Softpedia Linux Weekly, Issue 45

The weekly newsletter for Linux users.

By Marius Nestor on May 18th, 2009 13:20 GMT
Welcome to the 45th issue of Softpedia Linux Weekly!

This week's editorial talks a little about the virus threats on Linux/UNIX systems. In the Linux distribution announcement section you will find the following releases: Slack Mini Server 1.4.3, Zenwalk Live 6.0, Sabily 9.04, SystemRescueCd 1.2.0, Ubuntu 9.10 Alpha 1. In other news: Ubuntu One: the free Online storage service from Canonical; Transmission 1.61 plugs CSRF hole in Ubuntu 9.04. For this week we have also prepared a nice tutorial that will teach you how to fix the VirtualBox USB support. The weekly ends with the video clip of the week, the latest Linux distributions released/updated last week and the development releases.

dots


Summary:
dots
EditorialEditorial: Virus Threats on Linux? - by Daniel Pop-Silaghi

· In the top 3 things people bring upfront when trying to convert others to Linux, security is always there. Windows users who want a reliable system have to download and install an AntiVirus application minutes after logging into their fresh system. Still, that only ensures a minimal level of protection; anti-spywares, anti-malwares and firewalls are next on the menu. If you don't consider pricing a problem, the resource-consumption at least should bother you.

On the other hand, Linux users are mostly careless about this kind of problems. Though there are some virus scanning applications and firewalls out there for Linux too, they are rarely used. Still, as you probably all agree, there is no perfectly secure operating system and Linux's growing popularity is bound to bring some unwanted attention that could breach its otherwise superior security.

Last week, quite a nasty exploit was discovered in the most popular open-source BitTorrent client, Transmission, an exploit that could allow the attacker to do as much as overwriting the victims' home directory. Now, in a recent post, Sergey Golovanov, virus analyst at Kaspersky Lab, documents two new threats that can affect both Linux and FreeBSD systems. One of them, Trojan-Mailfinder.Perl.Hnc.a, as named by the Kaspersky team, is a Perl script that, once infiltrated, connects to a server from where it downloads text and a mailing list for SPAM-sending purposes. The other, Trojan-Dropper.Linux.Prl.a, decrypts the script and feeds it to a Perl interpreter. The Kaspersky team detected said malware on servers that were already infected with another trojan: Trojan-Downloader.JS.Iframe.auy, which is used to redirect visitors to a site that can trick users into downloading disguised malware to their computers. The SPAM-sending website also advertises a bogus paid-for malware-removal application (the Windows-only MalwareDoc+).

"At the moment we know of around 1000 cases of sites infected with Trojan-Downloader.JS.Iframe.auy. There are also several hundred servers infected with Trojan-Mailfinder.Perl.Hnc.a and Trojan-Dropper.Linux.Prl.a, which are actively spreading spam. The days of *nix systems not being targeted by malware writers are long gone. In my view, admins need to wake up; they should be on top of all of today’s threats, rather than letting their systems – and worse, visitors to their sites – get infected." ended Sergey Golovanov.

It's true; relying on just the widespread idea of the perfectly secure Linux system is plain wrong, especially if you administrate websites accessible to the public. And while infections may not directly affect your machines, they surely can affect those who visit your hosted pages.

However, Linux desktop users should have a lot less to worry about these threats at the moment. Why? Because most attacks are known to only target Linux servers. For example, though victims are redirected and tricked into downloading the malicious MalwareDoc+ from an infected Linux server, the application in question is Windows-only. Plus, the main advantage of open source is the ever-watchful community that can quickly engage in solving various holes that can occur in programs.

dots

Linux distributions announced last week:
Slack Mini ServerOn May 10th, the Slack Mini Server (SMS) Project team announced the immediate availability of Slack Mini Server 1.4.3, a Slackware-based Linux distribution. An important change was made to the package format, now .txz (lzma), dramatically reducing the size of the distribution. The Slack Mini Server repository will continue to use the old .tgz format to prevent any compatibility conflicts.

