chooko - Slashdot User

Which Linux For Non-Techie Windows Users? 766

Posted by Soulskill on Saturday February 20, 2010 @02:23PM from the first-one's-free dept.

obarthelemy writes "Having at last gotten Linux to run satisfactorily on my own PCs, I'd now like to start transitioning friends and family from XP to Linux instead of Windows 7. The catch is that these guys don't understand or care much about computers, so the transition has to be as seamless and painless as possible. Actually, they won't care for new things; even the upcoming upgrade to Windows 7 would be a pain and a bother, which is a great opportunity for Linux. I'm not too concerned about software (most of them only need browser, IM, VLC, mail and a Powerpoint viewer for all those fascinating attachments). What I'm concerned about is OS look-and-feel and interface — system bar on the bottom with clock, trash, info on the right, menu on the left, menu items similar to those of Windows. Is it better to shoot for a very targeted distro? Which would you recommend? Are there themes/skins for mainstream distributions instead? I've been looking around the web, and it's hard to gauge which distros are well-done and reasonably active."

Keep SSH Sessions Active, Or Reconnect? 307

Posted by timothy on Thursday February 04, 2010 @07:23PM from the lock-your-door-or-carry-your-lunch dept.

borjonx writes "Is it safer to log out of an SSH session, and re-establish it later, or just keep the connection open? Like many of you, I use OpenSSH to connect to my Slackware Linux boxes remotely from Linux and WinXP (putty.exe) clients. At home and at work, I wonder if it would be safer to just leave the connection open (my clients are physically secured, the servers limit connections with hosts.allow). Is it more secure to re-establish the connection over an insecure link (big bad internet) where people can sniff that handshaking, or is it more secure to just remain connected? I connect 1 to 4 times per day, most days."

Comment Re: (Score 1) 1019

by chooko on Sunday December 13, 2009 @03:13PM (#30424206) Attached to: Music While Programming?

I read the following fact somewhere I don't remember: Music with lyrics (words) will lessen short-time memory, so I recommend to use musics with soft rhythms and instrumental of course...

Ethics of Releasing Non-Malicious Linux Malware? 600

Posted by kdawson on Monday November 30, 2009 @10:39PM from the what-would-schneier-do dept.

buchner.johannes writes "I was fed up with the general consensus that Linux is oh-so-secure and has no malware. After a week of work, I finished a package of malware for Unix/Linux. Its whole purpose is to help white-hat hackers point out that a Linux system can be turned into a botnet client by simply downloading BOINC and attaching it to a user account to help scientific projects. The malware does not exploit any security holes, only loose security configurations and mindless execution of unverified downloads. I tested it to be injected by a PHP script (even circumventing safe mode), so that the Web server runs it; I even got a proxy server that injects it into shell scripts and makefiles in tarballs on the fly, and adds onto Windows executables for execution in Wine. If executed by the user, the malware can persist itself in cron, bashrc and other files. The aim of the exercise was to provide a payload so security people can 'pwn' systems to show security holes, without doing harm (such as deleting files or disrupting normal operation). But now I am unsure of whether it is ethically OK to release this toolkit, which, by ripping out the BOINC payload and putting in something really evil, could be turned into proper Linux malware. On the one hand, the way it persists itself in autostart is really nasty, and that is not really a security hole that can be fixed. On the other hand, such a script can be written by anyone else too, and it would be useful to show people why you need SELinux on a server, and why verifying the source of downloads (checksums through trusted channels) is necessary. Technically, it is a nice piece, but should I release it? I don't want to turn the Linux desktop into Windows, hence I'm slightly leaning towards not releasing it. What does your ethics say about releasing such grayware?"

Slashdot Top Deals