An excellent resource and video of the Blogging freedom advocacy campaign that is being undertaken by GlobalVoicesOnline.
During the last six months, since the launch of Global Voices Advocacy, we have been trying to cover the increasingly serious threats to online speech occurring around the globe and the efforts to combat them. We’ve documented the arrest and detention of scores of bloggers and online authors and highlighted several anti-censorship campaigns, reports of Internet censorship, blocked blogs and websites. Our coverage so far has included stories on 25 nations, as well as exclusive interviews with activists and bloggers focused on free speech issues, in addition to an in-depth survey of online censorship cases that rarely receive media attention.
Global Voices Advocacy Update .
A quick guide to sending SMTP email with Google. This is a handy little trick. You can even use a non gmail.com account.
The GMail SMTP server. Luckily, I could setup my Evolution Client on my Linux box within no time, to use and send mail via the GMail SMTP server.
Using TLS means your emails to google are encrypted too, after they go from google as its email they are in clear text, but that is the nature of email. It does mean that anyone sniffing your traffic on an unencrypted or WEP encrypted access point will see nothing but gibberish.
Using Gmail SMTP to send email – a quick guide .
To kick off I must say I love this quote from New Internationalist.
When you turn on your computer, you’re making a political statement. If, like most people, your computer boots Microsoft Windows, the statement you’re making is that transnational corporations should control access to the most powerful public media that ever existed.
New Internationalist Magazine Nov. 2006
The Free Software foundation has gotten together with some large environmental groups aiming to promote free software and reduce the amount of waste that is going to be generated by people upgrading to Vista.
There are literally millions of computers that are going to be thrown out so that people can run the new version of Windows Microsoft Vista.
I signed on to the letter and so should you. While I am careful about recommending throwing away Windows without planning and an understanding of what you are doing. For the majority of computer users throughout the world an Open Source desktop solution is a viable alternative.
Ubuntu Linux goes from strength to strength. If users want desktop candy like the new Vista (which is about all I can that has been added to the operating system) then you can even get that using open source solutions. So there is no excuse.
Explore the alternatives! And while you are at it. Sign the letter.
Read the letter
It is good to see that the UN has seen this as a prank rather than an act of “cyber terrorism”. To often these simple attacks are suddenly blown up by the media into some kind of terrorist act and suddenly teenagers are spending 20 years in jail for defacing a website.
Not that I condone website defacements, I just think these things should be kept in perspective.
A simple SQL injection allowed the text on the front page of the UN.org to be alerted. SQL injection is a common web application attack that has been known about for years but still websites are being defaced and accessed through these holes. Other risks associated with SQL injection include the downloading of database data. Many websites customer list or credit card database have been gathered by this method.
Ironcove.net’s new partner organisation HackerTarget.com is able to do basic sql injection testing against websites along with full host scans using Nessus Vulnerability analysis scanner.
At the Web site M0sted.org, there is a list of websites that have been hacked by this group other than the UN. Sites such as Harvard and other universities, Norfolk and Norwich University Hospital in the United Kingdom, and some international Web outposts of Michelin, Toyota and Nestle.
“Hacked By kerem125 M0sted and Gsy That is CyberProtest Hey Ysrail and Usa dont kill children and other people Peace for ever No war” was the line repeating itself over and over on the affected pages, according to published reports and screenshots taken by bloggers. The perpetrators appear to have used a well-known and highly preventable technique called SQL injection, which takes advantage of flawed database programming to activate malicious lines of code.
Hackers apparently exploited security holes in the SQL code at the U.N. secretary-general’s main Web site over the weekend. (Credit: Giorgio Maone, hackademix.net)
The defacements, which affected the front page of the secretary-general’s site and pages containing statements by the secretary-general and press conference summaries, occurred sometime early Sunday morning, UN spokesman Alex Cerniglia told CNET News.com on Monday. The sites were “cleaned up” by about 9 a.m. PST on Sunday, he said.
Hacked UN Website Article at News.com .
It has happened to us all. The boss is unconvinced and wants an antivirus (or other solution) that comes in a shiny box with all that “quality” technical support and a well laid out manual. Here is another tool in your arsenal to convince the boss that a shiny box is not always a better product.
For the second year running ClamAV is up there at number 1. Yes ClamAV is open source and free. No ClamAV does not come in a shiny box.
The “winners” in last night’s contest were Linux tools from Kaspersky and Symantec, and the open source Clam AV. All three tools caught 100 percent of the viruses they encountered. FProt and Sophos caught 94 percent; McAfee caught 89 percent; and GlobalHauri, Fortinet, and SonicWall caught 61 percent.
One product, WatchGuard’s Linux AV tool, caught fewer than 6 percent of the viruses sent to it. “We’re not exactly sure what the problem with WatchGuard is,” says Morris. “The test was set up the same way for all of the vendors.”
Antivirus Tools Underperform When Tested in LinuxWorld ‘Fight Club’ – Host security News Analysis – Dark Reading
Attacks Prompt Update for Tor Anonymity Network
One of the best-known and free services for helping Internet users maintain their anonymity online – a network known simply as “Tor” — suffered an attack this past week that may have exposed the identities of thousands of users. The good news, however, is that the vulnerability in Tor that permitted the attack is now plugged with a software patch.
Security Fix – Brian Krebs on Computer and Internet Security – washingtonpost.com