Highlights of Slack Mini Server 1.4.3:

· The MailScanner was upgraded to version 4.76.24-3;
· ClamAV reached version 0.95.1;
· CUPS 1.3.10;
· Dovecot 1.1.14;
· Fetchmail 6.3.9;
· Postfix was upgraded to version 2.5.6;
· Applied a security fix for gnutls 2.6.2;
· Samba 3.3.4;
· Hylafax 5.2.9;
· Less was upgraded to version 418;
· The Webmin interface was updated to version 1.470;
· Udev was updated and is now at version 141;
· Tar 1.22;
· phpMyAdmin 3.1.4;
· phpLDAPAdmin 1.1.0.7;
· OpenLDAP 2.4.16;
· The Gutenprint 5.2.3 printer drivers were added;
· Foomatic Filters 4.0;
· At 3.1.10 and Xz 4.999.8 Beta;
· The default locale is now en_US.UTF-8;
· Wvdial 1.60 and Wvstreams 4.4.1;
· Pkgtools now support .txz packages;
· Lsof 4.78.
Review image
Slack Mini Server - Image courtesy of the SMS Team
Download Slack Mini Server 1.4.3 right now from Softpedia.

dots
ZenwalkOn May 12th, Pierrick Le Brun announced the immediate availability of the Zenwalk Linux 6.0 Live CD Edition. Being based on the standard version of the Zenwalk Linux distribution, the Live CD edition is actually a replica of the main edition, except for the fact that it can be run directly from the CD. Zenwalk Linux 6.0 Live CD also includes all the latest security updates and bugfixes that were released since the announcement for Zenwalk 6.0, back in March 2009.

Highlights of Zenwalk 6.0 Live CD:

· Improved boot speed;
· New artwork;
· Brand new control panel;
· Wired and Wi-Fi network manager;
· Desktop access system with the Gksu keyring;
· Implemented PAM authentication;
· Added Exaile music player;
· Gnumeric and Abiword were replaced by OpenOffice.org 3.0.1 (Calc, Draw, Writer, Impress);
· Enabled the BBC, YouTube and Jamendo plugin in Totem;
· Implemented the creation of DVD-Video discs in Brasero;
· Implemented "work offline" orphan dependencies support;
· Gtkam and Gqview were replaced by Gthumb, for importing and viewing digital images;
· Icedove comes with the Lightning PIM extension;
· International language support;
· Full programming environment.
Review image
Zenwalk 6.0 Live CD
Download Zenwalk 6.0 Live CD right now from Softpedia.

dots
SabilyAlso on May 12th, the Sabily Team announced the release of Sabily 9.04 "Taibah" (formerly Ubuntu Muslim Edition) in three versions: the small 935 MB ISO with the most important packages, a Full 1.4 GB one with multimedia support and educational software, and the full 2.8 GB version with locally installed Quran recitations.

Highlights of Sabily 9.04:

· Hijri Islamic Calendar through the new Hijra application;
· mus-haf Othman - a powerful, complete Quran Browser;
· New Usplash, GDM and Metacity themes, wallpaper, mouse cursor;
· Zekr 0.7.2, a great Quran study tool that can also play Quran recitations;
· The Thwab encyclopedia has now support for Shamela books;
· 100% Arabic-translated desktop;
· A large suite of various applications and pre-installed codecs for both entertainment and educational purposes;
· The WebScript frontend to the popular DansGuardian Web Content Filter for easy parental control;
· Two convenient prayer-time applications: Minbar and "Pray Times" Firefox add-on.
Review image
Sabily 9.04
Download Sabily 9.04 right now from Softpedia.

dots
SystemRescueCdAlso on May 12th, François Dupoux announced the immediate availability of the SystemRescueCd 1.2.0 Linux distribution. Big news comes with this version of the tiny Gentoo-based operating system for systems administration and data recovery, as it now has a new desktop environment, Xfce4, and it is powered by the just released Linux kernel 2.6.29.3.

Highlights of SystemRescueCd 1.2.0:

· Updated the standard Linux kernel packages to version 2.6.29.3;
· Updated the alternate Linux kernel packages to version 2.6.27.22;
· Support for the EXT4 and Reiser4 filesystems in Linux kernel 2.6.27.22;
· Support for the Btrfs filesystems in Linux kernel 2.6.29.3;
· Updated the Xorg Server to version 1.5.3;
· Replaced JWM with Xfce4, as the default desktop environment;
· Updated GParted to version 0.4.5 (with improved support for crypt-luks and dmraid);
· Updated FSArchiver to version 0.5.4;
· Updated TestDisk to version 6.11;
· Updated Photorec to version 6.11;
· Updated NTFS3G to version 2009.4.4;
· Updated GNU tar to version 1.22 (with LZMA support).
Review image
SystemRescueCd 1.2.0
Download SystemRescueCd 1.2.0 right now from Softpedia.

dots
UbuntuOn May 14th, Canonical announced the immediate availability of Ubuntu 9.10 Alpha 1, dubbed Karmic Koala, which is the first alpha version of what will become Ubuntu 9.10, in late October this year. As usual, we've downloaded a copy of it, and we intend to keep you up to date with the latest changes in the Ubuntu 9.10 development.

