Ubuntu 9.10 (Karmic Koala) on Aspire One Mini Review

As posted earlier, today was the release of Ubuntu 9.10 (Karmic Koala), you really have to love the release names they come up with :)

So I downloaded the Remix version because I run Ubuntu on my Acer Aspire One 110, and its just a little more user friendly that a standard desktop gui. For reference I did a fresh install, and not an upgrade from the 9.04 I was running.

So the download and install onto USB stick was a doddle with the packaged USB Creator, then about 15 mins and the install was good to go.

So first impressions, well in the past getting things to work first time with the Aspire One can be a little difficult. Like the wireless doesn’t always work, or the led doesn’t flash, or the sound is no good, or the camera doesn’t work, you get the idea. Well I am pleased to say I had no issues, touch wood everything works as you would expect. The SD card reader doesn’t work in real time, and requires a reboot but that’s always been the case. So everything is working, and I have to say it seems to boot faster to.

Favorites

So on start up with have the Remix interface we expect, with some slight colour and theme changes. The interface is as intuitive as ever, and somehow seems abit slicker. The motion seems improved and I can move between the different areas very easily. I did an update check, and as expected its all up to date. I know its only been out two minutes, but you never know :D

Firefox

Next I thought I would fire up Firefox, and I am happy to see 3.5.3 is pre-installed (I know 3.5.4 has just been released, but we will let them off there). Everything works as expected, things seem pretty slick. I still get a few minor HDD pauses from the Solid State Drive on my 110 but, this is a feature :)

Cloud1

Cloud2

What new OS wouldn’t be complete with its own bit of Cloud :) So 9.10 comes with a link to Ubuntu ONE, I don’t know all the details about this offering, I think its something to do with Amazon’s cloud offering. Regardless, this is just a quick link from within Ubuntu to allow you backup, sync and share your data easily. I might look into this at some point as you can get 2GB for free :D We like free.

SoftwareCent1

Next I thought I would take a quick look at the Ubuntu Software Centre. This is basically a simple interface to manage and install all your applications. I guess this is to make it easier than using the old package manager.

SofwareCent2

So here we are, all very simple and easy to understand. I popped Pidgin at this point, and it was found and installed without issue.

System

Just a quick look at my Ones spec info, lovingly named Betty :)

I appreciate this isn’t an in depth review, but I think you can normally tell if your going to have any issues early. I think its a certainly an improvement in appearance and performance compared to the previous version I was running. I have not tried out the standard desktop version yet, but everything seems straight forward and easy to use. I really do think Ubuntu is a real alternative to Windows for anyone, not just the hardcore IT Unix guru’s.

I hope this mini review was of little help to those considering going with 9.10, especially those of you who are Netbook users.

October 29, 2009 | Tags: , , , | 3 Comments »

Rogue Security Software Report by Symantec

I think most people are becoming more and more familiar with the so called “Rogue Security Software” , if not an good example that has been popular this year was the AV program AntivirusXP. A user will download a product like this looking for some free AntiVirus software, or perhaps via a popup telling the user they have an infection. This software then gets on the machine and claims your machine is in really bad shape, but for a few quid all can be put right.

Needless to say, apparently the developers of this type of software are duping a fair amount of users into coughing up some cash, and making potentially some serious money. I personally have not had any time to do some serious investigation into this, but I was recently given a copy of Symantec’s research into Rogue Security Software, good timing huh :)

In total, Symantec has detected over 250 distinct rogue security software programs.    During the period
of this report, from July 1, 2008, to June 30, 2009, Symantec received reports of 43 million rogue security
software installation attempts from those 250 distinct samples. Of the top 50 most reported rogue
security software programs that were analyzed for this report, 38 of the programs were detected prior to
July 1, 2008. The continued prevalence of these programs emphasizes the ongoing threat they pose to
potential victims despite efforts to shut them down and raise public awareness.

I found this report really interesting, some of the findings I wouldn’t say are surprising to me, but it really does confirm that the general users still has a long way to go in even basic security education.

Some of the highlights for me that I thought was interesting, is just how many installation attempts were detected, I mean 43 million isn’t a small number by any standards, and then when you look at the possible payout per installation you can see why this is a worthwhile exercise to these guys. They obviously also spend a lot of time and effort to ensure that their products are highly ranked in search engines to further guarantee a successful hit, if only I could work out such good SEO :)

Symantec have also come up with some interesting stats on the possible financial impact to victims of this software, ranging from $30 – $100. I guess these depends on how badly there system was supposedly infected. As usual the US and UK were most impacted (we don’t do to bad for a small island do we), but its interesting to read affiliate networks have been setup to sell this stuff on. I guess it makes sense, I wonder how many of the affiliate networks are non voluntary.

Symantec-Region-Rogue-Stats

Symantec-Cost-Rogue

I recommend you spare the few mins to have a read of this 14 page report, and perhaps share it with those you know who have fallen victim to this (I know a few who have more than once:( ).

If you would like to take a read of this report, you can down it here in pdf.

| Tags: , | No Comments »

Ubuntu 9.10 (Karmic Koala) Available Now. Bonza mate :D

The new Ubuntu 9.10 Karmic Koala is now available to download.

