to-city tour to meet with vendors and customers to update them on their roadmap, answer questions, etc.
One Linux supporter (I'm sure there will be many others) showed up at a recent stop for the inside scoop. You can read the full story here, but here's a personal favorite quote:
The other reason the roadmap was entertaining? I now know how retro SCOs OSes are. Riotous, riotous stuff. How they had the ya-yas to declare Linux an infant OS in need of their IP is beyond me. Upcoming features? PAM. files larger than 2 gigs. NFS over TCP. The 80's called, they want their features back. NTPv4 was a listed big feature on a slide of 10 to 15 upcoming enhancements. How does an NTP enhancement get mentioned as a 'big' feature? Wow. I never knew it was this bad. Maybe I should lend my old 486 running Debian from '97 to Pizza Hut - it sounds like they could use the upgrade.
A DoS vulnerability exists in all versions of OpenSSL prior to 0.9.6k and 0.9.7c. Upgrading as soon as possible is recommended. Read the full advisory for more information.
Also, on an unrelated note, two recent vulnerabilities in OpenSSH were discovered. This is a couple weeks old now, but definitely important enough to mention here. Short story: upgrade to OpenSSH 3.7.1p2 ASAP. For more information, read the original advisory, as well as the newer portable advisory.
Yeah, baby! Been waiting for this for a long time, and it definitely hasn't disappointed. Grab it while it's hot!
For those not up to speed on this story, last week Dan Greer (CTO of security consultant @stake) and several others released a report entitled "Cyber Insecurity: The Cost of a Monopoly," in which they discussed the security issues related to Microsoft's market dominance (actual report can be found on the CCIA homepage).
Surprisingly, Greer was fired from his position as CTO of @stake one day after releasing the report. Why? Although @stake denies any involvement, Microsoft is one of their largest customers. Hmm... piss off a client in legitimate research and get fired? Wonderful.
So now, one week later, Greer himself has finally been interviewed about this. You can read the full story here. Although it's nothing earth-shattering, it does sum up the incredulity of the whole situation. Definitely worth a read.
Here's an interesting new twist on the MS Anti-trust settlement. Basically, MS owes CA customers $1.1 billion dollars as repayment for their uncompetitive practices. Not one to miss an opportunity, Lindows.com CEO Michael Robertson setup MSfreePC.comwhere "eligible consumers who act quickly can receive their share of the $1.1 billion settlement." See the site for additional details.
MS, however, did not take kindly to this, and sent a cease-and-desist letter threatening legal action. Michael Robertson has just replied with his own press release, and while I'm not personally a fan of Lindows, this is a very worthwhile read. It very nicely sums up many of the "issues."
Yes, I've been lazy about updating the site. Lots going on lately. Got a couple new items for you today, though, beginning with ...
China is about to begin studying the source code for Microsoft Windows. This is part of an effort to verify the security of the platform, as well as ensure that there are no "backdoors" into the OS for any U.S. agencies to exploit.
Now, I'm all for security, but am I the only one that feels this is a bad idea? Considering that Windows (unfortunately) runs ~90% of our nation's computers, do we really want the Chinese government to have full access to the source code? Especially when our own government does not? Especially when during the antitrust trials Microsoft said themselves that the source code cannot be released for the sake of national security?
Hmm... Could it be that maybe they care more about making sales than our own national security? Nooo, not MS. With programs like Microsoft's Government Security Program, which includesmore than 30 "countries, territories, and organizations (though no mention of the U.S.)," how could one even think it?
Read the full story here.
A new review has been posted for the Zaurus SL-C750. This PDA (as are all C-7xx PDAs) is only available in Japan through Sharp, but the folks at Dynamism.com have translated the OS and applications into English, provide lifetime warranty, etc.
This is a detailed and very favorable review of the device (actually, all reviews I've read have been quite favorable, but some others tended to be a bit more reserved), and is well well worth the read if you're currently considering a new PDA.
Here's the full review.