The kernel packages are at version 2.6.30-5.6, based on Linux kernel 2.6.30 RC5, and OpenOffice.org was updated to version 3.1.0. In Ubuntu 9.10, HAL (the Hardware Abstraction Layer) will be replaced by the new DeviceKit-power and udev-extras, for power management and Fn key maps on laptops. Last but not least, in order to repair the "Intel issues" from Ubuntu 9.04, the Intel video driver will be switched from the old (but stable) EXA acceleration method to the new (still in development) UXA acceleration method. Oh, and EXT3 is still the default filesystem and GCC 4.4 is now the default compiler.
Review image
Ubuntu 9.10 Alpha 1
Download Ubuntu 9.10 Alpha 1 right now from Softpedia. Remember that this is an alpha release and it should not be installed on production machines. It is intended to be used for testing purposes only.

dots

ZenwalkOn May 15th, the Foresight Linux Project team announced the immediate availability of a new version of their Linux distribution. Foresight Linux 2.1.1, coming three months after the 2.1.0 release, brings notable changes, including the latest GNOME desktop environment and a new Linux kernel.

The GNOME 2.26 desktop environment brings improvements in areas like file sharing, multi-monitor setups and support for fingerprint-reading devices. Foresight Linux 2.1.1 also features a new notification area providing new ways of interacting with various system messages. Pidgin, Gwibber and Banshee are only some of the applications that will take advantage of this notification framework (called notify-osd). The Linux kernel used in this release is version 2.6.29; thus, Foresight 2.1.1 now supports WiMAX and includes new wireless drivers, like the Ralink rt2860/70 one.
Review image
Foresight Linux 2.1.1
Download Foresight Linux 2.1.1 right now from Softpedia.

dots
Other NewsOther News:

· Canonical has just announced on May 12th a new "cloud" service for all users: Ubuntu One starts today as an invitation-based Beta. There are two storage options momentarily: a free 2GB account and a $10/month 10 GB one. If you are familiar with services like Dropbox, Ubuntu One apparently does the same job. Read more about it here.

dots

· As you all know, Canonical's popular Ubuntu Linux distribution ships with Transmission as the default BitTorrent client. One of the newest features of Transmission is a web-based interface, accessible from your Internet browser. And though there aren't many users interested in or aware of this alternative way of managing torrents, it is enabled by default in Transmission's preferences. Unfortunately, a pretty serious vulnerability in this new feature affects all Transmission versions prior to the just released 1.61. Read more about it here.

dots
Tutorial of the WeekTutorial of the Week: How to Fix VirtualBox USB Support

· It is actually a known fact that there is an issue with VirtualBox and the attached USB devices that many of us are trying to use in the virtual machine. Here is a real-life example:

I am a 100% Linux user and I have a photo printer that Linux can't recognize. Let's say that I want to print some photos quickly, to give them to someone. I have a Windows installation in a virtual machine just for this reason (sad, I know) and I want to access my printer, which is connected via a USB port. To my surprise, I can see the printer in the USB device list of VirtualBox, but I can't access it (very frustrating). Firing up Firefox and searching on Google for a fix takes too long, because there are many old tutorials that teach you how to modify various files or change permissions, etc. What to do?
Review image
VirtualBox 2.2.2 with active USB support
Read the full tutorial here.

dots
Video Clip of the WeekVideo Clip of the Week: Ubuntu Netbook Remix 9.04 on EeePC 1000H

· For this week we've found a nice video clip that showcases the boot times of Ubuntu Netbook Remix 9.04 on the ASUS EeePC 1000H netbook. The video has 1:32 minutes and it was posted by omnistegan. Enjoy!



Download from SoftpediaNew Distributions:

· Zorin OS 1.0 Beta
· MONOMAXOS 2009v2


Download from SoftpediaDistributions Updated Last Week:

· Ubuntu Rescue Remix 9.04
· Ultimate Edition 2.1
· VicidialNOW 1.2
· R.I.P. 8.6
· Syllable 0.6.6


Download from SoftpediaDevelopment Releases:

· Clonezilla LiveCD 1.2.2-13
· Frugalware Linux 1.1 Pre 1
· Baltix 4.0 RC2
· Kubuntu 9.10 Alpha 1
· Ubuntu Server 9.10 Alpha 1
· Xubuntu 9.10 Alpha 1
· Ubuntu Netbook Remix 9.10 Alpha 1
· Elive E17 Compiz 1.9.27
· Tiny Core Linux 2.0 RC2


See you again next Monday, May 25th, for another issue of Softpedia Linux Weekly.

The Softpedia Linux Editorial Team.
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

2 Comments