No edit summary |
No edit summary |
||
| Line 6: | Line 6: | ||
Contributing Writer: [[JoshBressers]] | Contributing Writer: [[JoshBressers]] | ||
=== | === Malicious Activity grows in 2008 === | ||
2008 Saw a surge in malicious code activity <ref>http://www.net-security.org/secworld.php?id=7311</ref> | |||
This is a disturbing trend, and for the underground, this is easy money. The threat will continue to grow until either the money dries up (unlikely) or the difficulty of exploiting this is greater than the potential gain. Right now it looks like the trend will continue for several years. | |||
=== | === Who in the Linux world would be responsible for a worm === | ||
The | Last week OSNews asked a rather interesting, but easily answered question: | ||
OSNews Asks: Who'd Be Responsible for a Linux Conficker? <ref>http://www.osnews.com/story/21312/OSNews_Asks_Who_d_Be_Responsible_for_a_Linux_Conficker_</ref> | |||
The world of Open Source security is mostly a process that happens behind the scenes, but is quite effective. There is a wiki called OSS-Security <ref>http://oss-security.openwall.org/wiki/</ref> that provides a number of links to various groups. In the event of something like a worm, the vast majority of the effort would end up happening on the Vendor Security (vendor-sec<ref>http://oss-security.openwall.org/wiki/mailing-lists/vendor-sec</ref>) mailing list. This is a group of trusted Open Source distributors that communicate in private in an effort to keep the end users of Open Source software secure. To date this group has been working out quite well, and the members are very used to solving security flaws in a cooperative manner. In the event of a widespread Linux worm, there would be many tired people, and quite a lot of vendor-sec emails. | |||
<references/> | <references/> | ||
Revision as of 19:40, 19 April 2009
Security Week
In this section, we highlight the security stories from the week in Fedora.
Contributing Writer: JoshBressers
Malicious Activity grows in 2008
2008 Saw a surge in malicious code activity [1] This is a disturbing trend, and for the underground, this is easy money. The threat will continue to grow until either the money dries up (unlikely) or the difficulty of exploiting this is greater than the potential gain. Right now it looks like the trend will continue for several years.
Who in the Linux world would be responsible for a worm
Last week OSNews asked a rather interesting, but easily answered question: OSNews Asks: Who'd Be Responsible for a Linux Conficker? [2] The world of Open Source security is mostly a process that happens behind the scenes, but is quite effective. There is a wiki called OSS-Security [3] that provides a number of links to various groups. In the event of something like a worm, the vast majority of the effort would end up happening on the Vendor Security (vendor-sec[4]) mailing list. This is a group of trusted Open Source distributors that communicate in private in an effort to keep the end users of Open Source software secure. To date this group has been working out quite well, and the members are very used to solving security flaws in a cooperative manner. In the event of a widespread Linux worm, there would be many tired people, and quite a lot of vendor-sec emails.