"Ubuntu is a Linux distribution that starts with the breadth of Debian and adds regular releases (every six months), a clear focus on the user and usability (it should "Just Work", TM) and a commitment to security updates with 18 months of support for every release. Ubuntu ships with the latest Gnome release as well as a selection of server and desktop software that makes for a comfortable desktop experience off a single installation CD."

Ubuntu Linux's "Hoary Hedgehog" version (5.04) has been released. You can download it or order CDs for free.

Also, for those of you that like KDE better, Kubuntu 5.04 also was released. "The Kubuntu project aims to be to KDE what Ubuntu is to Gnome: a great integrated distro with all the great features of Ubuntu, but based on the KDE desktop."

Here are some screenshots of Ubuntu Linux 5.04 and of Kubuntu Linux 5.04 from OSDir.com

Iron geek has released a series of videos that demonstrate how to operate basic programs such as, cain&abel, nmap, basic war driving, and more.

Here are their Hacking tutorials

Here is their nmap video.

Firefox A slew of firefox and mozilla vulnerabilities were made public yesterday and today.

According to PDF document found on MIT's web server and backed by Bruce Schneier, credible evidence has been presented that the hash algorithm called SHA-1 has been broken. A collision search attack found by a trio of Chinese researchers makes breaking the algorithm much easier. Previously a brute force attack would take about 2**80 operations to complete while with this new attack only 2**69 operations are required. This doesn't necessarily the algorithm is completely unusable because it would still take a normal PC (Intel, AMD, ect..) system many months to successfully pull of this attack on only a single hash. But this does mean that governments and organizations with incredibly resources and deep pockets can have supercomputers break hashes at a much quicker rate.

See Schneier on Security for more information.

Anyone see anything wrong with this ebay auction?

"After performing hundreds of web security assessments you're bound to encounter many frighteningly insecure websites. Websites so badly protected you could literally make off with the credit card numbers in a way reminiscent of the movie Gone in Sixty Seconds. On the other hand there are many websites frustratingly impervious to attack. What I'll describe below are the subtle variations between the security "haves" and "have-nots". Using the age old "80/20 rule", we'll look at a few techniques anyone can use to decrease the risk of their website being hacked. And to make it really easy you won't have to alter a single line of code! But before jumping too far ahead lets first discuss the 80/20 rule."

More of this article

WARNING: This document is FOR OFFICIAL USE ONLY. It contains information that may be exempt from public release under the Freedom of Information Act (5 U.S.C. 552). This document is to be controlled, handled, transmitted, distributed, and disposed of in accordance with DHS policy relating to FOUO information and is not to be released to the public or other personnel who do not have a valid “need-to-know” without prior approval of the Homeland Security Operations Center Senior Watch Officer (HSOC SWO) at (202) 282-8101. Where appropriate, U.S. person identities have been removed. Should your agency have a requirement for particular U.S. person identity information, contact the HSOC SWO.

I have done quite a bit of public speaking on issues of privacy, some politics, and technology (mostly as it involves electronic civil liberties, privacy and the like). If it wasn't for a handful of site - my work would be rather difficult. I've always gotten a kick out of "The Smoking Gun", "F$Cked Company" and the like. Of Course there's The EFF, EPIC and Privacy.org - to name a few.

In that context - enter one of my absolute favorites - www.cryptome.org - been reading this site for a long time. Truly shows what independent individuals can do with this rich media (even though, we usually aren't classified as media, though our reporting tends to be more truth than the evening news). John Young, the guy that runs the site, came across some interesting info he just couldn't pass up. Those lovely "Top Secret" Homeland Security morning briefings (I wonder if these are what was included in the so calld "Threat Matrix").

I highly recommend you give them a read, they are truly interesting. The even have pictures. However, I also would advise you to make a copy of the page (I have it in pdf) just in case the site gets shut down - or the files are forced to be removed offline. They are a true eye opener - especially if you are at all like me and realize we have far too many issues on our own border.

The link to the page with the Homeland Security Operations Morning Brief is below:

cryptome.org

Happy reading..... and remember to make them copies - if the info gets pulled of of Cryptome - we can always flood the internet with copies of the information.

I know I'm not the only one..... but sheesh - this is downright annoying.

We all know that Micro$oft has released their awaited patch last week. Took a couple updates for me to be complete (though, I waited a few days to see if there was any major fallout).

Much to my dismay, not only was there not a major IE flaw fix, but neither is the Microsoft Windows DRM flaw.

In this day and age when Micro$oft says sites like this that discuss the problems are irresponsible - I say hogwash. Isn't it more irresponsible for one of the largest corporations in the world to not fix known problems and make their paying customers feel that they are safe?

Seems the feds want to kill their prime intrusion tool "Carnivore". This was THE tool the feds said they must have to keep track of terrorists and such. They made ISP's bend to their whim at their expense - and look - now they killed the program.

Didn't last long, did it? Seems they are going to use commercially available software to do the same job - guess I'm a sceptic here.

There is an article at CNN.

Researchers of Biotechnology and Biological Sciences Research Council have recently made a fascinating discovery. They’ve found that human cells in the body activate certain genes by means of a communication system similar to Morse code.

See the BBSRC for more info.