If your a Ubuntu Remix User also visit here for a download.

Here is what apparently new in Karmic Koala:

1. Brand new wallpapers

2. New brown login screen

3.  New themes and updated icons

4.  Xsplash

5. Ubuntu Software Center

6. Empathy

7. Ubuntu one

8. Ubuntu Enterprise Cloud

9. Linux kernel 2.6.31

10. New Intel video driver

11. Hal deprecation

12. Ext4 by default

13. GRUB 2 by default

14. Firefox 3.5

15. gnome 2.28

16. AppArmor

17. New font vewer/installer

18. Gdm 2.28

| Tags: , , | No Comments »

Google, Bing, Twitter Mashup.. Social Networking / Engineering Heaven

So if for some reason you are naive enough to think that your mindless twittering is somehow private, this should really make you think again.

It has been recently announced that both Microsoft’s Bing and Google search engines will now be featuring tweets in its search results, with Bing also having something going on with Facebook.

From the Google blog:

“Given this new type of information and its value to search, we are very excited to announce that we have reached an agreement with Twitter to include their updates in our search results. We believe that our search results and user experience will greatly benefit from the inclusion of this up-to-the-minute data, and we look forward to having a product that showcases how tweets can make search better in the coming months. That way, the next time you search for something that can be aided by a real-time observation, say, snow conditions at your favorite ski resort, you’ll find tweets from other users who are there and sharing the latest and greatest information.”

So what does this mean to you? Well it means every time your tweet to the world you have had a bathroom break, or that your going on holiday, or your not at home, or your goldfish has died, the whole world will see this in their search results in Google and Bing.

Something to be mindful of perhaps?? Remember, there is no privacy on the Interwebs.

October 28, 2009 | Tags: , , , , | 2 Comments »

HD Moore and Metasploit go to Rapid7

This is most likely not breaking news to anyone in the InfoSec community, as it came out last week. However I thought it might be of interest to those who live under a rock and have yet to hear.

So its true, HD Moore and Metasploit have been acquired by Rapid7. Oh no I hear you cry, bye bye to the awesomeness of opensource Metasploit. Well apparently not (and I hope its true), its my understanding that Metasploit will continue to have the Opensource side of the project we know and love. I am not sure how much of a reflection this will have to the Rapid7 NeXpose offering that they are looking to enhance with this acquisition, I am sure time will tell.

Personally, HD Moore has always come across as a great guy, and I wish him all the best to him and his family, and any of the other guys that are fortunate enough to be involved. Of course I also have a selfish side, so I do home we continue to be able to benefit from opensource Metasploit, and it continues to grow and develop.

October 21, 2009

I’m extremely pleased to announce Rapid7′s acquisition of Metasploit, the leading open source penetration testing framework and world’s largest database of public, tested exploits. We believe the acquisition deepens our leadership as the leading provider of vulnerability management, compliance and penetration testing solutions and will provide great value for our customers and partners.

As a result of the acquisition, we will leverage Metasploit technology to enhance our vulnerability management solution, Rapid7 NeXposeTM. At the same time we will not only maintain, but accelerate the open source framework Metasploit with dedicated resources and contributions. I’m also pleased to announce that HD Moore, the founder of Metasploit, will be joining Rapid7 full-time as Chief Architect of Metasploit and Chief Security Officer of Rapid7.

Mike Tuchen,
President & CEO, Rapid7

| Tags: , , , | No Comments »

UK Government still looking to disconnect the so called “Net Pirates”

According to the BBC News Website today, the UK Government are on the disconnect net pirates band wagon again.

People who persistently download illegal content will be cut off from the net, Business Secretary Peter Mandelson has announced.

Speaking at a government-sponsored forum he said the UK would introduce a similar policy to France.

It means persistent pirates will be sent two warning letters before facing disconnection from the network.

This really is going to lead to no end of problems, and this has been echoed recently by the ISP Talk Talk in recent weeks.
Its going to be difficult to clearly identify (without extreme costs, forensic investigation and more) if the actual ISP customer is responsible for the infringement on downloaded material they shouldn’t, be that audio, video or other.

To me it makes the assumption that all UK consumers are security savvy, and the products they purchase and use are configured securely. As you can see from one of my previous posts on wardriving, so many Wireless Access Points are not secure, or use weak easily hackable security controls. So with this in mind many people could be stealing the bandwidth from these consumers, and getting up to all sorts. People may argue that its the consumers responsibility to protect their Internet connection, and your probably correct, however in reality we know this isn’t currently the case. I think there may be some interesting court cases if this goes ahead.

Its also worth considering what this actually means to the ISPs. Surely its going to require investment and resource for them to monitor, track and act on this possible new legislation. Will this be paid for by the Government (tax payer), or will the ISPs need to look to pass this cost onto its customers. Either way its most probably Joe Public will end up paying.

I apologies for being cynical, but surely this time could be spent resolving another problem. Oh well :D

| Tags: , , , , | No Comments »
« Older Entries